urlscan.io logo urlscan.io
SecurityTrails logo

access-excel.tips Open in urlscan Pro
2a05:d014:776:a63e:931e:6ac2:944b:f27e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cdn-0.access-excel.tips/
Effective URL: https://access-excel.tips/
Submission: On May 03 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 74 IPs in 7 countries across 70 domains to perform 429 HTTP transactions. The main IP is 2a05:d014:776:a63e:931e:6ac2:944b:f27e, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is access-excel.tips.
TLS certificate: Issued by R3 on April 2nd 2023. Valid for: 3 months.
This is the only time access-excel.tips was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35 2606:4700:303... 13335 (CLOUDFLAR...)
62 2a05:d014:776... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2 2.23.209.59 20940 (AKAMAI-ASN1)
6 2a00:1450:400... 15169 (GOOGLE)
4 2620:116:800d... 16509 (AMAZON-02)
1 2600:9000:212... 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
3 65.9.90.93 16509 (AMAZON-02)
1 108.138.4.150 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 3.214.165.89 14618 (AMAZON-AES)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 141.95.98.64 16276 (OVH)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 172.217.18.6 15169 (GOOGLE)
3 162.19.138.116 16276 (OVH)
2 130.211.23.194 15169 (GOOGLE)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
52 2a00:1450:400... 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
1 7 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 65.9.95.19 16509 (AMAZON-02)
1 2600:9000:212... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a02:2638:d::2 44788 (ASN-CRITE...)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
13 2a00:1450:400... 15169 (GOOGLE)
1 54.77.31.84 16509 (AMAZON-02)
2 35.190.39.111 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 151.101.2.49 54113 (FASTLY)
11 42 216.58.212.162 15169 (GOOGLE)
1 34.96.105.8 396982 (GOOGLE-CL...)
4 6 185.80.39.216 27381 (CASALE-MEDIA)
2 72.34.250.75 27630 (AS-XFERNET)
3 174.137.133.49 27257 (WEBAIR-IN...)
2 2 185.89.210.122 29990 (ASN-APPNEX)
1 2 2a02:2638:d::d 44788 (ASN-CRITE...)
1 178.250.7.13 44788 (ASN-CRITE...)
3 35.244.159.8 15169 (GOOGLE)
1 5 104.18.33.52 13335 (CLOUDFLAR...)
2 2a02:26f0:6c0... ()
4 8 54.171.94.43 16509 (AMAZON-02)
1 3 185.83.142.19 29990 (ASN-APPNEX)
1 4 104.102.35.84 16625 (AKAMAI-AS)
3 4 185.94.180.125 35220 (SPOTX-AMS)
2 2 3.71.149.231 16509 (AMAZON-02)
1 2 95.101.54.106 ()
2 185.86.138.153 ()
16 2a00:1450:400... ()
2 4 2001:678:cb4:... ()
2 2 3.120.88.196 ()
2 2 37.157.3.30 ()
3 3 185.64.189.115 ()
2 2 2.19.228.18 ()
1 3.71.167.37 ()
2 2 18.213.43.223 ()
1 1 2a05:d018:d29... ()
4 4 76.223.111.18 ()
1 1 52.45.175.185 ()
6 142.250.186.162 ()
10 2600:9000:212... ()
17 2600:1f18:1ac... ()
2 34.149.12.213 ()
1 2600:9000:212... ()
2 35.71.131.137 ()
2 2 63.35.200.177 ()
1 1 20.127.253.7 ()
1 1 2620:1ec:21::14 ()
1 1 164.92.213.94 ()
1 1 2600:9000:211... ()
1 185.86.138.151 ()
2 2606:4700:20:... ()
6 2602:803:c003... ()
1 51.89.9.252 ()
1 2a02:2638:d::a ()
1 185.255.84.150 ()
5 52.28.203.152 ()
1 34.107.148.139 ()
1 185.64.189.112 ()
429 74
35    2606:4700:3034::6815:3efe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-0.access-excel.tips
62    2a05:d014:776:a63e:931e:6ac2:944b:f27e (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
access-excel.tips
3    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2606:4700:e2::ac40:8817 (United States)

ASN13335 (CLOUDFLARENET, US)
g.ezodn.com
basher.ezodn.com
go.ezodn.com
2    2.23.209.59 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-209-59.deploy.static.akamaitechnologies.com
img1.wsimg.com
img6.wsimg.com
6    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
4    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    2600:9000:2127:d600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
15    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    65.9.90.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-90-93.prg50.r.cloudfront.net
c.amazon-adsystem.com
1    108.138.4.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-150.fra56.r.cloudfront.net
aax.amazon-adsystem.com
8    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
3    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    3.214.165.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-165-89.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
2    2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
2    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
7    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
lb.eu-1-id5-sync.com
3    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
a.ad.gt
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net
ad.doubleclick.net
3    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
2    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2a02:26f0:480:d::210:f15c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
events.api.secureserver.net
52    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
28    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    65.9.95.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-19.prg50.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2127:3800:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
13    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    54.77.31.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-31-84.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
42    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
cm.g.doubleclick.net
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
6    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    72.34.250.75 (Los Angeles, United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
2    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
2    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
5    104.18.33.52 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
cd.connatix.com
cds.connatix.com
pl.connatix.com
2    2a02:26f0:6c00::210:ba29 (None, )

ASN- ()
cdn.doubleverify.com
8    54.171.94.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-94-43.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
3    185.83.142.19 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
4    104.102.35.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com
sync.teads.tv
4    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    95.101.54.106 (None, )

ASN- ()
ads.stickyadstv.com
2    185.86.138.153 (None, )

ASN- ()
rtb-csync.smartadserver.com
16    2a00:1450:4001:812::2006 (None, )

ASN- ()
s0.2mdn.net
4    2001:678:cb4:bbbb::11 (None, )

ASN- ()
ad.turn.com
r.turn.com
2    3.120.88.196 (None, )

ASN- ()
pm.w55c.net
2    37.157.3.30 (None, )

ASN- ()
c1.adform.net
3    185.64.189.115 (None, )

ASN- ()
image6.pubmatic.com
2    2.19.228.18 (None, )

ASN- ()
cs.media.net
1    3.71.167.37 (None, )

ASN- ()
match.sharethrough.com
2    18.213.43.223 (None, )

ASN- ()
fksnk.com
1    2a05:d018:d29:3602:99b7:871:83ab:7df8 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
4    76.223.111.18 (None, )

ASN- ()
eb2.3lift.com
1    52.45.175.185 (None, )

ASN- ()
im.bluevoox.com
6    142.250.186.162 (None, )

ASN- ()
googleads4.g.doubleclick.net
10    2600:9000:2127:8600:8:48e:53c0:93a1 (None, )

ASN- ()
static.adsafeprotected.com
17    2600:1f18:1aca:4280:841d:db90:f6f3:b6f2 (None, )

ASN- ()
dt.adsafeprotected.com
2    34.149.12.213 (None, )

ASN- ()
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
1    2600:9000:2127:7600:8:455e:4a00:93a1 (None, )

ASN- ()
cdn.besafe.global
2    35.71.131.137 (None, )

ASN- ()
match.adsrvr.org
2    63.35.200.177 (None, )

ASN- ()
match.360yield.com
1    20.127.253.7 (None, )

ASN- ()
sync.inmobi.com
1    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
1    164.92.213.94 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    2600:9000:211e:c600:1b:5138:8a40:93a1 (None, )

ASN- ()
s.ad.smaato.net
1    185.86.138.151 (None, )

ASN- ()
ssbsync.smartadserver.com
2    2606:4700:20::681a:9a9 (None, )

ASN- ()
script.4dex.io
6    2602:803:c003:200::31 (None, )

ASN- ()
fastlane.rubiconproject.com
1    51.89.9.252 (None, )

ASN- ()
onetag-sys.com
1    2a02:2638:d::a (None, )

ASN- ()
bidder.criteo.com
1    185.255.84.150 (None, )

ASN- ()
hb-api.omnitagjs.com
5    52.28.203.152 (None, )

ASN- ()
c2shb.ssp.yahoo.com
1    34.107.148.139 (None, )

ASN- ()
prebid.media.net
1    185.64.189.112 (None, )

ASN- ()
hbopenbid.pubmatic.com
Apex Domain
Subdomains		 Transfer
97 access-excel.tips
cdn-0.access-excel.tips
access-excel.tips
635 KB
87 googlesyndication.com
66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 94
tpc.googlesyndication.com — Cisco Umbrella Rank: 137
500 KB
76 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
ad.doubleclick.net — Cisco Umbrella Rank: 169
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads4.g.doubleclick.net
381 KB
35 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 917
static.adsafeprotected.com
dt.adsafeprotected.com
712 KB
16 2mdn.net
s0.2mdn.net
278 KB
10 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
2 KB
8 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 265
pr-bh.ybp.yahoo.com
c2shb.ssp.yahoo.com
8 KB
6 rubiconproject.com
fastlane.rubiconproject.com
34 KB
6 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 444
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 523
5 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
294 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
109 KB
5 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 2428
cd.connatix.com — Cisco Umbrella Rank: 2827
cds.connatix.com — Cisco Umbrella Rank: 2863
pl.connatix.com
277 KB
5 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 406
ib.adnxs.com — Cisco Umbrella Rank: 211
24 KB
5 openx.net
oajs.openx.net — Cisco Umbrella Rank: 2433
google-bidout-d.openx.net — Cisco Umbrella Rank: 2838
us-u.openx.net — Cisco Umbrella Rank: 439
1009 B
5 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 887
id5-sync.com — Cisco Umbrella Rank: 431
36 KB
5 ezodn.com
g.ezodn.com — Cisco Umbrella Rank: 10344
basher.ezodn.com — Cisco Umbrella Rank: 9235
go.ezodn.com — Cisco Umbrella Rank: 8989
204 KB
4 3lift.com
eb2.3lift.com
2 KB
4 pubmatic.com
image6.pubmatic.com
hbopenbid.pubmatic.com
2 KB
4 turn.com
ad.turn.com
r.turn.com
2 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 716
2 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1267
803 B
4 doubleverify.com
cdn.doubleverify.com
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
21 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 420
mug.criteo.com — Cisco Umbrella Rank: 2760
bidder.criteo.com
8 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 802
api.btloader.com — Cisco Umbrella Rank: 912
44 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 287
aax.amazon-adsystem.com — Cisco Umbrella Rank: 381
61 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1033
pixel.quantserve.com — Cisco Umbrella Rank: 799
cms.quantserve.com
10 KB
3 media.net
cs.media.net
prebid.media.net
3 KB
3 smartadserver.com
rtb-csync.smartadserver.com
ssbsync.smartadserver.com
401 B
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2947
a.ad.gt — Cisco Umbrella Rank: 2977
4 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 9108
818 B
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
3 KB
2 4dex.io
script.4dex.io
24 KB
2 360yield.com
match.360yield.com
808 B
2 adsrvr.org
match.adsrvr.org
529 B
2 fksnk.com
fksnk.com
1 KB
2 adform.net
c1.adform.net
1 KB
2 w55c.net
pm.w55c.net
2 KB
2 stickyadstv.com
ads.stickyadstv.com
1 KB
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 7966
466 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 855
822 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 773
s.tribalfusion.com — Cisco Umbrella Rank: 1977
1 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 3388
315 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1116
bcp.crwdcntrl.net — Cisco Umbrella Rank: 874
12 KB
2 secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 12369
584 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 889
1 KB
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 674
454 B
2 wsimg.com
img1.wsimg.com — Cisco Umbrella Rank: 8698
img6.wsimg.com — Cisco Umbrella Rank: 10653
12 KB
1 omnitagjs.com
hb-api.omnitagjs.com
1 KB
1 onetag-sys.com
onetag-sys.com
365 B
1 smaato.net
s.ad.smaato.net
444 B
1 bidtheatre.com
match.adsby.bidtheatre.com
552 B
1 linkedin.com
px.ads.linkedin.com
778 B
1 inmobi.com
sync.inmobi.com
711 B
1 besafe.global
cdn.besafe.global
37 KB
1 bluevoox.com
im.bluevoox.com
517 B
1 sharethrough.com
match.sharethrough.com
363 B
1 adkernel.com
dsp.adkernel.com
233 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1839
173 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 619
541 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 650
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2515
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 3332
2 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2983
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 346
1 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 969
404 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2475
10 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 920
633 B
0 socdm.com Failed
tg.socdm.com Failed
0 adingo.jp Failed
cc.adingo.jp Failed
0 appier.net Failed
a.c.appier.net Failed
429 70
Domain Requested by
62 access-excel.tips access-excel.tips
52 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
access-excel.tips
pagead2.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
42 cm.g.doubleclick.net 11 redirects 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
35 cdn-0.access-excel.tips 1 redirects access-excel.tips
cdn-0.access-excel.tips
28 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
access-excel.tips
66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
17 dt.adsafeprotected.com 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
16 s0.2mdn.net access-excel.tips
s0.2mdn.net
15 securepubads.g.doubleclick.net access-excel.tips
securepubads.g.doubleclick.net
12 googleads.g.doubleclick.net 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
pagead2.googlesyndication.com
10 static.adsafeprotected.com 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
fw.adsafeprotected.com
8 fw.adsafeprotected.com 4 redirects 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
access-excel.tips
7 www.google.com 1 redirects tpc.googlesyndication.com
access-excel.tips
66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
7 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 fastlane.rubiconproject.com go.ezodn.com
6 googleads4.g.doubleclick.net access-excel.tips
6 www.googletagservices.com access-excel.tips
66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
5 c2shb.ssp.yahoo.com go.ezodn.com
4 eb2.3lift.com 4 redirects
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 sync.teads.tv 1 redirects googleads.g.doubleclick.net
3 image6.pubmatic.com 3 redirects
3 ib.adnxs.com 1 redirects googleads.g.doubleclick.net
go.ezodn.com
3 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
3 ssum-sec.casalemedia.com 3 redirects
3 www.gstatic.com access-excel.tips
66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
3 id5-sync.com cdn.id5-sync.com
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
3 c.amazon-adsystem.com access-excel.tips
c.amazon-adsystem.com
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com access-excel.tips
66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
2 script.4dex.io go.ezodn.com
access-excel.tips
2 match.360yield.com 2 redirects
2 match.adsrvr.org 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
2 fksnk.com 2 redirects
2 cms.quantserve.com 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
2 cs.media.net 2 redirects
2 c1.adform.net 2 redirects
2 pm.w55c.net 2 redirects
2 r.turn.com 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 rtb-csync.smartadserver.com googleads.g.doubleclick.net
2 ads.stickyadstv.com 1 redirects googleads.g.doubleclick.net
2 ups.analytics.yahoo.com 2 redirects
2 us-u.openx.net googleads.g.doubleclick.net
2 cdn.doubleverify.com 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
cdn.doubleverify.com
2 cds.connatix.com cd.connatix.com
2 gum.criteo.com 1 redirects static.criteo.net
2 secure.adnxs.com 2 redirects
2 rtb2-useast.e-volution.ai 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
2 sync.go.sonobi.com 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
2 esp.rtbhouse.com access-excel.tips
2 oajs.openx.net 1 redirects
2 events.api.secureserver.net img1.wsimg.com
2 api.btloader.com access-excel.tips
btloader.com
2 ad-delivery.net access-excel.tips
2 id.hadron.ad.gt cdn.hadronid.net
2 cdn.id5-sync.com access-excel.tips
securepubads.g.doubleclick.net
2 btloader.com 1 redirects access-excel.tips
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 go.ezodn.com access-excel.tips
2 basher.ezodn.com access-excel.tips
1 hbopenbid.pubmatic.com go.ezodn.com
1 prebid.media.net go.ezodn.com
1 hb-api.omnitagjs.com go.ezodn.com
1 bidder.criteo.com go.ezodn.com
1 onetag-sys.com go.ezodn.com
1 ssbsync.smartadserver.com 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
1 s.ad.smaato.net 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 px.ads.linkedin.com 1 redirects
1 sync.inmobi.com 1 redirects
1 cdn.besafe.global 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
1 rtbc-eu3.doubleverify.com cdn.doubleverify.com
1 rtb0.doubleverify.com cdn.doubleverify.com
1 im.bluevoox.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 match.sharethrough.com 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
1 dsp.adkernel.com 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
1 pl.connatix.com cd.connatix.com
1 cd.connatix.com 1 redirects
1 capi.connatix.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 mug.criteo.com
1 tr.blismedia.com 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
1 sync-tm.everesttech.net 1 redirects
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 a.ad.gt cdn.hadronid.net
1 ad.doubleclick.net access-excel.tips
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 cdn.hadronid.net access-excel.tips
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 pixel.quantserve.com access-excel.tips
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com access-excel.tips
1 img6.wsimg.com access-excel.tips
1 img1.wsimg.com 1 redirects
1 g.ezodn.com access-excel.tips
0 tg.socdm.com Failed 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
0 cc.adingo.jp Failed 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
0 a.c.appier.net Failed 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
429 109

This site contains links to these domains. Also see Links.

Domain
www.ezoic.com
accesspressthemes.com
Subject Issuer Validity Valid
access-excel.tips
R3		 2023-04-02 -
2023-07-01		 3 months crt.sh
cdn-0.access-excel.tips
GTS CA 1P5		 2023-04-10 -
2023-07-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-04 -
2023-06-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
quantserve.com
R3		 2023-04-14 -
2023-07-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
*.hadronid.net
GTS CA 1P5		 2023-04-11 -
2023-07-10		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-04-14 -
2023-07-13		 3 months crt.sh
*.api.secureserver.net
Starfield Secure Certificate Authority - G2		 2022-08-05 -
2023-09-06		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-04-28 -
2023-07-28		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-02-25 -
2023-05-26		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-03-30 -
2023-06-28		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-03-20 -
2023-06-18		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-04-12 -
2023-07-11		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.e-volution.ai
Sectigo RSA Domain Validation Secure Server CA		 2022-09-29 -
2023-10-30		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2022-08-22 -
2023-09-23		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
teads.tv
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-09-04		 6 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-05-08		 2 months crt.sh
cdn.besafe.global
Amazon RSA 2048 M01		 2023-04-26 -
2024-05-24		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-12-27 -
2023-06-21		 6 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh

This page contains 38 frames:

Primary Page: https://access-excel.tips/
Frame ID: C5470B549B4213C342B71CC744ECDF60
Requests: 183 HTTP requests in this frame

Frame: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BA8080407D7B393235271719FF38BFAA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FE1E137DE9480FA74E7998C42E8655CC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FC2FB0D61862886359D0A0D2FD5E9C42
Requests: 2 HTTP requests in this frame

Frame: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FBCE9C2D91AB81F12A95704A60DEBBE6
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: D7535140CCEFD820B0D7BD00283E3F5B
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 90E4C242E65E0C3E2E94EB035BA6F2E2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 225ACC5D37C2AF911867C43A2708ECA4
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=access-excel.tips
Frame ID: 0D1CE30DB105D3CAC4FA308C4F2FC451
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
Frame ID: F9147E6D08C9F8A9E130A4E4EC333CEA
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: F3F0B255DFFA68E810304E7CE0444180
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/264617/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1
Frame ID: FFB1FB1BFE318A9C53486C55F9E3BCAC
Requests: 2 HTTP requests in this frame

Frame: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1CDCAF946145D238BAB09EEC46FE3F37
Requests: 17 HTTP requests in this frame

Frame: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EFB6FA3E6C79EC9A35D1DE54717B650F
Requests: 21 HTTP requests in this frame

Frame: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1A1F806B7E823A46ACDD3639B0B0485F
Requests: 21 HTTP requests in this frame

Frame: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 408CDD48376FD76940E210B153F54D17
Requests: 26 HTTP requests in this frame

Frame: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 56B697DCCD762BF0138948EE920E977E
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNV_cxC0MU2wuMwY3-GIdazrkoHw_0euBwAZ7skLczvA0EQlWRcfEqZpvqWukiiS2VCBQpWXxYQuRFyBZodhDamne29dDH94Df09xThtbriZhINLWnugLl8hPhyUpu-PqiMK3rCUevRyp8V8Awfv4YxOBmN4WeDIaDbh5EbJCn1xsDQR_FvHUSDiWuExY2t-H925PiwPm35ULknwxY7H0Ev7vJUVlQ
Frame ID: 9A537BE96905F3A8621C90B05F4BB90A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYm4Lo4gEwAQ&v=APEucNW2SLi2PqCWaqRrZfs17j36Zvr0O3Y3UtW5eHm9zbz9HJtu6GYRNZvKGtVZRTPfXqxlq0pTepzazsMWIlY3klpLok_ZPg9AP13_6F6s-DOFaFfBhwNjIZ_g5b9OSyXSu1zBiWmYXcxPUI2r6gdk0pRpfLqeFmnTSKDGerDgfMuPVVcYvoA-vB1B9yjTSo3AR8Msl4a9YXaJy0bAQd2If0SfSEEugg
Frame ID: 1278406C364CE756B9F7B3EFABB43415
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYm4Lo4gEwAQ&v=APEucNW9nCArdv4nanTf3W3NsdZFQMdx-VtXh1XJ5c6HCYkFuKYGGRFmlABDsg0vO7eVMOPtNkS1towfkrEHD5yvK8BHYS3ZurmCvrS3tJ0BEUbOUMlTGyYTQIg2iig1Q79FDE4gXlxWuB22UO5vcMbNYwBWueLHiLr3g0Kbch40ZLnVkZxR_Vgxznyu9BiPcFBe_MFPzUuUckP5ZFpxDmQgaENVU-8iiQ
Frame ID: F88067A89271D65BD4BFFFBDB282A7B9
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJa-_eICEIjrweQCGPOEt-UBMAE&v=APEucNUbJEog0ubSttIcmzKtvePQRzsvBc2umW5lvKGQJEZD-zdhfk3NGlpex5a76N83NZ8ZYtuWOOWvV1PALBKlCsZuoaYHKdrAZ7VKP9xDMh07cT_KqbnZBUfmXMunfcSdxddxSjb6xYlV2At4IuGV7qkrXAphemmOzigavQ6lBWIQHdmNatUa-aPu3a2JDJZ97s2KtK4z1eRPOJeT71v5VO0XSuop4Q
Frame ID: EE9F0472DE8537E225C647F28D6E55AE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJa-_eICEIjrweQCGL2Gt-UBMAE&v=APEucNVa8JWYxapmgrQiP1-KF6ad39yJBWG-J6xqDsc9MrB_dnyfusOJGZWDOdrf_e3f6V7UbZs9IXb2CUIe3TT1zFOWbhvH0KHEMKKJ7baNYEqagMIcspzdavw8-cnkEnFBBOCsiVb1UoZdqspbmiRxvzrve9Ikp-8LT-q6DRw7h_A8A8BOM4wbt9zG8rSLVmmOjU8DTkQ467F0OmrzDARdIDapKGL5zg
Frame ID: 98A683CF4711DC493C2ACADCC39E7C3C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 34A4ACEFC6AC3AEC24FE262D80824448
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ED8116B76FDCD521C2BD99A86EDAFB28
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0467015DDE93F822EB112807F08503A4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 953393293B657493A4AE640B41ED3EB0
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2C773957DDC94514623B0A94EBFF92FE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3C0CE6836FA72C92CDE9E70BE47CC2B9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C1EACFE99353172460B9646C4C7725AA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5060234458730202781/index.html?e=69&leftOffset=0&topOffset=0&c=XJyifWqi2h&t=1&renderingType=2&ev=01_247
Frame ID: D2CFD9598B9CECDFEC57260D2B6E05AD
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12798113095133070547/index.html?e=69&leftOffset=0&topOffset=0&c=VvCmDGE6G4&t=1&renderingType=2&ev=01_247
Frame ID: 86438C15B14C0D87B62305D7EABC25F4
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: E87142853A8A03DC085D36A01EE338C5
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C386616E36BC123B426418F9B7A448A0
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 784ECE653F54BA736BA60233C2446828
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: CE8123F434E80603A8CDCAF7E1A9F107
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 28773819BC11A951CDE13F16D52DF5FF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 831C70D54B85ECF86989114850091DD7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E8A48AF6E60C8FB5FD53D16D89DAAFE3
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Access-Excel.Tips - Provide Excel tutorials, tips and free VBA source code, including custom VBA Function, Sub Procedure

Page URL History Show full URLs

  1. http://cdn-0.access-excel.tips/ HTTP 301
    https://access-excel.tips/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

429
Requests

87 %
HTTPS

43 %
IPv6

70
Domains

109
Subdomains

74
IPs

7
Countries

3775 kB
Transfer

9782 kB
Size

53
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cdn-0.access-excel.tips/ HTTP 301
    https://access-excel.tips/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
  • https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
Request Chain 74
  • https://btloader.com/tag?aax_id=AAX65WOCF&upapi=true HTTP 302
  • https://btloader.com/tag?o=5112081056530432&upapi=true
Request Chain 143
  • https://oajs.openx.net/esp?url=https%3A%2F%2Faccess-excel.tips%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Faccess-excel.tips%2F&rid=esp&cc=1
Request Chain 149
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEK8gGliwWVBkyxGPZ9_7sRY&google_cver=1&google_push=ATf1kGMc_emq3_trsgQASjNhVHCoTwhjbBHEgbWXoY88xRSSFzVJkKfcuxIFXyLyZcQO7vDj-4JVvEWvDmwbPFTj3J8tX0JxBYs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMc_emq3_trsgQASjNhVHCoTwhjbBHEgbWXoY88xRSSFzVJkKfcuxIFXyLyZcQO7vDj-4JVvEWvDmwbPFTj3J8tX0JxBYs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK8gGliwWVBkyxGPZ9_7sRY&google_cver=1&google_push=ATf1kGMc_emq3_trsgQASjNhVHCoTwhjbBHEgbWXoY88xRSSFzVJkKfcuxIFXyLyZcQO7vDj-4JVvEWvDmwbPFTj3J8tX0JxBYs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMc_emq3_trsgQASjNhVHCoTwhjbBHEgbWXoY88xRSSFzVJkKfcuxIFXyLyZcQO7vDj-4JVvEWvDmwbPFTj3J8tX0JxBYs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 150
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDWvQvbMCMfkSXhEQKtc9PY&google_cver=1&google_push=ATf1kGN1QfUo1hswx73OVsKE-FwEHXkwfoOhNEeoLm4pu-PBg1tUR16Kh2koSfJKqtOslgbCd-TlL3H4TkabRBUA3lCzc7zvQQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDWvQvbMCMfkSXhEQKtc9PY&google_push=ATf1kGN1QfUo1hswx73OVsKE-FwEHXkwfoOhNEeoLm4pu-PBg1tUR16Kh2koSfJKqtOslgbCd-TlL3H4TkabRBUA3lCzc7zvQQ
Request Chain 152
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBPHjHBOoB5M-1ag8wW45Uw&google_cver=1&google_push=ATf1kGMpIn62PHhPWBuX6elsuea82TYeaCICHgQOzK5p2SdBaJKeoMQ5OL_UUXMH88oP5-d9CU8TA8JP0dAbnq8r5dYiDgHkvbo HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBPHjHBOoB5M-1ag8wW45Uw&google_push=ATf1kGMpIn62PHhPWBuX6elsuea82TYeaCICHgQOzK5p2SdBaJKeoMQ5OL_UUXMH88oP5-d9CU8TA8JP0dAbnq8r5dYiDgHkvbo&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBPHjHBOoB5M-1ag8wW45Uw&google_hm=ZFLkRsoLeJgLk4lPdSyTVQAACJsAAAIB&google_nid=index&google_push=ATf1kGMpIn62PHhPWBuX6elsuea82TYeaCICHgQOzK5p2SdBaJKeoMQ5OL_UUXMH88oP5-d9CU8TA8JP0dAbnq8r5dYiDgHkvbo
Request Chain 155
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENm_UnvCzr5Pc-p9f9jiLXo&google_cver=1&google_push=ATf1kGPekBcxaa5FRKmBoDFz5LrUX6b7zil1D1mv4V3zZPtxMuHMfZNhLlrvJNT-qb7gZe4zqUmU51sX31o8Zda03NKbfTeOsNGu HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESENm_UnvCzr5Pc-p9f9jiLXo%26google_cver%3D1%26google_push%3DATf1kGPekBcxaa5FRKmBoDFz5LrUX6b7zil1D1mv4V3zZPtxMuHMfZNhLlrvJNT-qb7gZe4zqUmU51sX31o8Zda03NKbfTeOsNGu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDU1Nzg1ODg3NTI4MTc4MjQ2&google_gid=CAESENm_UnvCzr5Pc-p9f9jiLXo&google_cver=1&google_push=ATf1kGPekBcxaa5FRKmBoDFz5LrUX6b7zil1D1mv4V3zZPtxMuHMfZNhLlrvJNT-qb7gZe4zqUmU51sX31o8Zda03NKbfTeOsNGu
Request Chain 158
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 159
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=access-excel.tips&sn=ChromeSyncframe&so=0&topUrl=access-excel.tips&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=LnTQMHwydHRXbEJYbCt6Y1FUMWVuWCt2N2pBc3g4NTA5R0NlakVkeVNIQTVuVXhZVDZkak9FbjFjelIzeFZGQmFjRG1Tc3VFRVMrWXJVUmxISzJFVktkaXJ4RmtpcmhpU1RuemYyb3U4VHRsS3FyeExzSjZaQURrZ3JvSnZsVmh1ZkhPVFZDbDVjaDZTaXRqSDdSOTluWjhxczBNMENMQkNoZktwc1BnWkZhMGZmNGZsZ2FXcHA2SVFxcjdRci85TWlIYktiYkZKbW5lSlRkSWUvbTNxQ3M3QnllSm83bmhCdGpqWFk0R3IwN1dXU3ZhemJjWU5SSFBPcG9aZlJDaWp4ZWFyRFZvQ2p6dmZXME45Vll2QXV1Ly83eEhuVjNNQnhJaEtKcmJtSGhVdmtscz18&cppv=2
Request Chain 163
  • https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882 HTTP 302
  • https://cds.connatix.com/p/264617/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1
Request Chain 237
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5tho3WpyuEiZFyvKT6F5w&google_cver=1
Request Chain 238
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFLkRsoLeJgLk4lPdSyTVQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5tho3WpyuEiZFyvKT6F5w&google_cver=1
Request Chain 239
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEI4_JyShuhbegRQT6QMERdc&google_cver=1
Request Chain 240
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU1Nzg1ODg3NTI4MTc4MjQ2
Request Chain 241
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELNBHjbgtrt780GRJDQNiYw&google_cver=1
Request Chain 243
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEHiGZlwseqwa98WVzgMtuAI&google_cver=1
Request Chain 248
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDS1TcgsLRTEkJoRH_o3q3M&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDS1TcgsLRTEkJoRH_o3q3M&google_cver=1&__user_check__=1&sync_id=59afdb5c-ea04-11ed-8fc3-1d21b9eb0106
Request Chain 249
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=59ae9c58-ea04-11ed-a124-156973b60506 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTlhZTliZjYtZWEwNC0xMWVkLWExMjQtMTU2OTczYjYwNTA2
Request Chain 250
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1tWTlhNHNoRTJ1R2NhVm43M016Mjh4eGQyTkxxU1dtVX5B
Request Chain 263
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEOtgqiwCMYVMqFJp_OoMs34&google_cver=1
Request Chain 264
  • https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmE4NTk0MTdiNzI5M2Y2M2RlY2ZjNjM1ZmE3NDM=&gdpr=0&gdpr_consent=
Request Chain 265
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOUOLCVPuenSGQiKF5KvOiI&google_cver=1
Request Chain 289
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEqK55G4tKxgDsqLua0H6os&google_cver=1&google_push=ATf1kGMSaaJvItwUS5leADvHedKL5bKuYjyLxWu2qtG5ZFxfHxwco2PHL4pmGAm_GrSIvexpfex9sW1XJDoZqMKv2BcPpupoACME HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzA5OTA1ODI0MzIzNTMzODM0OQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEqK55G4tKxgDsqLua0H6os&google_cver=1
Request Chain 290
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBdTw7y0u6iR72X1Em_y_Ac&google_cver=1&google_push=ATf1kGN65hUMcl0ITZl6N27zi5spsOV92JdBDQk5R2e2LwJkcEy90NlEGfCwtB1zzYTmuk5XZEJXe2PeOxX4UIZTAvQZorGpWPd37Q HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBdTw7y0u6iR72X1Em_y_Ac&google_cver=1&google_push=ATf1kGN65hUMcl0ITZl6N27zi5spsOV92JdBDQk5R2e2LwJkcEy90NlEGfCwtB1zzYTmuk5XZEJXe2PeOxX4UIZTAvQZorGpWPd37Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SU9ucTZEcDYxUFVsZjI1&google_gid=CAESEBdTw7y0u6iR72X1Em_y_Ac&google_cver=1&google_push=ATf1kGN65hUMcl0ITZl6N27zi5spsOV92JdBDQk5R2e2LwJkcEy90NlEGfCwtB1zzYTmuk5XZEJXe2PeOxX4UIZTAvQZorGpWPd37Q
Request Chain 291
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAYJ23h6U5A8aBRVZYaTvwk&google_cver=1&google_push=ATf1kGNqGcDbm16BATYiIwnL7oZpkyyKQdGlSnB9o1tJ8Q0FWnAiwq_tOjVQfNxAsTVi5KGHJTTt3d3cwPQHaIWDo0BxDNkmHA0t9g HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAYJ23h6U5A8aBRVZYaTvwk&google_cver=1&google_push=ATf1kGNqGcDbm16BATYiIwnL7oZpkyyKQdGlSnB9o1tJ8Q0FWnAiwq_tOjVQfNxAsTVi5KGHJTTt3d3cwPQHaIWDo0BxDNkmHA0t9g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTUzMjM4MDUzNTExMTg3OTIyMQ&google_push=ATf1kGNqGcDbm16BATYiIwnL7oZpkyyKQdGlSnB9o1tJ8Q0FWnAiwq_tOjVQfNxAsTVi5KGHJTTt3d3cwPQHaIWDo0BxDNkmHA0t9g
Request Chain 292
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEERsMERfE2_hBChLcW4qjLE&google_cver=1&google_push=ATf1kGMhlk81jKhQGPpeK-sz6GVig-MpyzeIJBQasT_whZWMTDABLETLFMOps4RbdKjjMLhQSLjuC3k3bS5IYtMvw_iA29g2NLXFhQ HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEERsMERfE2_hBChLcW4qjLE&google_cver=1&google_push=ATf1kGMhlk81jKhQGPpeK-sz6GVig-MpyzeIJBQasT_whZWMTDABLETLFMOps4RbdKjjMLhQSLjuC3k3bS5IYtMvw_iA29g2NLXFhQ&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TYK5MNS2QYqQiKDP_NB75w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMhlk81jKhQGPpeK-sz6GVig-MpyzeIJBQasT_whZWMTDABLETLFMOps4RbdKjjMLhQSLjuC3k3bS5IYtMvw_iA29g2NLXFhQ
Request Chain 294
  • https://cs.media.net/cksync?type=g&google_gid=CAESEK5tKrSXQkeDTKoFhtfJltA&google_cver=1&google_push=ATf1kGM3eTE6sRkg4ncBu97gIMXEefOlezXQN99c3xbLBXC1ili1iTS8cJ9aZFHgkvIioMPnHkbAIbXwqETQTGmkzYp6ggzugu-M2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI2MTU1NTkyODI4MDcyOTAwMFYxMA%3d%3d&mn_hm=MzI2MTU1NTkyODI4MDcyOTAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGM3eTE6sRkg4ncBu97gIMXEefOlezXQN99c3xbLBXC1ili1iTS8cJ9aZFHgkvIioMPnHkbAIbXwqETQTGmkzYp6ggzugu-M2g&gdpr=&gdpr_consent=
Request Chain 298
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEqK55G4tKxgDsqLua0H6os&google_cver=1&google_push=ATf1kGN5w9VTOeQo68-lsUK9b5jTk0PWb0Ij6jwKOZTIVNyBo-dGnURwk0yzzF6KP5qBw58jk2sHE_YuSvP6ltElvggK2jWsZkA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzE3MTExNTgzNzI3MzI2NjI4NQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEqK55G4tKxgDsqLua0H6os&google_cver=1
Request Chain 300
  • https://fksnk.com/cs/google?google_gid=CAESEMqwYuAD_513kEytrSYmPhA&google_cver=1&google_push=ATf1kGNBCX42uDPPfpweLd8sSW6en8vN81ia0cJxiB5NYQpSatlAwUX7cnWSw4TuK6ozKPeS9EVsMr0FCdfWltxWCPVcisTijxQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODc4NzY1OTYzMzlGQzRCRA==
Request Chain 301
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIr2HrQfTxogYgofaog8p68&google_cver=1&google_push=ATf1kGOT0L4slGuJDgrYWcqjlku7bYg6AaHNB982kFmHkovtV53rmCsetZE1jFSWzPEudhochK8xqhGwzi-lL6Frf8090wmal6g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOT0L4slGuJDgrYWcqjlku7bYg6AaHNB982kFmHkovtV53rmCsetZE1jFSWzPEudhochK8xqhGwzi-lL6Frf8090wmal6g&google_hm=eS1kcFZGUkpKRTJwRVgySDJpM1FIbDNzZkZfWDRyY1NBR35B
Request Chain 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBPHjHBOoB5M-1ag8wW45Uw&google_cver=1&google_push=ATf1kGOnynwDbsPgR0dQ6jyDVKUJnIjweTl6c9BzWR4Lv9QvFUcinMz4mVQbAnvEdlllSGk3a76sjtFoO8kzkUnrF_uwFcuPoQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBPHjHBOoB5M-1ag8wW45Uw&google_hm=ZFLkRsoLeJgLk4lPdSyTVQAACJsAAAIB&google_nid=index&google_push=ATf1kGOnynwDbsPgR0dQ6jyDVKUJnIjweTl6c9BzWR4Lv9QvFUcinMz4mVQbAnvEdlllSGk3a76sjtFoO8kzkUnrF_uwFcuPoQ
Request Chain 303
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEB-DQIdRYlMeoCTyF6vmU_E&google_cver=1&google_push=ATf1kGOVDJ42kARjG1kCblj2iGU8kcOZgyXRpy5mwpbbyX8AwWElUmrPJ6JYaYyI0HsgKklh3ybPEBLQlFES923Vn42DiGERWgM HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGOVDJ42kARjG1kCblj2iGU8kcOZgyXRpy5mwpbbyX8AwWElUmrPJ6JYaYyI0HsgKklh3ybPEBLQlFES923Vn42DiGERWgM&google_gid=CAESEB-DQIdRYlMeoCTyF6vmU_E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUxNzI1NTEyNTg4NzcyMjM5NTU5&google_push=ATf1kGOVDJ42kARjG1kCblj2iGU8kcOZgyXRpy5mwpbbyX8AwWElUmrPJ6JYaYyI0HsgKklh3ybPEBLQlFES923Vn42DiGERWgM
Request Chain 304
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEDSDlE3nzUeIX4mzWQCOECs&google_cver=1&google_push=ATf1kGPui8PNza40AqHXk4Ld_0yir9cGWo21BKlwpXUC7hj6sGSAhW_Z1DyUbM43L6iPHWVioGbznmoryvZ5oIXXodZXzwLWsLUt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGPui8PNza40AqHXk4Ld_0yir9cGWo21BKlwpXUC7hj6sGSAhW_Z1DyUbM43L6iPHWVioGbznmoryvZ5oIXXodZXzwLWsLUt&google_hm=QlMuZWY4My0zYmJmLTQ4ZmEtYTNhOQ==
Request Chain 315
  • https://fw.adsafeprotected.com/rfw/bgd/1352960/70224255/xbbe/creative/adj?p=APEucNWkcZqnkVmkesuUrqsTnH2tUrghoQk1-YLL4wGGgy8azDUzW5Q&d=CokBAKAmf-DmKtX3OD0QHjMBTh-__rzSeWyJPqPQ-ScQXdCA1twIHlZQfu7Bjr-1iAIP3FxAkoyR8NeiOM5TseN0oTL7gK9fSq-NUv8stjOWIxQquGR7Gg_bk8gEvaKQ8efRWiwAfh8egfb0z_A6ZTpBS2TwYO-JmlA0EGo9KEjFfiz9Wf8ztwdL5HoSyRQAoCZ_4HPO3_KVKocNWzJIZx2sBD7-iqTQ9cv8H3ECarxdLbQ4EyxYBIwOaw07ZEK3zqDBJfz4Ur8WKwIKgX3DnujgOsMMMkii0e15RyYT_khBQvUZweZfGCGjDB1XsdRxWw4vatEJk3vgBim0szoyoCxF61d_VQzhosLLUPuDWhjN7EPOIl_ZSqVxhWf-qIBWFqsGFkpF537n51VPRLZvWh81XafAupjP4tb0ww02KQIP1AGcWVIO3cpq7AfsEbw9PT7B3nLaslVk1VXZAGildYhiFasxBIWHiuNLbMrej2-JogTjukiVmx5tbr1mByadHZnUjZBr0ofmDgAvfnAu5PDm0YqYh-OhYpnoJtx8Qao7H0t3kJ4yqAGVeWED9gppMXG6YyjYZsFhqAI26evWhMVWtlNhQl59Rrgm2zafNLn7t2wHezl9IaCusAYR0bmwij6P80vOkAGAls91WQaGkU5FhO4xn1IZS9jdISQIhRnf264L2SZdB0w-YoBg4pQFvPBGAHVhYfyfeuwk93Dxpl7CnS__jUAOjxgU9076LPhVCiIOCT3nivCVqeRO5mhJqdevt1lJc39eKB-xvbr4LcXmwwoe_uyRHmoOGd1mth2IGnD5MdQgZsgkr6jrntajUkB17XpeOwArqYbRCH3uR-YUg22QZSxhvj1kkVlYOVheWP3hSA21CuQsO57d-uQQUvmp7a9MOG8Ub5O-LQan-lk6i1MJlfTINc_Wt-SgWeZJudrhfX_rXXx8OGp-BjWYc70HWIDEB2WXHP9xjSEXjrMQz9RxXgnVQ-GhjpCol42_C2FOjPJZeNaBtU56-_kaTt2Mgumt9VXr79TQdiv6fZiRzxQswSoNpPB7ljxTXDSE52-Fu5XlFUw7ORNE4Vbk08AgjzhrdYkK-HdiUiUiZYwecpVwIW-8ZW8fatxky22hTgFJQwXxmClhdWwGpX0G5SazL2eON5GMJOB7xjDZd8SlefaDcVB8rMJiepHsC398otlpNAiWx44EhNjYF9-YVnkOFRsaZpkazst7ltunlMWxxwo5OH5X1HBe0SxTjXrBpTY9Kf-X0sExnJiEAtWdVkGKEqxDsZEzRijVhQi-dm5qPggpGQQTG4DLQA7dhHqoWDX5m_5w3WYwLKg6Wp8WLtuxA0URSEmxiKeWokHqR39NP2Dv_rblrhVr_Vmn5zWtBoOVq8IgCQXjzjpDNBgh1xBfzL5GAvP--KRSscgDAtvEs6dmSrodFemW2Id05zI9VLnBvPWgj4f-RuYxMtUbsYnftpEKZ0nV25gdx8O-ROOwdQ5I8edYq3ZpuiKxZmWKok8j8dDKluv3cbTQ_2f7r6pq47zhhBwYxgNa7fr9OaGt2fexvdcqQ-5omO7NEFrc-s_yBpwZGGZgCc3K1avSm0GmOOPbCY6BmZuoygi0BChF4tOWcDRYLmtIeDbd9Lw5940eCJSbB5AXXPhWy1GVuClSKHvhLjCPIihdpnaqgT2hMUDhSQkfuACcH646VM5K5bNvJxWjI5Cr8FP8wSNKpp5TfqzwAyFZD2GIBSgHGI_SAlH6g2daHVTM7vNuZ-G_dYIkfeLUtnrrb55JkgJ5glpS_5CWJOvRHrG4jgTlb8w40VJfnRW67yxlHRMvCMnQxGrI5kvZF-x8Zc5KYn2RQ4VlKau2UUk-BdTEg0Tc9wmiYj5V9YUifIB1VU5vyYUhSaroZTICjIYpPN8SNGWCbAAZCnAiSJdIbjxt2s3IWuXOh8wNGxDAxCB2Ylg-P4s3n8GWvmGCBxBlPF7gEykFj_llQpJVeJdBn8rGYUnOjWBn0T76DBZlqh19EN9UPwEt1OfmGJnungPkbhu677f92wTtlEQvZ9caxj8f0Ncwl3CL8Ix1jjInaQWYTwx6pdRoznfhgUuCw9uTte3VVVSYce5hkneNm7mhpWLewQlzZ1WWQ-ThgA1fKKpdrLo_UnLLrfIJetm90ShGigBf3AEE0TAsMdnYRPsiFz3rg75D-C8_ewP_coXLTk3LqpH6KLWD3VT44CGWUiYsGmhTTCGnoUReuSTzlJsPt6YYv9eIrbrcz77O9iuqlGsvAiQylZU3hX1I1RjBFI5vt59fX-wvIksYZc3-FE4SDk0aaRn8zJ2gAPNdiXHUYeoPlgouGe_ADd8Rw41zOtJtCcu-IgLEH2E_rOS7YKuwjBHM-3DrUO0tmPPQCu2PsuiGedBm8xs3BUvHreVELioZkoC3iW_VLDnXdSMqPcOA-R-vIVoNzrgOu3zRwSsWPEPMmfnDTqhf-TX2DtISdQQpQrXO1iyGO2f2u4Tq9ZjqhajO-IP7gCyBi5IjNm2hjHsKZSvZpMMbO2N_YNxIwrFL6CjTbW2mdHQVSOxJ3-TAW2f5n8PkOztdXogMxqg4pG78iJq_S5YE-LYTJRaijyxFG_hTWOZQEOVCL-yCGXYUnBNUAGmsPCcJHn330IYt8SSjEjhhrfMBxcSUbj4OBDMKURqXOL8VLIo5LeRxvb9xF8fSHfTlvE9asY72dB51VzOgYH2GxbwexrI-41YdBswq0WCrb-sSr3cIQlreCY3BSC4H5tgauQDklmDj9qe65EzrjOt0TLccli7FFCvdGNMDKqFPC0F0pd3zGeMD7jDJVrK2mkaiUsJTyzfq0ZETu7FQWom6_AXlVyZxRvz7CK05xHDI3WINWNo50_LBlIXhS12I6n3UZHqhO1KyJenRnjgqwFs0yOVYb7191uxIQzYG_ACvgTHcWq3QexiKk46TFchrd75QN-Y8AmEOnT1pqv-6FFaX8QUXhhnMq6w6icAb7KK70s9yYhVs4QmbLbJMYheR7GDrwdFgO8ux86HuwhVWz5dg91WEAMYN1rVCeYSh1TzWNJ7P-WrT8e-PoTZM9UqgibNILc4_nTDyRoKtbCBlJUVLYQ8MPW_xJuADI1DxuUfUch43m8H_22B1kxsUHFmma9H0iAXnhvZa4p8DP3hATq3dEFmGmrchXHAAxjX1PRu6wa2aSJHeU1RDCx9imY-EeL0IKhikhDv_5E5xGvR7PAqTSn-kKgNe6DjTLd3kctMcdAOD8a8-AKze7dhlTStKvAkGtN7lnC9JZ3tIoZZHuaqEFlYyigVzgz5M2wVL3i_U3GzD4CMZhKrgbdUqPwOx6g31M46Vpdo25b89P__nuEYKnpEbUCkE0fZb24JgWeaC7BtA-8oPLY4xeJ8sXqcpHpBcCbzAaI4E1jpNtzNOvXADLSA6ZokL-XasufsJ_k22fdwcCJLpuWwxTcNsbzTB96lVgwA9GGZkRAqUs7y4XnQhULCooLCdGcIBhI6BK-1y3ukQ_W7xkX-2fx07rPUZxRJ3_RKZLbLE-vzTArdk0EuB0xTPfo2VcNuVp786yDfv2WwC-VeAupyg3uPzbgEJ6AkjJNciF8hHqQfgrxrbN3VSXHdTaUwGm58Zs_5xF8N2HVZ6NriWRSmRwyUm8_mIY_zJpgw9Z1ooJBDVqfpM6zj0RDT7kB5IZ00o3RpCCAQSPABygQiDlU46MUgokLTEDVkmwva4g8wAUokZvSNM-M4ulgURidKDKrMnsO4jNn0GvKIw9W-nlCfGoPKDrBgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-6396844742497208&ias_chanId=1&ias_placementId=18513634021&bidurl=https://access-excel.tips/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i9fbiHpv2kN11bS2fOJQEb&adsafe_url=https%3A%2F%2Faccess-excel.tips&adsafe_type=y&adsafe_url=https%3A%2F%2Faccess-excel.tips%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:d1c95d7b-146a-c7c0-569f-71595821d641,c:bAU9Fm,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d854c4bd6-vmzwn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tDeKCEr+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C171%7C172%7C18*.1352960-70224255%7C181%7C1821%7C191%7C1921%7C1a1%7C1a2%7C1a31%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:22,oid:59ab71fc-ea04-11ed-a28d-165d53dff056,v:19.8.407,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/passback_160x600.js
Request Chain 334
  • https://fw.adsafeprotected.com/rfw/bgd/1352960/70224255/xbbe/creative/adj?p=APEucNWkcZqnkVmkesuUrqsTnH2tUrghoQk1-YLL4wGGgy8azDUzW5Q&d=CokBAKAmf-A8LXt1rvPA1SpOoMu7NOaaJafGn9ykbw6wEvBJ3hY23k4d_sdQCForI8ovtLnMpU5ClZAbyKRE1LldC8EawX6erRAirwsyS-N8MYsILpYvVhLXvos5IPrf1QvXajuvHglfmWGOk6sl3cFNJdUOp-3CmqXDsD1ji8Ww9KRrjQ_w60pgIMYSuRQAoCZ_4AdFIpqD4WdUV-Qd6ycmp4-ysz2ZeUqc2J7_x9E7Rmzub326XTWQGpn9dYNcokrCG1KYzbgY_vy91iS1ccCqApy64l2GOEoCNJsLUSva-5hWEZlC7tzCVeCw2o4FvDCnoPs26PhbfTMGxIOQd_voEw5O5MBw6ARm4eUcv1n0hE0PwSI0fPBJAY66nubu7FTNKIMnH0UeE1lJB5IX1aIpYEyadfkvJX8k5vUpVNpzD8SMqftI_GvAuWzt3ZQZ1iId0DsG1CmA2XOltk6MLe2JCvZiyob2t-B2ExczKOtjMvH27kbBSi0cW4tQupVdIfsDdoH_NpGrYD8c1Di-ZNuxJq19b_yYaQpYVG2_gA0howzVr18XsubjA2bxNMNpc-Tul5w9gOqt85jNFUlSCEaHm1GmqTfZobNDNEIkZCjlJt6iKmvLDZVfc2C7T1Rt48LzaQi6d3j-hL4M1HhzV8whqlqo7tgpn9zWtpvcxBH-a1VK7dYxpPFKlSQ0WBqTnyb-8VqfiDrXglf58VkIKZQjvYAlo-XeTgErA7GV_vJrVkdUFYNj9klkm2JS32R5kf7MdnKkugfPEveSUlm4vJMxEcxzGFkYQ-aTZvXhm2nMJluNwgEVF2GTond5mfG1d5cfX63Nhj-kZlBvc4edL5WTrAwOoKbHuzv4EW_OSmB4TQ_oXSZzS0WvSu75Sq-fEOyNIMwQa7JHRytBaLF2jzRu6xpBs0dMLrLOGbB-1bLhj36ylPL4d8P-Ecf3ilFFUYIc6UXpUaIMeFcCrN2uenImS45i5McxBHSEm8Dn08dpIa3_3sj1upRuI6SrGjkeLAasvGCoO-lbD0HwSU8PdN0-iw13Us_Sgymy88b_YAbIORxSDoF7Sp3SQex4n_iEl-9x4gh90QjDvvLO87XhamXQrmTSfBZh64SOuyFLlo6jq21LZRRKWIP0bYuyPO_iP0QfaEUKwsbN0ErAfsJZJ9_016P1VzoL6z8foPmu5sUYZEL0XibkSTWMuU_FFBUfnSj61uJ3YXaGQjVoZhIkw6utLVeSVRD0q7aYzKbmnkLFZm5KAGZg95VnVD66FeaoWAOaNt7Jm-XUQ4wlxbSVJwNuTYyz-C5eAZSYSlJ96vjCrwTdMFBCaVSWHmsxVv5zcnSdqcGH71HjR78M_2zWNTPfOTN99VmzHhfFDi49iKrVnVrpwG6SiKqnRGsw8epe7jQQBZaFYIQVDqqHZgtnjNXi2--_OVf1geBBIcy4HsWc8iIys1oDIDSI5j6Fex2TWBWrOamtqvIA8bN-0HKBt_tamr65T80cbSzEkQdZETlxLZJ0juwOhoE6DZDqn8UsL2kxh2KVfxaztakeYWsLbEcSY-pzvPc7ISYyec6Xy5D8nLpaWutbEyaIiEAIKDUPT9dAlUA9dkdNYclpMeJm3TlFg9esqv4GvoXnpBXo52-6YtR5uDaAc2Un1Y7GQG2U4w77aDwXOblMv2i4r_0_GHV7t3KitrfDKUmVL2mrrUcYp-_o9c6i0PbVHVwwFa57yLN1CF5m0oWaodDOcRWjLm7iy0kxIMqg_eQfFC6a8M7JQsfxtIdtAmz32lXyytSnJ9m5amMDfqndOEMAAImysU2g4FyhvYtuD__ektCYg3cIFYeHuqtWDh90H4UkXAMrHjHMXW0wldcPSyj5O7hxJDup5KaQ6HvQ9ehSGNi1qc56loXX_GNqUqcpuE-O8mTr96dyN2uHokP6ormXejEQli9uSJ3ICZ0BmrkmtXekztjCjtrc7kn6-EbGrxAtZBxDy7IqwYh7wt9d7D_RrSzRdnRMxsbBUrUwdlRW8-95eKvEnMQcFQSlTtVNk_ZbFTv04ff9c68WWB7DbcjvNzR4ObVCtJeIdbA5LxO7djgIkZPT2IXJAdUSfGNrS5DkGnFplETChu0WfubveCAM1r0SE2xpWs6C20WJZrzCZoxP7DCaPjF0UazywVGsfP3DtI6M7rMpfGLiIW9SvgCInZdNMhhESAdGwCT00GZhV1NAT-b2HvgSTLoZrA9SY6bCBBpIJp92177XhmYl-WKI3-ZFkyhk_ZP18ga16xS6rhv90bh-_fqRuDDj0LAHV1_n5FJY7MD6kLZrvD8TbkUflO5GPcYRdJa5aEkI3FP8q1-qPz7SJLncOb2XLPpf3xcNrG9_uaLQKtrbvUIlNARSeht57sJCAZB3yWauWphISlSjxJBtYG2FU0ERW_0AZ3F5nago-JyhkuEIDRe5iV3QsyPJiMHb8fUlsSF7anURFNBIrMDJSdpJ7enPKMAKedBrY-1XM2MdVE8lGLLkhHaeOuAM0M5uDDSeLlELTALT-L9DUhER0zZS1BvJVxlktBJYOQ45sBmlll3IoifXi0SpvaEOE1IgzXvnsvuKsEQ-Atydti_lQf9jWPY1Y5ap-vYv84vUn3BzRwTvMWHwh4sbNZdMPF87hkX8h9rWJTml_2yYNPd7ErjNUJ-TEt38gs5pb1mp6uISpXRKcLV9osjFCxjw8aFyRSM2XgivNZQLD3D5zD_VgAK7YcirGte3NmR6OTpZ0ZraX-EfRB7hzEVe2UW9InsAw53oaR0fwEiPhkjOqp0nvVIy-eNxFGulQqvjbgj4sV5hpzBGyL4wRRSsdGSRHEAsT0N0VeMF0kW4D3Cer3esK3PsLk9zbl0933TccAFWs_o0kSKESJ1RTP12LVPML--V9pz1D98lwBQARMLlFdNzESNtwQ1lqBYY5dwt9BRxk6esrtqqj0vp5QOTp_jbqZcbzie7SEhJx72Y4UpI_5k1py9jP8DHXgXlyYZWlM6BLtr6mtBGepdy4lx8Riq4vthWqtpwgcVn6_QifRF6RNZZwBjDgdfLRSQm8OmJmm6z4Dc6Fq-KQl25_GOgC9nPjlcTFosghII28LlXGWSQUf_NkUx0fYl0ajocU7ojddgu_az34pImdfCBAjv0T3KuNQLPtDlSqDBfG4JntbmpA1xliNZkToi-ro9FlPQgwI1b5uihlSRBev9a9AFajuLdKbkJhGNJXN5oXk_6o0fFYFpi-46TTpH-4sXzCFFtdyMgaMXqW7o0686umrn-44ymDxKA8uuP-VjL-9E4LrCsGOrIdJE-w1OzTPcvyKaZlq8xcB5AJoPgzFckOilvauq_hAeN38-b36jMDsFSvbCPzhQDX2xMzmyPL0vOAXNngafE1UJhfDxpr_uvxY77vplz1T3iHGHs3rVrXmtc2nWHR0GJMCr_RRWmaZSakeQ1deHLld2sQ-tTEJcYQH6wbvdGCqh7RXaLseFpwYYUcdp3aFsITlQf7iT4yItXrgaE20SdevqsK-SrjOdo9n81pvUGGCj8NA58tLItkiHL29zIyze6_yknGQQSy2JQSbWlwYPebBcyjnhX_XoWf7l4_rNtA1sZmof8ELqFQ_vhjbVru50tG8ayE6qwl9jgw5Z7VbRzaPmYH7ZkRXJB5chko9czkD4D9zS45ZNeGkIIBBI8AHKBCIMMx8TfmWwEGwefmLCEB8uVBGhcxTaTxmH8n3wRV3lqSJ4lHpUZN--KUeBNsJ0g_Ur7BSK3riFIGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-6396844742497208&ias_chanId=1&ias_placementId=18513634021&bidurl=https://access-excel.tips/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j2cVvXih8UnCD5ZHDiz9Tb&adsafe_url=https%3A%2F%2Faccess-excel.tips&adsafe_type=y&adsafe_url=https%3A%2F%2Faccess-excel.tips%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:fe5a4122-8af7-99d8-eeb7-3ae58fa15d2d,c:bAU9Hy,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d854c4bd6-vmzwn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tDeKCGG+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C171%7C172%7C181%7C1821%7C183%7C19*.1352960-70224255%7C191%7C1921%7C1a1%7C1a2%7C1a31%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:19,oid:59ab71fd-ea04-11ed-a28d-165d53dff056,v:19.8.407,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/passback_160x600.js
Request Chain 339
  • https://fw.adsafeprotected.com/rfw/st/1294488/70429366/4.js?adContainerId=brand_safety_SORSZKfwD-Oz9u8PhPSIkAo&cbFunctionName=goog_wrapCb_SORSZKfwD-Oz9u8PhPSIkAo&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Faccess-excel.tips&adsafe_type=y&adsafe_url=https%3A%2F%2Faccess-excel.tips%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:8c8ff08a-f9ea-0c50-3b1f-1104d13fc2d9,c:bAU9JA,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d854c4bd6-q7s74,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:4,mot:0,app:0,maw:0,fm:tDeKCIE+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C191%7C1921%7C193%7C1a*.1294488-70429366%7C1a1%7C1a2%7C1a31%7C1a4%7C1b1%7C1b2%7C1b31%7C1b4,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:23,oid:59af6930-ea04-11ed-8f06-06302e4a7f78,v:19.8.407,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4a.js
Request Chain 341
  • https://fw.adsafeprotected.com/rfw/st/1294488/70429355/4.js?adContainerId=brand_safety_SORSZOOgFLfCx_AP8oCP6Ac&cbFunctionName=goog_wrapCb_SORSZOOgFLfCx_AP8oCP6Ac&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Faccess-excel.tips&adsafe_type=y&adsafe_url=https%3A%2F%2Faccess-excel.tips%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e6925260-3999-34c6-452b-7b61138e9534,c:bAU9Ka,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d854c4bd6-j2n28,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:3,mot:0,app:0,maw:0,fm:tDeKCJk+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C191%7C1921%7C193%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1b*.1294488-70429355%7C1b1%7C1b2%7C1b31%7C1b4,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:16,oid:59b4e7de-ea04-11ed-b732-5ab6795b5347,v:19.8.407,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4a.js
Request Chain 371
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEERsMERfE2_hBChLcW4qjLE&google_cver=1&google_push=ATf1kGMrDDAIzz9pFKRywvPVYwvw88S3qN6P3ev19QnwhjvmJ6eu2-PYM8utX93ZPoIuaEWU6yiyrt13I6WJQmFHjnGQ6E6o5KCT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TYK5MNS2QYqQiKDP_NB75w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMrDDAIzz9pFKRywvPVYwvw88S3qN6P3ev19QnwhjvmJ6eu2-PYM8utX93ZPoIuaEWU6yiyrt13I6WJQmFHjnGQ6E6o5KCT
Request Chain 372
  • https://match.360yield.com/match/ebda?google_gid=CAESEO6bWtpqFaWV2rololLKgbA&google_cver=1&google_push=ATf1kGP1FNt2spAmche1uM6ZppHr1nEzXLQpXmT4Jilhtq200zUn3xE6Vjn8UPZck3sIL1vKRfd-Jo7sWd-1ri9bkkPARgtXR2R- HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEO6bWtpqFaWV2rololLKgbA&google_cver=1&google_push=ATf1kGP1FNt2spAmche1uM6ZppHr1nEzXLQpXmT4Jilhtq200zUn3xE6Vjn8UPZck3sIL1vKRfd-Jo7sWd-1ri9bkkPARgtXR2R- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=n65ZATiZTaKcuecATZZwqg&google_push=ATf1kGP1FNt2spAmche1uM6ZppHr1nEzXLQpXmT4Jilhtq200zUn3xE6Vjn8UPZck3sIL1vKRfd-Jo7sWd-1ri9bkkPARgtXR2R-
Request Chain 373
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEB-DQIdRYlMeoCTyF6vmU_E&google_cver=1&google_push=ATf1kGMgKK80v9KTe07R7EzmxKNPGGXsVHhnoSacX4oQ8DRe_S7Un0hUMuhz-UitoWPub3U8tZNPkLUNk6xqz8KIiXEfUSPVSbAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUxNzI1NTEyNTg4NzcyMjM5NTU5&google_push=ATf1kGMgKK80v9KTe07R7EzmxKNPGGXsVHhnoSacX4oQ8DRe_S7Un0hUMuhz-UitoWPub3U8tZNPkLUNk6xqz8KIiXEfUSPVSbAA
Request Chain 375
  • https://sync.inmobi.com/gob?google_gid=CAESEG12Xl6ebD_IPH8R8N5_vtU&google_cver=1&google_push=ATf1kGPv4tGfcG_4Ieu_yEpkCkZ9JkV_ngxt5R5wsKLg2IQwYEF8bZ5XBi5nFpfwZMkH78sjALQatLQRXTUljtJl82d1tKmgo78vWw HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGPv4tGfcG_4Ieu_yEpkCkZ9JkV_ngxt5R5wsKLg2IQwYEF8bZ5XBi5nFpfwZMkH78sjALQatLQRXTUljtJl82d1tKmgo78vWw
Request Chain 377
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEFR6w8rOGMex8uL1sGJBVkk&google_cver=1&google_push=ATf1kGNy9FAUaDYAWd67QEQ4dd9BKmmVXtVIoCJjbUabgVtQHX4b2AYIrd0ncoJ1SAy9dTQzppm4zB71qrE6vzmi5-KG7OwUwMmc2Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGNy9FAUaDYAWd67QEQ4dd9BKmmVXtVIoCJjbUabgVtQHX4b2AYIrd0ncoJ1SAy9dTQzppm4zB71qrE6vzmi5-KG7OwUwMmc2Q
Request Chain 378
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEC4GMZz2X8Wcg9FJmo4b-dQ&google_cver=1&google_push=ATf1kGP1rEez45_a0zXnZkxrOZIZ3jbnmeOEXTzjGWF_5iCA1If4JAQX6ULtqMxmBUTtn7Gwrjgub8DD7rHinSqI1JGQcHHlAVYj_w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGP1rEez45_a0zXnZkxrOZIZ3jbnmeOEXTzjGWF_5iCA1If4JAQX6ULtqMxmBUTtn7Gwrjgub8DD7rHinSqI1JGQcHHlAVYj_w
Request Chain 379
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAHF_LZuWQfvRiEw8BsM60k&google_cver=1&google_push=ATf1kGNxbuv0JOT_A9QzrZixVcYG9Z-XUq0cS82VYNiquRbSIxvpJV_8heMqYgUgnSn8PsR8E7L-9pdgCcUveHs5cZIYTY2XXPJoNg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNxbuv0JOT_A9QzrZixVcYG9Z-XUq0cS82VYNiquRbSIxvpJV_8heMqYgUgnSn8PsR8E7L-9pdgCcUveHs5cZIYTY2XXPJoNg
Request Chain 380
  • https://cs.media.net/cksync?type=g&google_gid=CAESEK5tKrSXQkeDTKoFhtfJltA&google_cver=1&google_push=ATf1kGMqv_Huv2OlIAGeC1nFg0z2aVTCStM8u_49AIfPfRcnjNNiaittFwfYJtcm2_STBtnp9UAAigSzFo1ssqwBw_w5JzmpERd9_w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI2MTU1NTkyODI4MDcyOTAwMFYxMA%3d%3d&mn_hm=MzI2MTU1NTkyODI4MDcyOTAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGMqv_Huv2OlIAGeC1nFg0z2aVTCStM8u_49AIfPfRcnjNNiaittFwfYJtcm2_STBtnp9UAAigSzFo1ssqwBw_w5JzmpERd9_w&gdpr=&gdpr_consent=
Request Chain 383
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMR0ZKTeVus198gOlDRltgc&google_cver=1&google_push=ATf1kGPm9dMbgT7XNp0mY4XNibbvVpjxZU_at_8ze4kH4MIeqgLGrEbkwHA8DGmDWIZdplvms0Mc-7HpK4_PQbPY69n5D2t3qDHZZQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGPm9dMbgT7XNp0mY4XNibbvVpjxZU_at_8ze4kH4MIeqgLGrEbkwHA8DGmDWIZdplvms0Mc-7HpK4_PQbPY69n5D2t3qDHZZQ HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 387
  • https://fksnk.com/cs/google?google_gid=CAESEMqwYuAD_513kEytrSYmPhA&google_cver=1&google_push=ATf1kGPrLJYcRkNFbcnUJlB2dYYLoPE7-VNPsw2paKQmDUj17PGR8m7p57j5dtj2Wxe6cSBxBD0ti0oqB8HAozjmeTgSb_LsBFE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODc4NzY1OTYzMzlGQzRCRA==
Request Chain 389
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEB-DQIdRYlMeoCTyF6vmU_E&google_cver=1&google_push=ATf1kGNXQ8s4k5tzH4ef8xlpZI8Ec4ZGZtyqj97ndzFahOaGV8IUQ4AmorjyX8VOgB8G0Ril91eYIPDqDjg7sgjKEiKNGHZi62YG HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUxNzI1NTEyNTg4NzcyMjM5NTU5&google_push=ATf1kGNXQ8s4k5tzH4ef8xlpZI8Ec4ZGZtyqj97ndzFahOaGV8IUQ4AmorjyX8VOgB8G0Ril91eYIPDqDjg7sgjKEiKNGHZi62YG

429 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
access-excel.tips/
Redirect Chain
  • http://cdn-0.access-excel.tips/
  • https://access-excel.tips/
96 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache / PHP/8.1.17
Resource Hash
2f391f2211e28cf51e3f5bec98fa36fac8ac730d7bc92e74f54b70c7c2e7e2d1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 03 May 2023 22:46:27 UTC
display
pub_site_sol
expires
Tue, 02 May 2023 22:46:27 GMT
link
<https://access-excel.tips/wp-json/>; rel="https://api.w.org/"
pagespeed
off
response
200
server
Apache
vary
Accept-Encoding,User-Agent
x-ezoic-cdn
Hit ds;mm;0a833f4800a45011c37e0e04e0eb86a4;2-98068-3;ff13058a-1109-4918-59dc-dbec04a24b96
x-middleton-display
pub_site_sol
x-middleton-response
200
x-origin-cache-control
x-powered-by
PHP/8.1.17
x-sol
pub_site

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
7c1c0a462f6f373d-FRA
Cache-Control
public, max-age=86400
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Wed, 03 May 2023 22:46:27 GMT
Location
https://access-excel.tips/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uogIMyphyLSyIE%2BYP7MuqQIv1RzIaoaupEvTGCeHPWaOvnEhfJh5abijXOBXKcFvuEdvnWJXy3rp4Miy6VKaLX7L9754Nk5pov4DXzU7O1yeJ2s%2FuxPbpXGg4CAU7G%2BVxkcMrYeSCHkEJiIep6oT1jJrvZxhsg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Vary
Accept-Encoding
X-Middleton-Display
redirect
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.min.css
cdn-0.access-excel.tips/wp-includes/css/dist/block-library/ 		81 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.access-excel.tips/wp-includes/css/dist/block-library/style.min.css?ver=5.9.5
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
2030019
x-ezoic-cdn
Hit ds;mm;4dfc429bff1b16e489167d6d7018a144;2-98068-3;bb9a1f35-5e71-450b-6fb4-24c49ed952fc
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
last-modified
Thu, 06 Apr 2023 14:50:17 GMT
server
cloudflare
etag
W/"14407a0-145db-5dbf77bcd2400-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUzTAQOXQP3FSIMWeWkC7vPnzVB5eybkQwMZF8b7hrLyznQ%2FD%2FIqeDAyc0PCA4ISseng9CQ41KVdP%2BiOsb2AVu8bxe5ikqh6ELppf0QD72YvlzeOXBJkruAhjfef%2FGGWXF78uBemmO99Sx1CJZ7IRerXDQlNcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7c1c0a482a862bc7-FRA
css
fonts.googleapis.com/ 		28 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C300italic%2C300%2C600%2C600italic%7CLato%3A400%2C100%2C300%2C700%7CRoboto%3A400%2C300italic%2C300%2C700&ver=5.9.5
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f5f0b12c511419cf3f39153f43834b84e92bead7268e4abd81699d384522fb2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 May 2023 22:46:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 May 2023 22:46:27 GMT
font-awesome.min.css
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/font-awesome.min.css?ver=5.9.5
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d20b06d72585a42c2facc26bf6fb9b15c155c2bd73e466e24405bdf90cab7172

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
836869
x-ezoic-cdn
Hit ds;mm;1939ec7618ea86812cf745d27378560c;2-98068-3;d2283d4b-9c9a-442a-4d6a-929e847eaacc
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
server
cloudflare
etag
W/"4a1065-6845-5afbf96aba940-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQFPvxcMkd%2Ffv8Ku7ParNPEbXAqio6LP3Xk%2BjfYsQ6z%2BgbnpfLTZ35KlpMa3SYC0BwHitiB4tV2Lw8pmjxtF8XIh0t0tdEbM8KCdPYQzvEDzsrzpbodYO5eYTR%2Fe2ahQncKD85l3sSQPxqpi5UQgaG18k57Q0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7c1c0a482a872bc7-FRA
nivo-lightbox.css
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/nivo-lightbox.css?ver=5.9.5
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b347d4a77daadabac6840d7a1039768915f5ad2901dbba49dd47a3c9e1a1f64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
1945160
cf-polished
origSize=8235
x-ezoic-cdn
Hit ds;mm;050e981514367f69a237672d960ad5d1;2-98068-3;447c2e51-158e-4088-7fa4-f0a01bec2d45
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Thu, 06 Apr 2023 14:50:17 GMT
server
cloudflare
etag
W/"4a1069-202b-5afbf96aba940-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfmxNYKvcrBjAOhf7mu29R5oucs3ysXRazecQa3St80OSVy1%2FCC3XE%2Fdzrt3n1fKycO%2Fh8uvKwjRHSqi2jHv8i3Mb7h4QTkMdVVLQOZiSLoi7sjFiaPI48mjKsWdmYNTGhwf6%2Fm8ZqAcjL%2BtwTcf0Hee7W1APw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7c1c0a482a882bc7-FRA
jquery.bxslider.css
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/jquery.bxslider.css?ver=5.9.5
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b05eb97ac487a8f24efa51c3b0d771b088a89d2dad2dd3d82ee3e67da074a332

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
121989
cf-polished
origSize=4220
x-ezoic-cdn
Hit ds;mm;4cb2441e63c397b0baec9adb72ddc338;2-98068-3;5f1dd9d6-5a08-46d4-637a-6e227652f164
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Mon, 24 Apr 2023 18:05:01 GMT
server
cloudflare
etag
W/"4a1067-107c-5afbf96aba940-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhgdNZYeBqo%2BePBDOw4mm6N5qGti8%2BgYKWts3fgKOWDcH3WGdD7tHKGL5i%2B%2Fml67f9cLR2pNfsogy5tcwS1nm5aO7R1IenP%2FrdhzG%2BFmDfg9XNEtJT3ZZ8nopXwN8P7lBxXvFFzZIlz5iq6pPN3J3jhFWTjPXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7c1c0a482a892bc7-FRA
woocommerce.css
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/ 		968 B
645 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/woocommerce.css?ver=5.9.5
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
320498366bc4c922b783035be4d2b6ad2ddcfe4addb4bff84d93b986885209fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
121989
cf-polished
origSize=1108
x-ezoic-cdn
Hit ds;mm;e6d310ef460af94b41a2581cd029d3e6;2-98068-3;9e7ac011-daf4-46fa-79cf-c4eeaab01b90
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Mon, 24 Apr 2023 18:05:01 GMT
server
cloudflare
etag
W/"4a106e-454-5afbf96aba940-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nM3hbP3zv1weRHdq1FBm46A0xmrkh5jds3jl6olVeqmY%2FxppNNSkzWJy0WPb60V8yvO7JMCFanxiAOXGwf8CLYKvumphbYUlF97NgrVtb%2FBQeUaZJkB%2FY9ln9d%2BENCH96H6pVQnCJx2r5%2ByEzjIdzMoKXXTPAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7c1c0a482a8a2bc7-FRA
fonts.css
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/fonts.css?ver=5.9.5
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f0c0d27541ace81b026bdc1a808f40a18ebdf58429a39a67e3e582fc405b094

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
1101327
cf-polished
origSize=19751
x-ezoic-cdn
Hit ds;mm;84b15dfdb43f3369e4a75d344bba0c46;2-98068-3;ca000964-c997-4528-782d-18ee121ddf52
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
server
cloudflare
etag
W/"4a1066-4d27-5afbf96aba940-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjB8jYewevAMwqfSTnJkFiHbtS3Vg4PB6Td1f9VNEMiYfh9q5Vl%2FGLWxmHbQSdUilXz6e4tJTKauPopLO8VPjI5dlebKHR25I5OpUFFzBy0zU40gXccq%2BGZsGr13aTFAC4TbSALii2YTdHSP%2Beob7M9gXFSRJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7c1c0a482a8b2bc7-FRA
style.css
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/ 		32 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/style.css?ver=5.9.5
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cd1e9d6f8dca41c14d1138d662c1bfbf1872c005eac9a758f08c84306e00d13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
1101327
cf-polished
origSize=48704
x-ezoic-cdn
Hit ds;mm;390cd19b9156ac1e6965f9477ecbe51b;2-98068-3;03930828-b47a-4d30-4e3f-b0ed271a751e
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
server
cloudflare
etag
W/"4a1061-be40-5afbf96aba940-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yo6hVLXtN6MvMnhW6TDrhX7Tw4eSgjdb%2BEo4%2BErLxy3FVsFvohOmDXmQgvOZpM1LpWB2a4mJnBJtvagNTCKCz0BPiXEdasivzgQATTmejONbMDLlrD%2BbqnjQSzMeOc2MOjZ4Ev4woRqVyevkabMn4Winq5y0aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7c1c0a484aa02bc7-FRA
banger.js
access-excel.tips/porpoiseant/ 		56 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/banger.js?cb=195-2&bv=219&v=74&PageSpeed=off
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
55d83771d9e9956c74c47262c95a54dd94503da04577d05d4dc86535a1fdf988

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
dynamic
access-excel.tips/ezais/ 		49 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/ezais/dynamic?cb=1
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
87fbb001417bc8f6876e28fd1917967e777320c1639206d33ac27679f031bd21

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/plain
access-control-allow-origin
https://access-excel.tips
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers
Content-Type
wp-emoji-release.min.js
access-excel.tips/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 UTC
content-encoding
br
response
200
last-modified
Wed, 03 May 2023 17:04:23 GMT
server
Apache
display
staticcontent_sol
etag
"4412aa-4705-5db18729ad100-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
x-ezoic-cdn
Hit ds;mm;d52a63225154bc7a8128dc1715c00e0e;2-98068-3;b05e04f9-81e6-48d2-70a3-c7621aaec84f
content-type
application/javascript
x-middleton-display
staticcontent_sol
cache-control
public, max-age=2592000
x-middleton-response
200
keyboard.css
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/keyboard.css?ver=5.9.5
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d4b71b5e9abfe59b7e45bc6544cd1f1e2e76f488bda9c289e8938a5214de4f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
1948677
cf-polished
origSize=2473
x-ezoic-cdn
Hit ds;mm;fce27206d18cfb2ef856d020afff66f2;2-98068-3;85f4974f-eed4-4e1a-7cbf-6872e0815353
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Thu, 06 Apr 2023 14:50:17 GMT
server
cloudflare
etag
W/"4a1068-9a9-5afbf96aba940-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFJqN7x50J5Nme7aSlVZv3F1q7FUGOLF0ePHKibQKZyrHVp6K19rCydKQTA4CRuT%2BAE9hbb6UrJxTORcJcf9uXiXNnmcK5cviT1gi9KTP%2B9uEBD1Hx37OPoOiuT7NUj%2FSkfkNIcVehbkg1I9yf2tiSA1kdiyNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7c1c0a484aa12bc7-FRA
responsive.css
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/responsive.css?ver=5.9.5
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30abb28535851883781b58a89380f184f31c31e9b1e4225f0e5e74607be8710d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
902635
cf-polished
origSize=8166
x-ezoic-cdn
Hit ds;mm;484d15343fd5beb58cafd18e35aaaac6;2-98068-3;56cfea5c-ec0a-4b1f-72c3-deca58d65492
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
server
cloudflare
etag
W/"4a106b-1fe6-5afbf96aba940-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuCi3Np9oDQOletzy1yv9lS80dkdmmCH5c%2Fj9AgtySTsUs%2FbXnMhykzmIC1Lsb3eT59RTFsV6qP8ncF5Sy%2BiysIv90SpwlHxWMQPADvfTmZ8mjLSq07W%2FF%2BPZaa63yCJKJ2s8FjSYwsq1UygYtPZudqpSUvOMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7c1c0a482a8c2bc7-FRA
default.css
cdn-0.access-excel.tips/wp-content/plugins/tablepress/css/build/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-0.access-excel.tips/wp-content/plugins/tablepress/css/build/default.css?ver=2.1.2
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bc19ce27e7fe54728be0d4489cf683005fd6f522bbf6391a681d7d2d8d3f190

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
45132
cf-polished
origSize=6091
x-ezoic-cdn
Hit ds;mm;53e4b71051d0dc968c0bb0ea6ce89861;2-98068-3;62489457-1c3f-4524-50fe-378a13aed0ec
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Wed, 26 Apr 2023 19:42:23 GMT
server
cloudflare
etag
W/"d24236-17cb-5fa4270619ec1-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmN9VXCoz2Cjn35BLoSqgml01wiNqfJthQLUf6XVW1FVicPS95555w3N2KCS15aS9j%2FLjGj1MiAtE0U0nIoIY4o3ItmL99GRlfAsFiV0ICRR0cKi7sltWAeuQbI8xpJjJVZC6Szgml2Md%2BGfQHiZMM2IiONeFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7c1c0a482a8e2bc7-FRA
jquery.min.js
cdn-0.access-excel.tips/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.access-excel.tips/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
121989
x-ezoic-cdn
Hit ds;dm;5105c5ced0fc6b7f2b26deb5819d7a2e;2-98068-3;88165d5c-2aae-4d2c-74a9-363b2d4b9e90
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
last-modified
Mon, 24 Apr 2023 18:05:01 GMT
server
cloudflare
etag
W/"1520eee-15db1-5db18729ad100-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrkBDsEkke7IgtoTqsczZmmZI58rD28IcQ54%2F5ypp9c%2FL3SnULxSlKJ7dj9apyiZQMbXjm0fRKlCS7Jr9sGZEKRCiIjYg%2FJFnCU4M807KchsAeFVPSN2fDUazmQFNV1%2F%2FnmVIeoUu58FfNQAj05BYGOdOus2uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
7c1c0a484aa32bc7-FRA
jquery-migrate.min.js
cdn-0.access-excel.tips/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.access-excel.tips/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
1945149
x-ezoic-cdn
Hit ds;mm;2fc3980e5e7e0ecf9ebc9da3ca423c1e;2-98068-3;48d7b791-07c6-46b8-60a2-b88db570324c
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
last-modified
Thu, 06 Apr 2023 14:50:17 GMT
server
cloudflare
etag
W/"1520ee6-2bd8-5db18729ad100-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZBCUb%2FlePH9iL4xhQ4VEBHmfzethmxUdDEAlbxyqXzI7pTgpjdCz7FVHC1g71ePsHe2yh3UXKHptlcek0IN92UaRy9bH%2FQT3QeDtJYwOZyDrerMBurkyBnSJWlBWrfe7RUAGUoA1NZ3qU%2BSm6YLwvdpbbiSXsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
7c1c0a484aa42bc7-FRA
theia-sticky-sidebar.js
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/js/sticky-sidebar/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/js/sticky-sidebar/theia-sticky-sidebar.js?ver=5.9.5
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6911575fd9309ff120818aa7e64852817c61d6513b33a9c1ed60b6a9dbc3ed8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
1945148
cf-polished
origSize=14625
x-ezoic-cdn
Hit ds;mm;67873f42dacd5a70157942af02c8162b;2-98068-3;62da1ecd-14b3-4510-4ece-2be2f4352319
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Thu, 06 Apr 2023 14:50:17 GMT
server
cloudflare
etag
W/"cc1140-3921-5afbf96aba940-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9sz6Clb36%2F2aXgutA8run3dpoQ%2FWOYa5VTjI7RLBnH6tk6crngttLb5nDsOHQozsq0rCl74iJ69CrX4zQ%2FDyl1eBKkL7T23vnFpoz6FAYqeu3BPJQLvu18uhQ1x5BMm%2BkUL9Aev5Lea7iEEajyDALloOaXugw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
7c1c0a484aa22bc7-FRA
v.js
g.ezodn.com/cmp/v2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.ezodn.com/cmp/v2/v.js?v=4
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b104db680a9d1df48409a24d2f18c31e2867e67e921c44b00c72b22d9762bb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Feb 2023 19:45:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6056647
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIEvyGChSufIa4n5fpXvQleOvR0Vv%2BJxGX%2BIxvrskfZYVG0cKLDH%2B1INtbxBSOY3YaTJfP08DESUGkYbz8HOQgWHiYxAjOOnr%2FNzts72Gtw3b4qNSxgJbhw1i0v0LGwaZMovDlJP7z%2BdDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=15780000
cf-ray
7c1c0a491ea39bc8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
header2.jpg
cdn-0.access-excel.tips/wp-content/uploads/2017/07/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-0.access-excel.tips/wp-content/uploads/2017/07/header2.jpg
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5056cb86194f57a3835df3c02abe87b797767dc731818988204322107a838afa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
121989
x-ezoic-cdn
Hit ds;mm;f850fc6e50f90724db402ad2988069f2;2-98068-3;8ba19be2-f83c-477f-72a6-1325c146aaca
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
last-modified
Mon, 24 Apr 2023 18:05:01 GMT
server
cloudflare
etag
W/"e20bc6-5d04-55c5101cef500-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3fQYcRu8Bi8HzNNDgyq9aHuJxrdvawhTC%2Bltwr%2F2oo6arL3h0jQ2fqqF9OtDRq9H5pIBl6jRvgpRQIbgFhEGKTGyvN4pKN6zRNjB9XbjvueaMlHad9YIf3ZbQs2mVFuyv3xOzj0X5uihgKliDGWgX%2FeoYt0qig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=15552000
cf-ray
7c1c0a48aade2bc7-FRA
frature_access-150x150.jpg
cdn-0.access-excel.tips/wp-content/uploads/2014/12/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-0.access-excel.tips/wp-content/uploads/2014/12/frature_access-150x150.jpg
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c9e1c60aca6663fd0a14c5848ad462e5cd1f335c51a1481c7e048d44e53c849

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-ezoic-cdn
Hit ds;ds;e4a6093e093f3096d9f02b745057d181;2-98068-3;bbdf866e-f38e-4c34-5047-a6bfa17bfea4
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
last-modified
Wed, 03 May 2023 17:04:23 GMT
server
cloudflare
etag
W/"d21832-1064-55c511bad4580-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsgYjBhox1vd5UXbKi%2FfUj7sEK9y0vkJ6e08F8mlefJLv%2BOe911I4e2sOnz%2BB0%2FyrNtNcJAZGDxdQPN5jaIRJhmePYJgO9PonlBEh3RZxDmMZ5rA0LA4F%2Bh%2BJAhyr935lUlq3A85ChmsyikFAwo0srNv6BDIaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=15552000
cf-ray
7c1c0a48aadf2bc7-FRA
jquery.bxslider.min.js
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/js/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/js/jquery.bxslider.min.js?ver=4.1
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
45132
x-ezoic-cdn
Hit ds;mm;4438bf29d446cb3421029304381809b6;2-98068-3;2ba265fc-33cd-4005-7c24-706b7ed82549
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
last-modified
Mon, 24 Apr 2023 18:05:01 GMT
server
cloudflare
etag
W/"52188f-5bf7-5afbf96aba940-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGSDT6MLkHisgiQPMPvJ8u3KLSHG2%2FeLhcc6zbl9LLedPNsYtarpF%2FR03TcWFMq9c1%2B5NCNnksSoG%2BQKuvKuUCTbG47YrelQjQ%2Fgj5WIfx4aUb30aMKniOGhte6EorsUIFda%2FA1d91Wkpg1VExKdt0fHIBAhAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
7c1c0a488ac52bc7-FRA
nivo-lightbox.js
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/js/nivo-lightbox.js?ver=2.1
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66c4f0662838fae5bcf679c56ad0d64e8f473129c71128f167301be3e89a4feb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
192052
cf-polished
origSize=14741
x-ezoic-cdn
Hit ds;mm;e1c336057fe1bdb54277e53d16bf09a6;2-98068-3;bbd99519-5ebf-417e-7e6a-45e429839c93
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Mon, 24 Apr 2023 18:05:01 GMT
server
cloudflare
etag
W/"521890-3995-5afbf96aba940-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYg%2BuIAOWqF6Dx%2FAEb6D583GcTNLJi5h5bfBZiOGAOyvZNwCMjLf%2FZKRH7ZPYzk%2FsLEkTeOuheTn1PSYhpUbf0DXkly3CsVMF5yPUuGDyB11SxCRO81HXot%2FuKk0mo2vQUxdhiP6G%2BmiBi%2FqVg7WhRuhrL33Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
7c1c0a488acc2bc7-FRA
jquery.actual.min.js
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/js/jquery.actual.min.js?ver=1.0.16
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b0c7b1b5fbdfeaa58f197d39cf9ae0e988a3d89247a8d5353005ae11a0dd5c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
2367366
x-ezoic-cdn
Hit ds;mm;fff696d185b0a2c4bc761111248c1b87;2-98068-3;eb1dbf0c-cd4b-40e7-4170-fa819c5e8f7b
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
last-modified
Wed, 29 Mar 2023 21:34:36 GMT
server
cloudflare
etag
W/"52188d-466-5afbf96aba940-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7FptYQUTM0dQPxaaiL%2FVfVTlUGCumNfTGX50M9RD%2BsE4%2F%2BmEZdD2bJdacWG8h%2Bf2K3cs3N7I%2FZaHMxQq%2BrOksATMgpfASymSS2NelWzjkZuTHeEcJ%2FDAv7vYPyhHWqabUlJW5n%2FQ3GtArF1MLuJb2ZpOHdkow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
7c1c0a48aad92bc7-FRA
skip-link-focus-fix.js
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/js/ 		597 B
705 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/js/skip-link-focus-fix.js?ver=20130115
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1603064e2edd4b76a3a5a0e970b1b756000cfe0937c320cb6f223a08b43df0b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
54606
cf-polished
origSize=733
x-ezoic-cdn
Hit ds;mm;8fa73a58ac83fda5027fe9e23c207433;2-98068-3;71738a1e-42ae-4f32-5604-2e937677cfc0
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Mon, 24 Apr 2023 18:05:01 GMT
server
cloudflare
etag
W/"521891-2dd-5afbf96aba940-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mxaK%2Fch%2FQ8EOn6hLIuYAxzFu5eYsg6wm9Rv3M6zjRJLR1Hx14pA4IUAH%2BnRGxv0XsulbOrtLc2SAbPqv8B2robwN8WEd3qB%2FZu09UyXXXochNr8uAWVe%2BEqmomK7hAZy0Cay5JKE0DLp5XEQiPKdt6Nw6WhrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
7c1c0a48aada2bc7-FRA
custom.js
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/js/ 		1 KB
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/js/custom.js?ver=1.1
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec5f9f7b396867c66fdef2b8e98dde1c5cff3db71aa00132902867a46945cb7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
836868
cf-polished
origSize=1529
x-ezoic-cdn
Hit ds;mm;551a2b4c2f8af62387478ea618ea337b;2-98068-3;7fab25ff-f114-4832-4e69-8e328dfc1f89
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
server
cloudflare
etag
W/"52188b-5f9-5afbf96aba940-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMPGuDvgZAXBnc1NRsUJeULnC5Cav3GirfeIg4LG3RUQJB8rrSnXXkLFqecv8QrwTx9L3OcJn5stqoMSPrBeTshKAAmHrVFc0%2Br9O2aTwe6S%2F0KwbuIYsWeqrt7FlWnUn3rzW1H52LMMeSO11va27JTo07Nisw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
7c1c0a48aadb2bc7-FRA
wprt-script.js
cdn-0.access-excel.tips/wp-content/plugins/wp-responsive-table/assets/frontend/js/ 		154 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-0.access-excel.tips/wp-content/plugins/wp-responsive-table/assets/frontend/js/wprt-script.js?ver=1.2.6
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65d5a38897c53d15e8b4528a0a2c8de15ceda4cc2ad3d4e978fb1439efd0e00c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
836868
cf-polished
origSize=173
x-ezoic-cdn
Hit ds;mm;84eaad713056a574d9a2ff16ce269ddb;2-98068-3;f8214da1-be5b-4d8b-70ff-f33eb0e832ff
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
server
cloudflare
etag
W/"c21b99-ad-5db2e507e8240-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CjI47%2F6%2BcVYjgymiyqPsV9G76T93ZENESeQxi1eJEjPbj3cSznSxHwLpfb8pFOxw7naDkX3i9j3K1epjymIOvsjNqt9jO86Q6OiVbM%2FErSUh65SYjYT%2Ft1jXH9%2F4GGxf3zNRFoB7dmhCNBH%2F90UDr0DAXM7EDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
7c1c0a48aadc2bc7-FRA
tccl.min.js
img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js
  • https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Server
2.23.209.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-23-209-59.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
sTnOEJpl_Bn63xNm3Yru0HbQaHbS55CR
content-encoding
br
date
Wed, 03 May 2023 22:46:28 GMT
x-amz-request-id
SW42RCTKTQJH3SB5
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467542_389993851_1620226845_15_1150_23_0";dur=1
content-length
11347
x-amz-id-2
SOgzPYjoNVqHmzSUdDQxjVjpOcgl04n3arSWjBq/s2doz6LRg79tFfSvSDtud9Y0icsa8uPNWH0=
last-modified
Tue, 29 Nov 2022 21:30:05 GMT
etag
"5c3e20ad749ddb088afc84b1b7ff009e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

location
https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
access-control-allow-origin
*
date
Wed, 03 May 2023 22:46:28 GMT
cache-control
max-age=1800
timing-allow-origin
*
content-length
0
expires
Wed, 03 May 2023 23:16:28 GMT
cmbv2.js
access-excel.tips/detroitchicago/ 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
cf9f9bdbb9d3fd97e6ffe2d35092e991d7dde82642e0d919f95d4aca3bb7b987

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
bgheader.jpg
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/images/ 		169 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/images/bgheader.jpg
Requested by
Host: cdn-0.access-excel.tips
URL: https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/style.css?ver=5.9.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dc65aa448ec9880d46e658d8ad71dbd11dd61c230f1f8c59d0d2ba4eac5e8a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/style.css?ver=5.9.5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
147054
x-ezoic-cdn
Hit ds;mm;0d5bdcb5962598e7c1203fbce17b1270;2-98068-3;e3486e31-ef15-46c5-510a-23ae079db36b
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
last-modified
Mon, 24 Apr 2023 18:05:01 GMT
server
cloudflare
etag
W/"4e1c9d-2a45b-5afbf96aba940-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGeme%2FbTNEm62U2%2FFUh%2BKu0funXIl9OR9TNLfmO2tcyLZ7o6vjl7EKZsHC16kTz%2FP87pLvv6sWBapVj967uznA8UoqCcFxqnYw%2F1ZUQOKIWTRB%2FK5S97sGV3RDMOqp%2FQ%2BOT1t1ByOiXTalX69ePaqiZ%2Fh44oJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=15552000
cf-ray
7c1c0a48bae72bc7-FRA
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C300italic%2C300%2C600%2C600italic%7CLato%3A400%2C100%2C300%2C700%7CRoboto%3A400%2C300italic%2C300%2C700&ver=5.9.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://access-excel.tips
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 17:26:02 GMT
x-content-type-options
nosniff
age
105626
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 May 2024 17:26:02 GMT
fontawesome-webfont.woff2
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/fonts/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: cdn-0.access-excel.tips
URL: https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/font-awesome.min.css?ver=5.9.5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/font-awesome.min.css?ver=5.9.5
Origin
https://access-excel.tips
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
211439
x-ezoic-cdn
Hit ds;mm;830ba98bebf570338e1e627ad3b2273d;2-98068-3;6a5493ce-ef72-40e2-568a-7efb9ef9f81b
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
last-modified
Mon, 24 Apr 2023 18:05:01 GMT
server
cloudflare
etag
W/"b80a24-fbd0-5afbf96aba940-gzip"
x-origin-cache-control
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
https://access-excel.tips
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4n3rTTCXB7hXw8C7LCmKRFAwj%2BhR0aLEyD%2FVlX%2ByoN4VzZZVlAe911V2V%2BNO27lvir0t4qQ5SS5%2By4NMKlZAycuNg%2BuyoUlnCvmXLVW4B86uDAfEYCuYqnM3ccAYQPdqobcISYE2h48tFRA%2B1n4TE0Q9%2B1I5Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2592000
vary
Accept-Encoding,User-Agent,Origin
cf-ray
7c1c0a490d235bdd-FRA
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C300italic%2C300%2C600%2C600italic%7CLato%3A400%2C100%2C300%2C700%7CRoboto%3A400%2C300italic%2C300%2C700&ver=5.9.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://access-excel.tips
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 17:33:41 GMT
x-content-type-options
nosniff
age
105167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 May 2024 17:33:41 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C400italic%2C300italic%2C300%2C600%2C600italic%7CLato%3A400%2C100%2C300%2C700%7CRoboto%3A400%2C300italic%2C300%2C700&ver=5.9.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://access-excel.tips
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 17:26:48 GMT
x-content-type-options
nosniff
age
105580
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 May 2024 17:26:48 GMT
feature_access_vba-e1503849948340.jpg
cdn-0.access-excel.tips/wp-content/uploads/2014/12/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-0.access-excel.tips/wp-content/uploads/2014/12/feature_access_vba-e1503849948340.jpg
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53969f483145868026ca920ea750bf2f3810c78913539542c3b5d91482a5c88f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-ezoic-cdn
Hit ds;mm;20f338244f05a34615322d201ebedafc;2-98068-3;09877bad-e113-45b9-55bb-a0c59833ad7f
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
last-modified
Wed, 03 May 2023 17:04:23 GMT
server
cloudflare
etag
W/"d2180e-1c4e-55c50e46c5fc0-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ZVcmHNaNgn9KLKvjEPfP9L9afWQL0%2Bdqs76ZVJo3NMH88cuvukAKWb97RxJE7Beaj1tEa0BkXq4jkVnZPR%2BA%2BxD%2BI4Xm0pl%2B4wV0gnMXrB8UpGmNvM2jqnov8gyL%2BzPySmNfVo4OTJaR%2B78%2FLk2nAGtG01CVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=15552000
cf-ray
7c1c0a48daf52bc7-FRA
/
basher.ezodn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://basher.ezodn.com/?did=98068&bf=30000&dc=%7C1254144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-pingback
Access-Control-Request-Method
GET
Origin
https://access-excel.tips
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-pingback
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://access-excel.tips
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray
7c1c0a49485435fa-FRA
content-length
0
content-type
application/json
date
Wed, 03 May 2023 22:46:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgFRe2ll3jU2dIjWwzIe5CDs89sG1rFoB98kLjq%2BhQKxTN1jBj6LWonwARlvm7iAhxGAv3LU7htY%2B0ZbO6whnFQ%2BouWVesx55Apq0f9G0kJxJ1C9TL1xgPj0bRXP1PKsifNokdax3cYyv8IYG70l"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
nmash.js
access-excel.tips/porpoiseant/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/nmash.js?v=1
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/porpoiseant/banger.js?cb=195-2&bv=219&v=74&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
6bc838937d8d1c3926393d9dbfcffbea2884e932f63d7d084009781adcf5f1d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=0, public
x-robots-tag
noindex
/
basher.ezodn.com/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://basher.ezodn.com/?did=98068&bf=30000&dc=%7C1254144
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/porpoiseant/banger.js?cb=195-2&bv=219&v=74&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a05fd778788694eafc2895ea32bd84af17af28738d7d323b8931c529cfcbdf3

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
X-PINGBACK
pingpong
Content-Type
application/json

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
86400
vary
Origin, Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://access-excel.tips
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bKO8m0wxva08zErjEYyDyqANTGASDfVOc4B6hZqDpVjucV%2FDocTvWjedUGH9cKUVm6l%2BYqAUjN1xxeoDsPL7E7DUAGQDTRas1bg9zNpd8EtaPcu0znRfNbdnPDEHTVwDRp6zp6s9jRnnN7psZR6"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
public, max-age=84400
cf-ray
7c1c0a49788235fa-FRA
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
imp.gif
access-excel.tips/detroitchicago/ 		43 B
188 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/detroitchicago/imp.gif?e=%7B%22ab_test_id%22%3A%22mod51%22%2C%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A6%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%22%22%2C%22adx_ad_count%22%3A0%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A3%2C%22city%22%3A%22%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A3%2C%22domain_id%22%3A98068%2C%22domain_test_group%22%3A20230805%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A2%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22596%22%2C%22iab_category_1%22%3A%22239%22%2C%22iab_category_2%22%3A%22255%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%22%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22840f7bad-28b3-44ca-6d31-608343c2de80%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A77324%2C%22response_time_orig%22%3A3%2C%22serverid%22%3A%22i-0881c902153fc5785%22%2C%22state%22%3A%22%22%2C%22sub_page_ad_positions%22%3A%22%22%2C%22t_epoch%22%3A1683153987%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Faccess-excel.tips%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A1751%2C%22worst_bad_word_level%22%3A0%7D
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:27 GMT
content-encoding
br
access-control-max-age
1728000
access-control-allow-methods
HEAD, PUT, POST, GET, OPTIONS
content-type
image/gif
access-control-allow-origin
https://access-excel.tips
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
access-control-allow-headers
Content-Type
content-length
47
expires
Tue, 02 May 2023 22:46:27 GMT
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
gzip
etag
"DUHyBE1e2vdA+NAhXV6BXg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 10 May 2023 22:46:28 GMT
cmbdv2.js
access-excel.tips/detroitchicago/ 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/detroitchicago/cmbdv2.js?gcb=195-2&cb=03-8y0c-6y1c-5&cmbcb=137&sj=x03x0cx1c&abt=AdInsertStatic
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
af76889a9268bbb8d76a7aa984f27064f2306128f1223c2de6c17a74c1e8784c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
rules-p-31iz6hfFutd16.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:d600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:31:49 GMT
via
1.1 2a5c925255bb252ff0ed65977311f74e.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
888
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:41:49 GMT
server
AmazonS3
etag
"af15ecfe46737cb2a37226fd060f23a6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
iublUjWWTELx582TXx8hWc1HPh95HhZA4-3AsvnZXrnsPgf6YG8x1w==
style.min.css
cdn-0.access-excel.tips/wp-includes/css/dist/block-library/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-0.access-excel.tips/wp-includes/css/dist/block-library/style.min.css?ver=5.9.5
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
2030020
x-ezoic-cdn
Hit ds;mm;4dfc429bff1b16e489167d6d7018a144;2-98068-3;bb9a1f35-5e71-450b-6fb4-24c49ed952fc
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
last-modified
Thu, 06 Apr 2023 14:50:17 GMT
server
cloudflare
etag
W/"14407a0-145db-5dbf77bcd2400-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMYvAyeJfGXKPxHkXplAJaRUs6MWDEagl82AKR7XiqVl7X1fkva%2FBKASAM4PAz05lB4%2Ff48UbISUef7Uz3myu%2BuZt3b%2FoCJlq12%2BByFSnv7VcD8MyOdfI77wgDwLaiAa9Z18Zm0cyasDhiYLBn%2BxMRFgyLEKYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7c1c0a49e9922be2-FRA
font-awesome.min.css
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/font-awesome.min.css?ver=5.9.5
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
836870
x-ezoic-cdn
Hit ds;mm;1939ec7618ea86812cf745d27378560c;2-98068-3;d2283d4b-9c9a-442a-4d6a-929e847eaacc
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
server
cloudflare
etag
W/"4a1065-6845-5afbf96aba940-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnF5LUHvbPoE3u9iuBrKKFqFOyYlHNo5q84WgoHrzIBgXSfmMLYTzJ0o0R0lJy%2BoYuiiMC5xtKhX%2FaDzMyCmcnYo87YHz3eJL0zK2NAZetquQ8Ij1Wi9sRKImfQOV1YPNMNXwIOVqkIE%2B4aGiPGkmWK6TWf6zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7c1c0a49e9932be2-FRA
nivo-lightbox.css
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/nivo-lightbox.css?ver=5.9.5
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
1945161
cf-polished
origSize=8235
x-ezoic-cdn
Hit ds;mm;050e981514367f69a237672d960ad5d1;2-98068-3;447c2e51-158e-4088-7fa4-f0a01bec2d45
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Thu, 06 Apr 2023 14:50:17 GMT
server
cloudflare
etag
W/"4a1069-202b-5afbf96aba940-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CA68TliRIChU%2BfsBmpIZEaSgbH44NwSyr2mlVQdsig97gWekcrgt1bLMGBqSJeMA9s%2BGRedanZsSl5av%2FwURXV9S8TeCDgi9Ukd6LnAgiUGHSjOzGqf4JFLImSxntCI61Y5J6tDj20a73FpR5DZatNGf4ZvklQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7c1c0a49e9942be2-FRA
jquery.bxslider.css
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/jquery.bxslider.css?ver=5.9.5
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
121990
cf-polished
origSize=4220
x-ezoic-cdn
Hit ds;mm;4cb2441e63c397b0baec9adb72ddc338;2-98068-3;5f1dd9d6-5a08-46d4-637a-6e227652f164
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Mon, 24 Apr 2023 18:05:01 GMT
server
cloudflare
etag
W/"4a1067-107c-5afbf96aba940-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Oybpq%2FJwBfDVPRmWpBTaZXDlQ97zNfaxmxErzfKtdILK8ScTB9y3HsKAkfOSq5wMj6kSPJbTvKDYKeV3X2iD31Fiqshkt2DnIRmxrqSJTNkHZYDVLSihr7nIAB7koasKsaLkkVQ5Qu1JTbMZ7cPVjkvJM40WA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7c1c0a49e9952be2-FRA
woocommerce.css
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/ 		968 B
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/woocommerce.css?ver=5.9.5
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
121990
cf-polished
origSize=1108
x-ezoic-cdn
Hit ds;mm;e6d310ef460af94b41a2581cd029d3e6;2-98068-3;9e7ac011-daf4-46fa-79cf-c4eeaab01b90
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Mon, 24 Apr 2023 18:05:01 GMT
server
cloudflare
etag
W/"4a106e-454-5afbf96aba940-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPle2jx%2B5942OMOankGNjKKuYeuuu6JnUhzNrGsJgLhWVlQAm5Q0k8Oxvxw4qen84FZmvzqusdmXjGS%2FA7FQ5ABXAtm1fKYcuFutlZ5ShX7joOoNrdXYuGTZFutYH1Y0vjVocIte5cXA%2F%2FGNGCKck7Zy4P%2BUUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7c1c0a49e9962be2-FRA
fonts.css
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/fonts.css?ver=5.9.5
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
1101328
cf-polished
origSize=19751
x-ezoic-cdn
Hit ds;mm;84b15dfdb43f3369e4a75d344bba0c46;2-98068-3;ca000964-c997-4528-782d-18ee121ddf52
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
server
cloudflare
etag
W/"4a1066-4d27-5afbf96aba940-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5IhxMKmq6hwT3nB1%2BVaUTWgA9un5g7%2FheGA1ExI4IlO4WTzZl3sgY%2FHaA8GXFwiaY0ywK%2FVnOnTpp8reZs4nY3syNkCz8ppo11PhNiQXo51piifcBHoxnPD1grhg4%2FDQ2y8RzIQl214HoaTfFCvGlZUK2DvPug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7c1c0a49e99a2be2-FRA
style.css
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/style.css?ver=5.9.5
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
1101328
cf-polished
origSize=48704
x-ezoic-cdn
Hit ds;mm;390cd19b9156ac1e6965f9477ecbe51b;2-98068-3;03930828-b47a-4d30-4e3f-b0ed271a751e
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
server
cloudflare
etag
W/"4a1061-be40-5afbf96aba940-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZCJKrHqD6lwGhCiGUxmrUKzs2kfLH3%2FLErCe7ue%2FVVt8bDHcJxPTTwJuZ2q0DCEi9Iz%2B3RehVobNVYV4CY3siP307xhHRHzUCqQ2PpqXNf3zX1Wf2O%2FJ5CRELO70iSElueVSaT57eLcxoZMymetMXaEhOZYNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7c1c0a49e99b2be2-FRA
keyboard.css
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/keyboard.css?ver=5.9.5
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
1948678
cf-polished
origSize=2473
x-ezoic-cdn
Hit ds;mm;fce27206d18cfb2ef856d020afff66f2;2-98068-3;85f4974f-eed4-4e1a-7cbf-6872e0815353
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Thu, 06 Apr 2023 14:50:17 GMT
server
cloudflare
etag
W/"4a1068-9a9-5afbf96aba940-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scPp3uWdBR%2FQYieKjh%2Fm6kmQlzyjWP7mCYfWZdKJbyYTBO0Smlh5YF6BPfxuSYiJQaNIvnyU9r0HSoFkNoREiupqy6WxoE3LVOv%2BrkRjrxybgf07L7LPfLNT8qTsIb%2BfBT%2BDj%2FJxWpuB2u7tzWWvGl3OJNFJBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7c1c0a49e99c2be2-FRA
responsive.css
cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-0.access-excel.tips/wp-content/themes/accesspress-lite/css/responsive.css?ver=5.9.5
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
902636
cf-polished
origSize=8166
x-ezoic-cdn
Hit ds;mm;484d15343fd5beb58cafd18e35aaaac6;2-98068-3;56cfea5c-ec0a-4b1f-72c3-deca58d65492
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Thu, 13 Apr 2023 19:17:03 GMT
server
cloudflare
etag
W/"4a106b-1fe6-5afbf96aba940-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ehrpzj%2BsrwVWbXIwFgQH3t3ztXeEjSJhGbVA3Q57bzhtqnzvFKOHTt5bALlAcLMHTbPNppwkY5GXVhSL2stX2Wj4jc0z4eUWJvf5VSvY2rHDWhumMAsiSsUSxYJVKytljxmxWNfmmoAb2UICDSMAucRWYXIjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7c1c0a49e99d2be2-FRA
default.css
cdn-0.access-excel.tips/wp-content/plugins/tablepress/css/build/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-0.access-excel.tips/wp-content/plugins/tablepress/css/build/default.css?ver=2.1.2
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3efe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
45133
cf-polished
origSize=6091
x-ezoic-cdn
Hit ds;mm;53e4b71051d0dc968c0bb0ea6ce89861;2-98068-3;62489457-1c3f-4524-50fe-378a13aed0ec
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Wed, 26 Apr 2023 19:42:23 GMT
server
cloudflare
etag
W/"d24236-17cb-5fa4270619ec1-gzip-gzip"
x-origin-cache-control
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TF1VBEg1wTYUBxLwi5tnDM7fwLCm4ynzpXLF6b0FWzBWDPuETLIikVWsIjZPQWA91myeq21oKxuuAhtrA9hm6sbfZ8kw41csGeOo%2F3GFVk%2BKTxm8Uvvb2IIX6NqqmvYhW%2B8wwN9s8XKpJvHw6ZmYcRY1aTd4GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7c1c0a49e99f2be2-FRA
fads.js
access-excel.tips/porpoiseant/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/fads.js?gcb=195-2&cb=11
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
921be058bc587aa88c0a8db6aeaedc83e4fcbe5ed1d58c70be57180908b53f51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
calgary.js
access-excel.tips/edmontonalberta/ 		2 KB
824 B 		Script
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/edmontonalberta/calgary.js?cb=16
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
597830acea0420d0c95ceae70e1db6fcfb1d35d259922ff472b1b6fb083e193f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
content-length
792
kenai.js
access-excel.tips/detroitchicago/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/detroitchicago/kenai.js?gcb=2&cb=6
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
content-length
1058
tuscon.js
access-excel.tips/detroitchicago/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/detroitchicago/tuscon.js?gcb=2&cb=12
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
e00d1c8d33ef445e5c86b591916928660a8c097bf129032703092d62e85f4294

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
portland.js
access-excel.tips/detroitchicago/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/detroitchicago/portland.js?gcb=2&cb=3
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
6d24aa6c759bf985377cb6d8da10653aab877022d6e6462f546e86bae4ae41e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
augusta.js
access-excel.tips/detroitchicago/ 		2 KB
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/detroitchicago/augusta.js?cb=24
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
content-length
958
tortoise.js
access-excel.tips/beardeddragon/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/beardeddragon/tortoise.js?gcb=2&cb=4
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
2ea07afd59f660225e82c177586447bf9960c48e6b1beb9b810e27a0be16ed9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
content-length
1378
armadillo.js
access-excel.tips/beardeddragon/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/beardeddragon/armadillo.js?gcb=2&cb=7
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
270d68c001d05e764b3ccd047bedf93a8376bfd08b44124a67b9fa31e335cea8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
content-length
1021
anchorfix.js
access-excel.tips/ezoic/ 		879 B
454 B 		Script
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/ezoic/anchorfix.js?cb=22
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
15f0626dd31e3e991a1c21d6304f2e370b92b3c91650de3d7ed8a38f1159a457

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, max-age=31536000
x-robots-tag
noindex, noindex
content-length
384
expires
Thu, 02 May 2024 22:46:28 GMT
stickyfix.js
access-excel.tips/detroitchicago/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/detroitchicago/stickyfix.js?gcb=2&cb=31
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
88ce7fcfdcbdbd2719f7d593c881146231102807eab18457f9c50a56313e8075

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
sidebarwall.js
access-excel.tips/detroitchicago/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/detroitchicago/sidebarwall.js?gcb=2&cb=19
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
c27c396b7f4c1ff33d934d2c66f082c7f81193203971648a114f862c9143c234

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
ezoic.png
go.ezodn.com/utilcave_com/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.ezodn.com/utilcave_com/img/ezoic.png
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
cf-cache-status
BYPASS
x-sol
middleton
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1181
last-modified
Wed, 03 May 2023 17:04:23 GMT
server
cloudflare
etag
"49d-5d9576f862e00-gzip-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjzOJLNr%2Bv3TBTVGlRrsdihcrl2EGDEJn0gPNh7X2b6%2BhbuxmlZQQjqG7cfk5o%2Fl5gMalzeQlLhhGAByFuRq%2B94I8%2FakN0nb%2Fyz25t5%2Fge4BSk1lIcglUblyBrVROSUhK3tcTSWL2sRbzEw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7c1c0a4a2f669bc8-FRA
expires
Wed, 10 May 2023 22:46:28 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41f1a42982e6e64717dfbb11cf457a653ffc7771c2dddeff322744f1e423d385
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24812
x-xss-protection
0
server
cafe
etag
634 / 19480 / m202305010101 / config-hash: 4027723343301255587
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 03 May 2023 22:46:28 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		227 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/edmontonalberta/calgary.js?cb=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-90-93.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e81437bacb2eadf8e9892f7c4423437a86ed8249bf77dcf71770909857779174

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:11:56 GMT
content-encoding
gzip
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 19:15:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, PRG50-C1
age
2073
x-amz-server-side-encryption
AES256
etag
W/"e301ce991ef543783521cd0156a962ee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
yV9YaLcfSJzl0idNbSkylyEC3IRW1AG67PyyCIFQ6zI4x7lZEXFQiA==
pixel;r=1839146771;labels=Domain.access_excel_tips%2CDomainId.98068;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Faccess-excel.tips%2F;uht=2;fpan=1;fpa=P0-1934290940-1683153988108;pbc=;ns=0;ce=1;qjs=1;q...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1839146771;labels=Domain.access_excel_tips%2CDomainId.98068;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Faccess-excel.tips%2F;uht=2;fpan=1;fpa=P0-1934290940-1683153988108;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;ref=;d=access-excel.tips;dst=0;et=1683153988233;tzo=0;ogl=locale.en_US%2Ctype.website%2Ctitle.Access-Excel%252ETips%2Cdescription.Provide%20Excel%20tutorials%252C%20tips%20and%20free%20VBA%20source%20code%252C%20including%20custom%20VBA%20Fun%2Curl.https%3A%2F%2Faccess-excel%252Etips%2F%2Csite_name.Access-Excel%252ETips;ses=7673278c-c23c-4163-95c4-87c3b0cf6def
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/ 		401 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
282b1607a57a6bef203e6016dc849f5162dd0ceae9d12296d476344afefffe41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 10:52:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
42864
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126853
x-xss-protection
0
server
cafe
etag
4617370205818610952
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 02 May 2024 10:52:04 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		898 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=access-excel.tips
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c9a76561053c056b66454cf299aa65fe5e3f5f924355ed296bce36c8b59df34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
387
x-xss-protection
0
expires
Wed, 03 May 2023 22:46:28 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Faccess-excel.tips&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-90-93.prg50.r.cloudfront.net
Software
Server /
Resource Hash
c044a3c9cdb186fb83cea1eeb7cf8ee76e0e084835c45cead97e96c855f8d857

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:38:41 GMT
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
age
467
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://access-excel.tips
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1639
x-amz-cf-id
l9DfZf1NmEbIHqPda1HN4E9Zqtp6vRks0FtwxOLruPkaFePEWiP8Ug==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Faccess-excel.tips%2F&pid=f1bh2vug3Uu7V&cb=0&ws=1600x1200&v=23.426.459&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-access_excel_tips-edge-2-0%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F1254144%2C22524957486%2Faccess_excel_tips-edge-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-access_excel_tips-edge-1-0%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F1254144%2C22524957486%2Faccess_excel_tips-edge-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-access_excel_tips-medrectangle-2-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C22524957486%2Faccess_excel_tips-medrectangle-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-access_excel_tips-banner-2-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C22524957486%2Faccess_excel_tips-banner-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-access_excel_tips-large-leaderboard-1-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C22524957486%2Faccess_excel_tips-large-leaderboard-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-access_excel_tips-box-2-0%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C22524957486%2Faccess_excel_tips-box-2%22%7D%5D&schain=1.0%2C1!ezoic.ai%2Cddb65775fd47b0a80d7d93e5f1900884%2C1%2C%2C%2Caccess-excel.tips&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 88cabd6b8652306789c6bc8090fbcb1a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
FJ2N1AGYV8NX0QQQP7J1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://access-excel.tips
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
umYq2TocKXnPAtF16OZ9y5dwsUSoWXAEuRZzy0E1oKHTjbvDOko2fQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-90-93.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
ZtsI5FMPcYjgnUSe6fFwOoK3szNfqbqS
content-encoding
gzip
via
1.1 f18b0bd4a5b62e5fb49428cc4789689e.cloudfront.net (CloudFront)
date
Wed, 03 May 2023 05:59:01 GMT
x-amz-cf-pop
PRG50-C1
age
60448
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 27 Apr 2023 23:46:51 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
XTSxtRJ_FszYlfDWVwAquVh6ovoDiN9emVan9soD3OZ3Rri1sTRYMA==
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=access-excel.tips
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=access-excel.tips
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.165.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-165-89.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://access-excel.tips
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 03 May 2023 22:46:28 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
tag
btloader.com/
Redirect Chain
  • https://btloader.com/tag?aax_id=AAX65WOCF&upapi=true
  • https://btloader.com/tag?o=5112081056530432&upapi=true
223 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5112081056530432&upapi=true
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a1d673f19348a1a820ae58996ce0a925fe7be63497acc1a9281570c5df36677

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 May 2023 22:41:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
293
etag
W/"4943fda915d8a391e05a694b5a82a6d1"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oN9iZvwEyp1VZ3KLhGzllgsmuYBqlWAx99oj%2F%2Fn5yb%2BYN7UEeRfC%2BRYCg4YK%2FVxqOybzwEfvhJP0Nf66r4Pw9Au4eaC65No1LHj6Pe4aMOxExISGlLgkqqNETfMTo4Lhr6RAMImdgK0mZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7c1c0a4c980c1cc1-FRA

Redirect headers

date
Wed, 03 May 2023 22:46:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUo68x20l4Cv6mwoSem34rImwEmtN1x7TfjNU6qnTEiyKf5z8DAtUPIm1q%2BL%2FOQpTPks%2BgklQpfkrVuzkj9U46L1o4r0OKg%2Fk0JSuGqg80dKjyBskus7shYWhucU6OVvqWK%2F16CKiwgXpA%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?o=5112081056530432&upapi=true
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7c1c0a4c7fe01cc1-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Faccess-excel.tips%2F&ref=&_it=amazon&partner_id=524
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 10:57:44 GMT
server
cloudflare
x-amz-request-id
GQKW019N2965JHHN
age
5207
etag
W/"2280e2148e4ee3c06f679f8fac039778"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7c1c0a4c7a27360b-FRA
x-amz-id-2
b3ImfROkoqdV2lCnw3i6gNRD4ccoWO5L6+cnXG0GCJu8OaLzXK86GTcCYLFGTN8jEIpiS9EMtVw=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
8HGAAJ5SPG01V3HV
age
1281
etag
W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7c1c0a4c6cbb1d94-FRA
x-amz-id-2
f161amAWddzOEKqFyIw1z52Y5MNS/KtI81MQGyxgUMhTiDS4PahByU0RD15HxgWIBN24MAWKZrTTCx8w+NnXNA==
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.165.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-165-89.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 03 May 2023 22:46:28 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3086173021649094&correlator=2648045360639410&eid=31072020%2C31074114%2C31074271&output=ldjh&gdfp_req=1&vrg=202305010101&ptt=17&impl=fifs&iu_parts=1254144%3A22524957486%2Caccess_excel_tips-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=2015605214&didk=3226511141&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D4089631723452980%26eid%3D4089631723452980%26t%3D134%26d%3D98068%26t1%3D134%26pvc%3D1%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod51%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Daccess_excel_tips-medrectangle-2-4089631723452980%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26bv%3D5%26bvm%3D0%26bvr%3D5%26avc%3D51%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D140%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C33%2C28%2C67%2C45%2C73%2C66%2C20%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C3676%2C774%26ax_ssid%3D10082&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1683153988482&lmt=1683153988&dlt=1683153987804&idt=614&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Faccess-excel.tips%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=78701096.1683153988&ga_sid=1683153988&ga_hid=30102739&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9684046606d9393d0e27e78e67b4a2273ecad707fc698927159b14dd01e77a01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
671
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://access-excel.tips
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BA80 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://access-excel.tips/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 22:46:28 GMT
expires
Thu, 02 May 2024 22:46:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3086173021649094&correlator=966003870168276&eid=31072020%2C31074114%2C31074271&output=ldjh&gdfp_req=1&vrg=202305010101&ptt=17&impl=fifs&iu_parts=1254144%3A22524957486%2Caccess_excel_tips-large-leaderboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=1714290205&didk=1397341517&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D8395547771431406%26eid%3D8395547771431406%26t%3D134%26d%3D98068%26t1%3D134%26pvc%3D1%26ap%3D1111%26sap%3D1111%26as%3Drevenue%26plat%3D1%26bra%3Dmod51%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D35%26al%3D1035%26compid%3D0%26tap%3Daccess_excel_tips-large-leaderboard-1-8395547771431406%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26bv%3D5%26bvm%3D0%26bvr%3D5%26avc%3D51%26shp%3D3%26ftsn%3D12%26ftsng%3D12%26br1%3D120%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D118%2C193%2C162%2C27%2C195%2C122%2C93%2C20%2C26%2C201%2C187%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C774%26ax_ssid%3D10082&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1683153988494&lmt=1683153988&dlt=1683153987804&idt=614&adxs=1046&adys=726&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Faccess-excel.tips%2F&frm=20&vis=1&psz=300x269&msz=300x250&fws=4&ohw=1600&ga_vid=78701096.1683153988&ga_sid=1683153988&ga_hid=30102739&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f396ecfb59904a14aec072dce52ce3b3a2c02eb71051ec2866efeee2a5af9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
592
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://access-excel.tips
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3086173021649094&correlator=2069795703681834&eid=31072020%2C31074114%2C31074271&output=ldjh&gdfp_req=1&vrg=202305010101&ptt=17&impl=fifs&iu_parts=1254144%3A22524957486%2Caccess_excel_tips-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=3&adks=967522019&didk=2907385517&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D1869903891433055%26eid%3D1869903891433055%26t%3D134%26d%3D98068%26t1%3D134%26pvc%3D1%26ap%3D1976%26sap%3D1976%26as%3Drevenue%26plat%3D1%26bra%3Dmod51%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Daccess_excel_tips-edge-2-1869903891433055%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26bv%3D5%26bvm%3D0%26bvr%3D5%26avc%3D51%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D140%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C774%26ax_ssid%3D10082&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1683153988499&lmt=1683153988&dlt=1683153987804&idt=614&adxs=1440&adys=304&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Faccess-excel.tips%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&ga_vid=78701096.1683153988&ga_sid=1683153988&ga_hid=30102739&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f1f22a626293c4abfd781c45f45a829b8b5dc91b1ee68d31dafd7a74147f0422
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
588
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://access-excel.tips
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3086173021649094&correlator=1049902324649929&eid=31072020%2C31074114%2C31074271&output=ldjh&gdfp_req=1&vrg=202305010101&ptt=17&impl=fifs&iu_parts=1254144%3A22524957486%2Caccess_excel_tips-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=4&adks=2561835832&didk=2907382422&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D5523073323433075%26eid%3D5523073323433075%26t%3D134%26d%3D98068%26t1%3D134%26pvc%3D1%26ap%3D1975%26sap%3D1975%26as%3Drevenue%26plat%3D1%26bra%3Dmod51%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Daccess_excel_tips-edge-1-5523073323433075%26eb_br%3D3530fcb6bcc13dc3c1712eaef7d92700%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26bv%3D5%26bvm%3D0%26bvr%3D5%26avc%3D51%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D160%26br2%3D80%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C774%26ax_ssid%3D10082&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1683153988503&lmt=1683153988&dlt=1683153987804&idt=614&adxs=0&adys=304&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Faccess-excel.tips%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&ga_vid=78701096.1683153988&ga_sid=1683153988&ga_hid=30102739&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45224c71922dcb5c75c1c474d1892c5c5d056d0411011b3149d06f58921c180e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
589
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://access-excel.tips
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3086173021649094&correlator=3063899805611842&eid=31072020%2C31074114%2C31074271&output=ldjh&gdfp_req=1&vrg=202305010101&ptt=17&impl=fifs&iu_parts=1254144%3A22524957486%2Caccess_excel_tips-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=5&adks=3335395872&didk=4219087503&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D8531206849486866%26eid%3D8531206849486866%26t%3D134%26d%3D98068%26t1%3D134%26pvc%3D1%26ap%3D1107%26sap%3D1107%26as%3Drevenue%26plat%3D1%26bra%3Dmod51%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Daccess_excel_tips-box-2-8531206849486866%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26bv%3D5%26bvm%3D0%26bvr%3D5%26avc%3D51%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D120%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C13%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C3676%2C774%26ax_ssid%3D10082&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1683153988508&lmt=1683153988&dlt=1683153987804&idt=614&adxs=215&adys=122&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Faccess-excel.tips%2F&frm=20&vis=1&psz=970x250&msz=970x250&fws=4&ohw=1600&ga_vid=78701096.1683153988&ga_sid=1683153988&ga_hid=30102739&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a0658aac5009b0bcad254c3f9671df8d4b741ea6023e6ac63ee869882aacae4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
590
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://access-excel.tips
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
1ba60d8f499edc2e87cd8e35a055d6b7c799e3e289e762f7a9e92820ae73483d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://access-excel.tips
date
Wed, 03 May 2023 22:46:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
hadron.json
id.hadron.ad.gt/v1/ 		102 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=524&sync=0&domain=access-excel.tips&url=https://access-excel.tips/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Faccess-excel.tips%2F&ref=&_it=amazon&partner_id=524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1700f631683ba382d2a19b17f569345b000a8d57d28c9f3e4d781680b1934541

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
7c1c0a4dee8e3620-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=524&sync=0&domain=access-excel.tips&url=https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://access-excel.tips
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
7c1c0a4d2dfc3620-FRA
content-length
0
content-type
application/json
date
Wed, 03 May 2023 22:46:28 GMT
debug
OPTIONS block
expires
Thu, 02 May 2024 22:46:28 GMT
server
cloudflare
px.gif
ad-delivery.net/ 		43 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1203766
x-guploader-uploadid
ADPycdttsfnevQBjH5Rq64zK7sYQ3JwCsjln_o8qR38o2jcTkcMENwQ9GueQFkjAUfBxkDn_6XCAc3jF4M4Gcr-n502tFg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWZmQMwc0msGLYgZlpbs7ULBhktNbmR%2Fzp4B%2F5%2FNUuF7ZDnAdDGiJ4NMHgighASGGu6Pp9LSdhOAWoXav4ooKgadns15gIdHaBxoZWCAYDbUBfUIX1jvB0NExjQ3zb1f5pGP%2B94sQIJVYTR0ig%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7c1c0a4d7d329b7a-FRA
expires
Thu, 20 Apr 2023 01:10:53 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:18:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1677
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 May 2023 22:18:31 GMT
px.gif
ad-delivery.net/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.1824054369760595
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1203766
x-guploader-uploadid
ADPycdttsfnevQBjH5Rq64zK7sYQ3JwCsjln_o8qR38o2jcTkcMENwQ9GueQFkjAUfBxkDn_6XCAc3jF4M4Gcr-n502tFg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MQSBwGCemdl%2B2OmMmG64%2FibrWVQXvRDu5jDQYNn3Bkpbovdlef61QlkTw9UGpvAKR0k3wRLkA2B84wUdV6nPXDojudkpK6tvxrP0qHvQD%2BJzzeoUmOaiwFxMAOiaA6kqpVLMM%2BOSmUEE1PtZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7c1c0a4d7d349b7a-FRA
expires
Thu, 20 Apr 2023 01:10:53 GMT
457.json
id5-sync.com/g/v2/ 		216 B
627 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/457.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
5d4423b610c2f56bb9c53fc192568ef1e834444494d32b0e3c7593e619af1732
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://access-excel.tips
date
Wed, 03 May 2023 22:46:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
country
api.btloader.com/ 		16 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=0rkBvh1P&w=6286174736351232&o=5112081056530432&cv=2.1.11-3-gabc8642&r=false&vr=1600x1200&pageURL=https%3A%2F%2Faccess-excel.tips%2F&sid=uaNosj1zC&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?aax_id=AAX65WOCF&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 03 May 2023 22:46:28 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
event
events.api.secureserver.net/t/1/tl/ 		43 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1683153988132&dh=access-excel.tips&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.63%20Safari%2F537.36&vci=175823106&cv=2.0.1&z=1382060569&vg=54f35fa0-96d2-5b78-b4ef-0ff0a839b182&vtg=54f35fa0-96d2-5b78-b4ef-0ff0a839b182&dp=%2F&ap=cpbh-mt&trfd=%7B%22ap%22%3A%22cpbh-mt%22%2C%22server%22%3A%22p3plmcpnl495151%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%224079231%22%7D&hit_id=65100c3c-24e5-55f4-b9b6-0b2a2d8bc75f&ht=pageview
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:d::210:f15c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Wed, 03 May 2023 22:46:28 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://access-excel.tips
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
greenoaks.gif
access-excel.tips/detroitchicago/ 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJkb21haW5faWQiOiI5ODA2OCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImRhdGEiOlt7Im5hbWUiOiJkZXZpY2Vfd2lkdGgiLCJ2YWwiOiIxNjAwIn0seyJuYW1lIjoiZGV2aWNlX2hlaWdodCIsInZhbCI6IjEyMDAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJkb21haW5faWQiOiI5ODA2OCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA1LTAzIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMjIifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMyJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiZG9tYWluX2lkIjoiOTgwNjgiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJkb21haW5faWQiOiI5ODA2OCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiZG9tYWluX2lkIjoiOTgwNjgiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX1d
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:27 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:27 GMT
greenoaks.gif
access-excel.tips/detroitchicago/ 		0
39 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJkb21haW5faWQiOiI5ODA2OCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjIwNyJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiMzE0In0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiIyNCJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiIzMTUifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiIzMzEifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiOTIyIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiZG9tYWluX2lkIjoiOTgwNjgiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfcGFpbnQiLCJ2YWwiOiI0OTQifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJkb21haW5faWQiOiI5ODA2OCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9jb250ZW50ZnVsX3BhaW50IiwidmFsIjoiNDk0In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiZG9tYWluX2lkIjoiOTgwNjgiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiZG9tYWluX2lkIjoiOTgwNjgiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjEwIn1dfV0=
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:28 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:28 GMT
greenoaks.gif
access-excel.tips/detroitchicago/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJkb21haW5faWQiOiI5ODA2OCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJkb21haW5faWQiOiI5ODA2OCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImRhdGEiOlt7Im5hbWUiOiJpc19hZF9ibG9ja2VkIiwidmFsIjoiZmFsc2UifV19XQ==
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:28 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305010101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15df1b0ab8ee96279cc5489eff36c012b0f2410e4b84bc50a507ea6de4e9ae34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11177
x-xss-protection
0
event
events.api.secureserver.net/t/1/tl/ 		43 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1683153988753&dh=access-excel.tips&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.63%20Safari%2F537.36&vci=175823106&cv=2.0.1&z=865261446&vg=54f35fa0-96d2-5b78-b4ef-0ff0a839b182&vtg=54f35fa0-96d2-5b78-b4ef-0ff0a839b182&dp=%2F&ap=cpbh-mt&trfd=%7B%22ap%22%3A%22cpbh-mt%22%2C%22server%22%3A%22p3plmcpnl495151%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%224079231%22%7D&hit_id=0889e20d-caca-5648-a5df-1a1acf7c7432&ht=perf&tce=1683153987694&tcs=1683153987641&tdc=1683153988746&tdclee=1683153988154&tdcles=1683153988150&tdi=1683153988138&tdl=1683153987804&tdle=1683153987641&tdls=1683153987593&tfs=1683153987592&tns=1683153987486&trqs=1683153987694&tre=1683153987824&trps=1683153987800&tles=1683153988746&tlee=0&nt=navigate&lcp=627&nav_type=hard
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:480:d::210:f15c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Wed, 03 May 2023 22:46:29 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://access-excel.tips
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
greenoaks.gif
access-excel.tips/detroitchicago/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJkb21haW5faWQiOiI5ODA2OCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9yZXF1ZXN0IiwidmFsIjoiMTA1OSJ9XX1d
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:28 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:28 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODUzMTIwNjg0OTQ4Njg2NiIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtYm94LTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwNywiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJhZF9sb2FkX3RpbWUiLCJ2YWwiOiIxMDU5In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:29 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 03 May 2023 22:46:28 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODM5NTU0Nzc3MTQzMTQwNiIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtbGFyZ2UtbGVhZGVyYm9hcmQtMS0wIiwidF9lcG9jaCI6MTY4MzE1Mzk4NywicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTExLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImFkX2xvYWRfdGltZSIsInZhbCI6IjEwODUifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:28 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:28 GMT
524
a.ad.gt/api/v1/u/matches/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/524?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Faccess-excel.tips%2F&ref=&_it=amazon&partner_id=524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ec56ad8988ac31bf71dc6d93e092dc78887cde29f97c995868a0af0a1b2e6b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 03 May 2023 22:44:21 GMT
server
cloudflare
age
128
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
7c1c0a4f8b172bd3-FRA
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTUyMzA3MzMyMzQzMzA3NSIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjE5NzUsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiYWRfbG9hZF90aW1lIiwidmFsIjoiMTA5NiJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:28 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:28 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDA4OTYzMTcyMzQ1Mjk4MCIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJhZF9sb2FkX3RpbWUiLCJ2YWwiOiIxMTA0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:27 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FE1E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://access-excel.tips/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
10688
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 19:48:21 GMT
expires
Thu, 02 May 2024 19:48:21 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FC2F 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a31990ef6cf4768ef7213f0c3d0a073206803e39befcb12c2e4cc7346b5c0c8d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Kk7FrPx05rS8lXRw84YTcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://access-excel.tips/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-Kk7FrPx05rS8lXRw84YTcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 22:46:29 GMT
expires
Wed, 03 May 2023 22:46:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg2OTkwMzg5MTQzMzA1NSIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtZWRnZS0yLTAiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjE5NzYsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiYWRfbG9hZF90aW1lIiwidmFsIjoiMTIzMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:29 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:29 GMT
iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
pagead2.googlesyndication.com/bg/ Frame FE1E 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa37b1b49143f1f0f5946a34c832d5a7c1da1e2be2a8f629322c66b13f191c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 19:59:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
10017
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 May 2024 19:59:32 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=access-excel.tips
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=access-excel.tips
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		152 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3086173021649094&correlator=729334606547309&eid=31072020%2C31074114%2C31074271&output=ldjh&gdfp_req=1&vrg=202305010101&ptt=17&impl=fifs&iu_parts=1254144%3A22524957486%2Caccess_excel_tips-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=6&adks=1691627960&didk=1036087055&sfv=1-0-40&ists=1&fas=8&prev_scp=eb_br%3D3530fcb6bcc13dc3c1712eaef7d92700%26bvr%3D8%26bra%3Dmod51%26al%3D1006%26d%3D98068%26reft%3Dn%26br1%3D160%26ic%3D1%26br2%3D120%26tap%3Daccess_excel_tips-pixel1-8501341621462737%26ga%3D2497208%26iid1%3D8501341621462737%26ap%3D9999%26ezoic%3D1&eri=1&sc=1&cookie=ID%3Dda08e8c63f9caaf4%3AT%3D1683153988%3AS%3DALNI_Mb-YCnrSe30cD2R4PpyZE-5lmBp4g&gpic=UID%3D00000bf5290f494f%3AT%3D1683153988%3ART%3D1683153988%3AS%3DALNI_MYjM2P41Zb1uK3-9sH1b_vIeUoiKg&abxe=1&dt=1683153989151&lmt=1683153989&dlt=1683153987804&idt=614&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Faccess-excel.tips%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=78701096.1683153988&ga_sid=1683153988&ga_hid=30102739&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d81c633a37db238618104e2387465fdc0a98e6ed228abf723727f719a0e278ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45507
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://access-excel.tips
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
59dec2944a255e7af6c299907b54df8fa8505437a95c203c6c5e2544e96c78e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 13:00:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
35179
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12712
x-xss-protection
0
server
cafe
etag
3305083077809332093
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 02 May 2024 13:00:10 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FC2F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305010101&jk=3086173021649094&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame FE1E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?qUVIsw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305010101&jk=3086173021649094&bg=!SUqlSh7NAAYcDqajPA47ADkAdvg8WjEFPaokUfK_jRbxvtxwenqPWfL2znO_WZSBp3K4UKy6TSexzRPlpJKWLDTjT8kJZddyStwCAAAAPlIAAAADaAEHmQLc-exYOJm7Y4eTj_CNO5MJ5tsf9lU4x7f-wmcdxneZSH2c8Me3qvA6ZdJKdAV_TrmEP3-aUunvhN9n8PAxbsowHTeq8h8-0LqsnSRP_oyeGzxXzFAF020vcYfQ1DATTkygr-zZgRts2xKov1YC6ellMxIXnwqxf-8F5Ue_5EV1zIK7WPhxp9QBJlRAtopFlvLTQ0GgeQZ6PmYwZXTTrwFc28CantFDbPNZvHFdZiizX9w292fI-ofKZdDKYYS5O7DLYqOSTsWVnZlWIQKZO4mHWmj6BjBnGZvHZgTGbmecba0UAZDOQzLsm_IHeA7JYpxD5PtNzqbL0L4kRwE8SqTBe5icF2gQmXk9NUVbiWJR-uFk7Sri9EuV3iNXiSCFDobEHn9Pya9rYW_l08a5EH5SyAKBfxtd1iIF0YlJEcS2q2A1nkLTcTI5RQzYmaSBhUUsnWq5UrR8tCpOcde8Hx6GPC4GnjNDGTaIlwWq81LzqmGoQBej0jzJic3k8p9M_YMQFt0F5mBF9XM2BD8Jp80kX_t3MbzcIWNR3oxHlypqBrw4I0RGoHdlCbjqqOL5F2h36efagnk4Qm67B_oQpqPYbuPemiXb1s9SF_-nfioZYsSpy7gVTbpKolbJw0Ao_VKRcTsVBOwxxYhWjxgfbQ2YS4_qVArify531Jr06WIQxoMT6GSupZlBecNlhH8wjPnca45I1b-waE70Wr_-jUfYqTZpbGgk160fH5bksMW0xyZ1yk9yfsyf_hr-C778AF5vMQWvd_j8_i9MkDZcU7vaKzroSi8X8cpdMWcBYXSYLDyuksuyJXWNyUo6KJc9LxAvbhpAkYO0YZS_emn3vPYau85Q3bb8MlG4WZ-RYaYiqnt07XnmNiWn1uGtuioPFaZJTT4M8K-Q1j6IpI2dRRhT7T5gX71_yyzZ3zHJk-jZOhhiQbt1Zvdsx1yjTkxqVSZkiHM0jQy0p1cctzdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 03 May 2023 22:46:30 GMT
x-content-type-options
nosniff
age
35180
x-jsd-version
master
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
732
x-served-by
cache-fra-eddf8230077-FRA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
QNZFRY7R9FJXK93W
age
3322
etag
W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7c1c0a567d8c1d94-FRA
x-amz-id-2
KKDhfGIrvMmWhKAufCzBC/nz7h+uhfzoYa3jYlHOyQKecIUrTE2oMNZPuo/P7zreNiWhD3nwINo=
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:11:08 GMT
via
1.1 google
age
2122
x-guploader-uploadid
ADPycdu_vBd8XI4vGUf5ATkJo5p5Zy37ed7sffX1qZeAZkCiijuUF3_5GUf6599BTsayicJqmtqRJMMezPPDi4SwtBROoA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1938
last-modified
Thu, 27 Apr 2023 19:53:17 GMT
server
UploadServer
etag
"0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation
1682625197861193
x-goog-hash
crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1938
accept-ranges
bytes
expires
Wed, 03 May 2023 23:11:08 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-19.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 00:30:12 GMT
content-encoding
gzip
via
1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 00:14:05 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
80179
x-amz-server-side-encryption
AES256
etag
W/"37e703da55f96b973658b8e7aeed0e93"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
Wyfjy5ZWsZFzmb_DBH7x_bRryIcyqbCqTBlIzndQK1uh4LPGRlEL9Q==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:3800:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Wed, 03 May 2023 02:50:39 GMT
Via
1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 04:07:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
PRG50-C1
Age
71752
x-amz-server-side-encryption
AES256
ETag
"aded621b17723f487b3c9d0e43cf2f94"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1859
X-Amz-Cf-Id
QgUn7H0M1_pnljnGos_oRdxH9GWnhmL_FQZdQC2JxEuQG-XkY1owrw==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 07:00:45 GMT
content-encoding
gzip
age
1093545
x-guploader-uploadid
ADPycdvJ9f2JAcW_u33Wuncj8S73-G6Q6wRUusXGmU1oTYHkwdtBIiLp1LRa7LAdcbtsWxYQGd2x5956XBCXTVQq42M4_Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 20 Apr 2024 07:00:45 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-9c21"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 04 May 2023 22:46:30 GMT
container.html
66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FBCE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://access-excel.tips/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 22:46:28 GMT
expires
Thu, 02 May 2024 22:46:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
greenoaks.gif
access-excel.tips/detroitchicago/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJkb21haW5faWQiOiI5ODA2OCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9sb2FkIiwidmFsIjoiMjM1MiJ9XX1d
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:30 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:30 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODUwMTM0MTYyMTQ2MjczNyIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImFjY2Vzc19leGNlbF90aXBzLXBpeGVsMSIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODUwMTM0MTYyMTQ2MjczNyIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImFjY2Vzc19leGNlbF90aXBzLXBpeGVsMSIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIzNTMwZmNiNmJjYzEzZGMzYzE3MTJlYWVmN2Q5MjcwMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODUwMTM0MTYyMTQ2MjczNyIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImFjY2Vzc19leGNlbF90aXBzLXBpeGVsMSIsInRfZXBvY2giOjE2ODMxNTM5ODcsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMTYsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDE2LCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg1MDEzNDE2MjE0NjI3MzciLCJkb21haW5faWQiOiI5ODA2OCIsInVuaXQiOiJhY2Nlc3NfZXhjZWxfdGlwcy1waXhlbDEiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ1OTEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg1MDEzNDE2MjE0NjI3MzciLCJkb21haW5faWQiOiI5ODA2OCIsInVuaXQiOiJhY2Nlc3NfZXhjZWxfdGlwcy1waXhlbDEiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:30 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:30 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODUwMTM0MTYyMTQ2MjczNyIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImFjY2Vzc19leGNlbF90aXBzLXBpeGVsMSIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA1LTAzIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMjIifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMyJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:29 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:29 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiODUwMTM0MTYyMTQ2MjczNyIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImFjY2Vzc19leGNlbF90aXBzLXBpeGVsMSIsInRfZXBvY2giOjE2ODMxNTM5ODcsImF1Y3Rpb25fZXBvY2giOjE2ODMxNTM5OTAsImFkX3Bvc2l0aW9uIjo5OTk5LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiYmlkX2Zsb29yX2luaXRpYWwiOjE2MCwiYmlkX2Zsb29yX3ByZXYiOm51bGwsImJpZF9mbG9vcl9maWxsZWQiOjE2MCwiYXVjdGlvbl9jb3VudCI6MSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6MTAyNCwibXVsdGlfYWRfdW5pdCI6bnVsbCwibXVsdGlfYWRfY291bnQiOm51bGwsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:29 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:29 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODUwMTM0MTYyMTQ2MjczNyIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImFjY2Vzc19leGNlbF90aXBzLXBpeGVsMSIsInRfZXBvY2giOjE2ODMxNTM5ODcsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJhZF9sb2FkX3RpbWUiLCJ2YWwiOiIyMzU0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:28 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:28 GMT
increment
id5-sync.com/api/esp/ 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://access-excel.tips
date
Wed, 03 May 2023 22:46:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
css2
fonts.googleapis.com/ Frame FBCE 		5 KB
755 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 May 2023 22:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 May 2023 22:13:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 May 2023 22:46:30 GMT
css
fonts.googleapis.com/ Frame D753 		9 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 May 2023 22:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 May 2023 22:07:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 May 2023 22:46:30 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame D753 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 17:43:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
18199
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 May 2023 17:43:11 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/ Frame D753 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/abg_lite_fy2021.js
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00d6272f8ba086bd63eed498e6a916b8d9eb0f51920af223b1596e0b72c9a4a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 17:34:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
18744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8743
x-xss-protection
0
server
cafe
etag
14489809188666054284
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 May 2023 17:34:06 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame D753 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/window_focus_fy2021.js
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 19:48:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
10689
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 May 2023 19:48:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame D753 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7141471cf38c1e5f68499d03fc12899c1d4f91358d533881a7c5e8ddf10a5ad5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 17:35:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
18635
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7957
x-xss-protection
0
server
cafe
etag
10936619172403307163
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 May 2023 17:35:55 GMT
l
www.google.com/ads/measurement/ Frame D753 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSVsCKowheexc8kRaHBjWemJ2qB_DhrHdtDubo0MsdRcVW9O6Erw521N1009ysVlnMEwAondjGK12-dhnuzGzDYCgKByQ
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D753 		160 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50014
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683113006724128"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 22:46:30 GMT
dc885651c24f3a38cf2b2dda4c5c7197.js
www.gstatic.com/mysidia/ Frame D753 		32 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/dc885651c24f3a38cf2b2dda4c5c7197.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 00:42:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13586
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 20:09:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 31 Jul 2023 00:42:45 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/elements/html/ Frame FBCE 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 18:31:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
15330
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8031
x-xss-protection
0
server
cafe
etag
4566461469134147509
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 May 2023 18:31:00 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FBCE 		205 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 20:04:18 GMT
x-content-type-options
nosniff
age
9732
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 02 May 2024 20:04:18 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FBCE 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 21:05:51 GMT
x-content-type-options
nosniff
age
6039
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 02 May 2024 21:05:51 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Faccess-excel.tips%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Faccess-excel.tips%2F&rid=esp&cc=1
85 B
204 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Faccess-excel.tips%2F&rid=esp&cc=1
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
29c906279c72c25bbf711129a63996f8ed88db0bd356d02b63003a63230b5a9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:30 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-SeBivh2lZGDBXtYiEqFNPZ+mZ78"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://access-excel.tips
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 03 May 2023 22:46:30 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://access-excel.tips
location
/esp?url=https%3A%2F%2Faccess-excel.tips%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
s
googleads.g.doubleclick.net/pagead/drt/ Frame 90E4 		143 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2218
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 22:09:32 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 225A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
26922
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 15:17:48 GMT
etag
48472445140208031
expires
Thu, 04 May 2023 15:17:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
map
bcp.crwdcntrl.net/6/ 		60 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.31.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-31-84.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ca7d371523a7bfaa5afc0bdc68f5aa879390e5fb2cf9e778ebcb6f6a44597b4b

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:30 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://access-excel.tips
cache-control
no-cache
x-server
10.45.28.80
access-control-allow-credentials
true
content-length
60
expires
0
encrypt
esp.rtbhouse.com/ 		221 B
315 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
5e640ab8eefc7f2713860454ace4faa1ff3b0f729b400bf35c83905a55995214

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 May 2023 22:46:30 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
02bc7c0eca8aab72198b66bf9c2c633f
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
221
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://access-excel.tips
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://access-excel.tips
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Wed, 03 May 2023 22:46:30 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
9777567367b69791b644b2bb6da364f9
i.match
s.tribalfusion.com/z/ Frame 225A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEK8gGliwWVBkyxGPZ9_7sRY&google_cver=1&google_push=ATf1kGMc_emq3_trsgQASjNhVHCoTwhjbBHEgbWXoY88xRSSFzVJkKfcuxIFXyLyZcQO7vDj-4JVvEWvDmwbPFTj3J8tX0JxBYs&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK8gGliwWVBkyxGPZ9_7sRY&google_cver=1&google_push=ATf1kGMc_emq3_trsgQASjNhVHCoTwhjbBHEgbWXoY88xRSSFzVJkKfcuxIFXyLyZcQO7vDj-4JVvEWvDmwbPFTj3J8tX0JxBYs...
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK8gGliwWVBkyxGPZ9_7sRY&google_cver=1&google_push=ATf1kGMc_emq3_trsgQASjNhVHCoTwhjbBHEgbWXoY88xRSSFzVJkKfcuxIFXyLyZcQO7vDj-4JVvEWvDmwbPFTj3J8tX0JxBYs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMc_emq3_trsgQASjNhVHCoTwhjbBHEgbWXoY88xRSSFzVJkKfcuxIFXyLyZcQO7vDj-4JVvEWvDmwbPFTj3J8tX0JxBYs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:30 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c1c0a593ad02bb2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:30 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
185
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK8gGliwWVBkyxGPZ9_7sRY&google_cver=1&google_push=ATf1kGMc_emq3_trsgQASjNhVHCoTwhjbBHEgbWXoY88xRSSFzVJkKfcuxIFXyLyZcQO7vDj-4JVvEWvDmwbPFTj3J8tX0JxBYs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGMc_emq3_trsgQASjNhVHCoTwhjbBHEgbWXoY88xRSSFzVJkKfcuxIFXyLyZcQO7vDj-4JVvEWvDmwbPFTj3J8tX0JxBYs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7c1c0a57d9b72bb2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 225A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDWvQvbMCMfkSXhEQKtc9PY&google_push=ATf1kGN1QfUo1hswx73OVsKE-FwEHXkwfoOhNEeoLm4pu-PBg1tUR16Kh2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDWvQvbMCMfkSXhEQKtc9PY&google_push=ATf1kGN1QfUo1hswx73OVsKE-FwEHXkwfoOhNEeoLm4pu-PBg1tUR16Kh2koSfJKqtOslgbCd-TlL3H4TkabRBUA3lCzc7zvQQ
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-etou8220067-FRA
pragma
no-cache
date
Wed, 03 May 2023 22:46:30 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1683153990.384177,VS0,VE92
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDWvQvbMCMfkSXhEQKtc9PY&google_push=ATf1kGN1QfUo1hswx73OVsKE-FwEHXkwfoOhNEeoLm4pu-PBg1tUR16Kh2koSfJKqtOslgbCd-TlL3H4TkabRBUA3lCzc7zvQQ
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 225A 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEHGa3lr1o1fmiypYde_TJCg&google_cver=1&google_push=ATf1kGNsFxOc4O2zJ8JQsqp4CWHy33iVjNVtf6iqnFzJuk3DXz71lnd9oszQGWB1VgqytMzAMSVFFFar8w9susgf0-B8Jgj9_Q
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:30 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 225A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBPHjHBOoB5M-1ag8wW45Uw&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBPHjHBOoB5M-1ag8wW45Uw&google_push=AT...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBPHjHBOoB5M-1ag8wW45Uw&google_hm=ZFLkRsoLeJgLk4lPdSyTVQAACJsAAAIB&google_nid=index&google_push=ATf1kGMpIn62PHhPWBuX6elsuea82TYeaCICH...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBPHjHBOoB5M-1ag8wW45Uw&google_hm=ZFLkRsoLeJgLk4lPdSyTVQAACJsAAAIB&google_nid=index&google_push=ATf1kGMpIn62PHhPWBuX6elsuea82TYeaCICHgQOzK5p2SdBaJKeoMQ5OL_UUXMH88oP5-d9CU8TA8JP0dAbnq8r5dYiDgHkvbo
Protocol
H2
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 03 May 2023 22:46:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBPHjHBOoB5M-1ag8wW45Uw&google_hm=ZFLkRsoLeJgLk4lPdSyTVQAACJsAAAIB&google_nid=index&google_push=ATf1kGMpIn62PHhPWBuX6elsuea82TYeaCICHgQOzK5p2SdBaJKeoMQ5OL_UUXMH88oP5-d9CU8TA8JP0dAbnq8r5dYiDgHkvbo
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
us
sync.go.sonobi.com/ Frame 225A 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGNzVb74g1yPsqkfL6MazmdmWQZ12DcnV8DLsrkaJkcYcjzXxDHuoaurnRZmAP_W88yaOMow_MUvtVlFNYj7O-tkSLYZEKY%26google_hm%3D%5BUID%5D&google_gid=CAESEIoQRLCZZofREIy9a1ag7zc&google_cver=1
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.75 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 May 2023 22:46:30 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-19
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
rtb2-useast.e-volution.ai/ Frame 225A 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEO_9NLdE6WmRb66kI4jRTP8&google_cver=1&google_push=ATf1kGNHb_Ee51mUd5XJY9v60xSxHpoyp9bE42hJfoUQGc8eUiH2l4NEWSmmT17vdHPVRx0L1kuTuJ8xS9Yj2HMfsHfyBWVPSxxT
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 May 2023 22:46:30 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 225A
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESENm_UnvCzr5Pc-p9f9jiLXo&google_cver=1&google_push=ATf1kGPekBcxaa5FR...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESENm_UnvCzr5Pc-p9f9jiLXo%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDU1Nzg1ODg3NTI4MTc4MjQ2&google_gid=CAESENm_UnvCzr5Pc-p9f9jiLXo&google_cver=1&google_push=ATf1kGPekBcxaa5FRKmBoDFz5LrUX6b7zil1D1mv4V...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDU1Nzg1ODg3NTI4MTc4MjQ2&google_gid=CAESENm_UnvCzr5Pc-p9f9jiLXo&google_cver=1&google_push=ATf1kGPekBcxaa5FRKmBoDFz5LrUX6b7zil1D1mv4V3zZPtxMuHMfZNhLlrvJNT-qb7gZe4zqUmU51sX31o8Zda03NKbfTeOsNGu
Protocol
H2
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 03 May 2023 22:46:30 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
eec81015-6ef0-44be-90c3-11e4c9083c7e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDU1Nzg1ODg3NTI4MTc4MjQ2&google_gid=CAESENm_UnvCzr5Pc-p9f9jiLXo&google_cver=1&google_push=ATf1kGPekBcxaa5FRKmBoDFz5LrUX6b7zil1D1mv4V3zZPtxMuHMfZNhLlrvJNT-qb7gZe4zqUmU51sX31o8Zda03NKbfTeOsNGu
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 225A 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KuP3ci_aIzVp5gdM41FJb_SRk3iYv9ItAtc5ac6JQ7O6N50eR87nQwc6IQixJ3uJW6G0QyrP0
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:30 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
syncframe
gum.criteo.com/ Frame 0D1C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=access-excel.tips
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://access-excel.tips/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 22:46:29 GMT
server
Kestrel
server-processing-duration-in-ticks
433490
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
si
googleads.g.doubleclick.net/pagead/drt/ Frame 90E4
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
307 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 22:46:30 GMT
expires
Wed, 03 May 2023 22:46:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 22:46:30 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sid
mug.criteo.com/ Frame 0D1C
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=access-excel.tips&sn=ChromeSyncframe&so=0&topUrl=access-excel.tips&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=LnTQMHwydHRXbEJYbCt6Y1FUMWVuWCt2N2pBc3g4NTA5R0NlakVkeVNIQTVuVXhZVDZkak9FbjFjelIzeFZGQmFjRG1Tc3VFRVMrWXJVUmxISzJFVktkaXJ4RmtpcmhpU1RuemYyb3U4VHRsS3FyeExzSjZaQURrZ3JvSn...
449 B
682 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=LnTQMHwydHRXbEJYbCt6Y1FUMWVuWCt2N2pBc3g4NTA5R0NlakVkeVNIQTVuVXhZVDZkak9FbjFjelIzeFZGQmFjRG1Tc3VFRVMrWXJVUmxISzJFVktkaXJ4RmtpcmhpU1RuemYyb3U4VHRsS3FyeExzSjZaQURrZ3JvSnZsVmh1ZkhPVFZDbDVjaDZTaXRqSDdSOTluWjhxczBNMENMQkNoZktwc1BnWkZhMGZmNGZsZ2FXcHA2SVFxcjdRci85TWlIYktiYkZKbW5lSlRkSWUvbTNxQ3M3QnllSm83bmhCdGpqWFk0R3IwN1dXU3ZhemJjWU5SSFBPcG9aZlJDaWp4ZWFyRFZvQ2p6dmZXME45Vll2QXV1Ly83eEhuVjNNQnhJaEtKcmJtSGhVdmtscz18&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ca9c650159c0a01216545024f283fd56f9bc6017bf575ae16f1787904c8398de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:30 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1276405
expires
0

Redirect headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:29 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=LnTQMHwydHRXbEJYbCt6Y1FUMWVuWCt2N2pBc3g4NTA5R0NlakVkeVNIQTVuVXhZVDZkak9FbjFjelIzeFZGQmFjRG1Tc3VFRVMrWXJVUmxISzJFVktkaXJ4RmtpcmhpU1RuemYyb3U4VHRsS3FyeExzSjZaQURrZ3JvSnZsVmh1ZkhPVFZDbDVjaDZTaXRqSDdSOTluWjhxczBNMENMQkNoZktwc1BnWkZhMGZmNGZsZ2FXcHA2SVFxcjdRci85TWlIYktiYkZKbW5lSlRkSWUvbTNxQ3M3QnllSm83bmhCdGpqWFk0R3IwN1dXU3ZhemJjWU5SSFBPcG9aZlJDaWp4ZWFyRFZvQ2p6dmZXME45Vll2QXV1Ly83eEhuVjNNQnhJaEtKcmJtSGhVdmtscz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
316460
content-length
0
expires
0
iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
pagead2.googlesyndication.com/bg/ Frame F914 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa37b1b49143f1f0f5946a34c832d5a7c1da1e2be2a8f629322c66b13f191c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 19:59:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
10018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 May 2024 19:59:32 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame F3F0 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://access-excel.tips/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 03 May 2023 22:46:30 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
si
capi.connatix.com/tr/ 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/tr/si?token=dceed97a-951e-4c47-b565-c2794ffae817&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7c1c0a5d3b539164-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
connatix.player.dc.js
cds.connatix.com/p/264617/ Frame FFB1
Redirect Chain
  • https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
  • https://cds.connatix.com/p/264617/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1
1023 KB
265 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/264617/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1
Protocol
H2
Server
104.18.33.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8832731666cf4f12ff3b33d347fcebcd188e66de3bde425b0415161dd09fe32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:31 GMT
x-amz-version-id
9mc1BD4WKYccUmXUlSo31ZVNKUPFf1ef
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 03 May 2023 15:52:06 GMT
server
cloudflare
etag
W/"bdef3c2fa2d9e5c23a82cefb1e767c13"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
7c1c0a5e49d9910c-FRA
access-control-allow-headers
range
expires
Thu, 02 May 2024 22:46:31 GMT

Redirect headers

date
Wed, 03 May 2023 22:46:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
location
https://cds.connatix.com/p/264617/connatix.player.dc.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882&tier=1
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
7c1c0a5d3959910c-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=access-excel.tips
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=access-excel.tips
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3086173021649094&correlator=4084946729298184&eid=31072020%2C31074114%2C31074271&output=ldjh&gdfp_req=1&vrg=202305010101&ptt=17&impl=fifs&iu_parts=1254144%3A22524957486%2Caccess_excel_tips-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=7&adks=2015605214&didk=3226511141&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D4089631723452980%26eid%3D4089631723452980%26t%3D134%26d%3D98068%26t1%3D134%26pvc%3D1%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod51%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Daccess_excel_tips-medrectangle-2-4089631723452980%26eb_br%3D2c1fa87e8d863c5c375068c7340eb8e6%2C527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26bv%3D5%26bvm%3D0%26bvr%3D5%26avc%3D51%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D70%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C33%2C28%2C67%2C45%2C73%2C66%2C20%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C3676%2C774%2C19%2C2610%2C2688%2C3045%26ax_ssid%3D10082%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26lb%3D140%26reqt%3D1683153991517&eri=1&sc=1&cookie=ID%3Dda08e8c63f9caaf4%3AT%3D1683153988%3AS%3DALNI_Mb-YCnrSe30cD2R4PpyZE-5lmBp4g&gpic=UID%3D00000bf5290f494f%3AT%3D1683153988%3ART%3D1683153988%3AS%3DALNI_MYjM2P41Zb1uK3-9sH1b_vIeUoiKg&abxe=1&dt=1683153991537&lmt=1683153991&dlt=1683153987804&idt=614&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Faccess-excel.tips%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=78701096.1683153988&ga_sid=1683153988&ga_hid=30102739&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYheSunv4wSABSAghkEhkKCnB1YmNpZC5vcmcY6uSunv4wSABSAghqEsIBCghydGJob3VzZRKsAWpvNm9aYWZyd1V6MkpEUGJrcTU0SEFkZWkxbktmWTl1S1FHTVA4bDhRZ0hmazBrZFpjcG9tMlVyMzM3VjhIMWg4VTFNdjZKcnR0Y21hM3YwWmhFT0VzT2lKVEUrWjlDQVpwOTJUbFY4TS9uVk1SK2JqQ2F5UWtXZEN0WThxZnpRNWdBcTg5QkQzNDE4ZFJiMVBVaE5BMkNmcG1yeVUzK1kwN0VBc2dQZnBuQT0Yweaunv4wSAASHQoOZXNwLmNyaXRlby5jb20YhuSunv4wSABSAghkEhkKCnVpZGFwaS5jb20YheSunv4wSABSAghkEj4KBW9wZW54EixleUpwSWpvaVNqVkRMM3BvWTBGVE1rZEhSbWw2V1RWa1RVSlFkejA5SW4wPRjQ566e_jBIABIbCgxpZDUtc3luYy5jb20Y-OSunv4wSABSAghq
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec895e32c7270731a299bf3935b9d927b3af78079eb6ccf7a70095f91ab3d28b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9120
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://access-excel.tips
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3086173021649094&correlator=1786826797853301&eid=31072020%2C31074114%2C31074271&output=ldjh&gdfp_req=1&vrg=202305010101&ptt=17&impl=fifs&iu_parts=1254144%3A22524957486%2Caccess_excel_tips-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=8&adks=967522019&didk=2907385517&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D1869903891433055%26eid%3D1869903891433055%26t%3D134%26d%3D98068%26t1%3D134%26pvc%3D1%26ap%3D1976%26sap%3D1976%26as%3Drevenue%26plat%3D1%26bra%3Dmod51%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Daccess_excel_tips-edge-2-1869903891433055%26eb_br%3D2c1fa87e8d863c5c375068c7340eb8e6%2C527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26bv%3D5%26bvm%3D0%26bvr%3D5%26avc%3D51%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D70%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C774%2C19%2C2610%2C2688%2C3045%26ax_ssid%3D10082%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26lb%3D140%26reqt%3D1683153991509&eri=1&sc=1&cookie=ID%3Dda08e8c63f9caaf4%3AT%3D1683153988%3AS%3DALNI_Mb-YCnrSe30cD2R4PpyZE-5lmBp4g&gpic=UID%3D00000bf5290f494f%3AT%3D1683153988%3ART%3D1683153988%3AS%3DALNI_MYjM2P41Zb1uK3-9sH1b_vIeUoiKg&abxe=1&dt=1683153991545&lmt=1683153991&dlt=1683153987804&idt=614&adxs=1440&adys=304&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Faccess-excel.tips%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=78701096.1683153988&ga_sid=1683153988&ga_hid=30102739&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYheSunv4wSABSAghkEhkKCnB1YmNpZC5vcmcY6uSunv4wSABSAghqEsIBCghydGJob3VzZRKsAWpvNm9aYWZyd1V6MkpEUGJrcTU0SEFkZWkxbktmWTl1S1FHTVA4bDhRZ0hmazBrZFpjcG9tMlVyMzM3VjhIMWg4VTFNdjZKcnR0Y21hM3YwWmhFT0VzT2lKVEUrWjlDQVpwOTJUbFY4TS9uVk1SK2JqQ2F5UWtXZEN0WThxZnpRNWdBcTg5QkQzNDE4ZFJiMVBVaE5BMkNmcG1yeVUzK1kwN0VBc2dQZnBuQT0Yweaunv4wSAASHQoOZXNwLmNyaXRlby5jb20YhuSunv4wSABSAghkEhkKCnVpZGFwaS5jb20YheSunv4wSABSAghkEj4KBW9wZW54EixleUpwSWpvaVNqVkRMM3BvWTBGVE1rZEhSbWw2V1RWa1RVSlFkejA5SW4wPRjQ566e_jBIABIbCgxpZDUtc3luYy5jb20Y-OSunv4wSABSAghq
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f08a8dd064fa5c581845dc9bd3525527a147274517072d6d2a0309aa2a788b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11892
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://access-excel.tips
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3086173021649094&correlator=1831413727030921&eid=31072020%2C31074114%2C31074271&output=ldjh&gdfp_req=1&vrg=202305010101&ptt=17&impl=fifs&iu_parts=1254144%3A22524957486%2Caccess_excel_tips-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=9&adks=2561835832&didk=2907382422&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D5523073323433075%26eid%3D5523073323433075%26t%3D134%26d%3D98068%26t1%3D134%26pvc%3D1%26ap%3D1975%26sap%3D1975%26as%3Drevenue%26plat%3D1%26bra%3Dmod51%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Daccess_excel_tips-edge-1-5523073323433075%26eb_br%3D2045167b6b8fb0fb31ddc0b75e5fad33%2Cdfa60cee6e1053fc0c9e607c8047bd28%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26bv%3D5%26bvm%3D0%26bvr%3D5%26avc%3D51%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D80%26br2%3D80%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C774%2C17%2C19%2C2351%2C2610%2C2688%26ax_ssid%3D10082%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26lb%3D160%26reqt%3D1683153991521&eri=1&sc=1&cookie=ID%3Dda08e8c63f9caaf4%3AT%3D1683153988%3AS%3DALNI_Mb-YCnrSe30cD2R4PpyZE-5lmBp4g&gpic=UID%3D00000bf5290f494f%3AT%3D1683153988%3ART%3D1683153988%3AS%3DALNI_MYjM2P41Zb1uK3-9sH1b_vIeUoiKg&abxe=1&dt=1683153991555&lmt=1683153991&dlt=1683153987804&idt=614&adxs=0&adys=304&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Faccess-excel.tips%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=78701096.1683153988&ga_sid=1683153988&ga_hid=30102739&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYheSunv4wSABSAghkEhkKCnB1YmNpZC5vcmcY6uSunv4wSABSAghqEsIBCghydGJob3VzZRKsAWpvNm9aYWZyd1V6MkpEUGJrcTU0SEFkZWkxbktmWTl1S1FHTVA4bDhRZ0hmazBrZFpjcG9tMlVyMzM3VjhIMWg4VTFNdjZKcnR0Y21hM3YwWmhFT0VzT2lKVEUrWjlDQVpwOTJUbFY4TS9uVk1SK2JqQ2F5UWtXZEN0WThxZnpRNWdBcTg5QkQzNDE4ZFJiMVBVaE5BMkNmcG1yeVUzK1kwN0VBc2dQZnBuQT0Yweaunv4wSAASHQoOZXNwLmNyaXRlby5jb20YhuSunv4wSABSAghkEhkKCnVpZGFwaS5jb20YheSunv4wSABSAghkEj4KBW9wZW54EixleUpwSWpvaVNqVkRMM3BvWTBGVE1rZEhSbWw2V1RWa1RVSlFkejA5SW4wPRjQ566e_jBIABIbCgxpZDUtc3luYy5jb20Y-OSunv4wSABSAghq
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b683a89798bdc87420a8e9cd5664d90bdb049621538e532e335e09231a7ecd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11695
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://access-excel.tips
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3086173021649094&correlator=838332452522992&eid=31072020%2C31074114%2C31074271&output=ldjh&gdfp_req=1&vrg=202305010101&ptt=17&impl=fifs&iu_parts=1254144%3A22524957486%2Caccess_excel_tips-large-leaderboard-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=10&adks=1714290205&didk=1397341517&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D8395547771431406%26eid%3D8395547771431406%26t%3D134%26d%3D98068%26t1%3D134%26pvc%3D1%26ap%3D1111%26sap%3D1111%26as%3Drevenue%26plat%3D1%26bra%3Dmod51%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D35%26al%3D1035%26compid%3D0%26tap%3Daccess_excel_tips-large-leaderboard-1-8395547771431406%26eb_br%3Dccfa51bd57bf7c8733d23a1a2233a455%2Cc352ba581bd3ffd8cea608cf2d55f519%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26bv%3D5%26bvm%3D0%26bvr%3D5%26avc%3D51%26shp%3D3%26ftsn%3D12%26ftsng%3D12%26br1%3D60%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D118%2C193%2C162%2C27%2C195%2C122%2C93%2C20%2C26%2C201%2C187%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C774%2C19%2C2688%2C3045%2C4276%26ax_ssid%3D10082%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26lb%3D120%26reqt%3D1683153991527&eri=1&sc=1&cookie=ID%3Dda08e8c63f9caaf4%3AT%3D1683153988%3AS%3DALNI_Mb-YCnrSe30cD2R4PpyZE-5lmBp4g&gpic=UID%3D00000bf5290f494f%3AT%3D1683153988%3ART%3D1683153988%3AS%3DALNI_MYjM2P41Zb1uK3-9sH1b_vIeUoiKg&abxe=1&dt=1683153991561&lmt=1683153991&dlt=1683153987804&idt=614&adxs=1046&adys=726&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Faccess-excel.tips%2F&frm=20&vis=1&psz=300x269&msz=300x250&fws=4&ohw=1600&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=78701096.1683153988&ga_sid=1683153988&ga_hid=30102739&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYheSunv4wSABSAghkEhkKCnB1YmNpZC5vcmcY6uSunv4wSABSAghqEsIBCghydGJob3VzZRKsAWpvNm9aYWZyd1V6MkpEUGJrcTU0SEFkZWkxbktmWTl1S1FHTVA4bDhRZ0hmazBrZFpjcG9tMlVyMzM3VjhIMWg4VTFNdjZKcnR0Y21hM3YwWmhFT0VzT2lKVEUrWjlDQVpwOTJUbFY4TS9uVk1SK2JqQ2F5UWtXZEN0WThxZnpRNWdBcTg5QkQzNDE4ZFJiMVBVaE5BMkNmcG1yeVUzK1kwN0VBc2dQZnBuQT0Yweaunv4wSAASHQoOZXNwLmNyaXRlby5jb20YhuSunv4wSABSAghkEhkKCnVpZGFwaS5jb20YheSunv4wSABSAghkEj4KBW9wZW54EixleUpwSWpvaVNqVkRMM3BvWTBGVE1rZEhSbWw2V1RWa1RVSlFkejA5SW4wPRjQ566e_jBIABIbCgxpZDUtc3luYy5jb20Y-OSunv4wSABSAghq
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bef08583420100c979a6b7700b11c480430fe0751a13cd521dd0b22734d2d14e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8854
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://access-excel.tips
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3086173021649094&correlator=1301069738669329&eid=31072020%2C31074114%2C31074271&output=ldjh&gdfp_req=1&vrg=202305010101&ptt=17&impl=fifs&iu_parts=1254144%3A22524957486%2Caccess_excel_tips-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=11&adks=3335395872&didk=4219087503&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D8531206849486866%26eid%3D8531206849486866%26t%3D134%26d%3D98068%26t1%3D134%26pvc%3D1%26ap%3D1107%26sap%3D1107%26as%3Drevenue%26plat%3D1%26bra%3Dmod51%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Daccess_excel_tips-box-2-8531206849486866%26eb_br%3Dccfa51bd57bf7c8733d23a1a2233a455%2Cc352ba581bd3ffd8cea608cf2d55f519%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26bv%3D5%26bvm%3D0%26bvr%3D5%26avc%3D51%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D60%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C13%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C919%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3933%2C4184%2C4185%2C4186%2C4604%2C4605%2C3676%2C774%2C19%2C2688%2C3045%2C4276%26ax_ssid%3D10082%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26lb%3D120%26reqt%3D1683153991565&eri=1&sc=1&cookie=ID%3Dda08e8c63f9caaf4%3AT%3D1683153988%3AS%3DALNI_Mb-YCnrSe30cD2R4PpyZE-5lmBp4g&gpic=UID%3D00000bf5290f494f%3AT%3D1683153988%3ART%3D1683153988%3AS%3DALNI_MYjM2P41Zb1uK3-9sH1b_vIeUoiKg&abxe=1&dt=1683153991571&lmt=1683153991&dlt=1683153987804&idt=614&adxs=215&adys=122&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Faccess-excel.tips%2F&frm=20&vis=1&psz=970x250&msz=970x250&fws=4&ohw=1600&psts=ABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN%2CABHeCvhldhvV4TW_scWGrI9ycJUN&ga_vid=78701096.1683153988&ga_sid=1683153988&ga_hid=30102739&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYheSunv4wSABSAghkEhkKCnB1YmNpZC5vcmcY6uSunv4wSABSAghqEsIBCghydGJob3VzZRKsAWpvNm9aYWZyd1V6MkpEUGJrcTU0SEFkZWkxbktmWTl1S1FHTVA4bDhRZ0hmazBrZFpjcG9tMlVyMzM3VjhIMWg4VTFNdjZKcnR0Y21hM3YwWmhFT0VzT2lKVEUrWjlDQVpwOTJUbFY4TS9uVk1SK2JqQ2F5UWtXZEN0WThxZnpRNWdBcTg5QkQzNDE4ZFJiMVBVaE5BMkNmcG1yeVUzK1kwN0VBc2dQZnBuQT0Yweaunv4wSAASHQoOZXNwLmNyaXRlby5jb20YhuSunv4wSABSAghkEhkKCnVpZGFwaS5jb20YheSunv4wSABSAghkEj4KBW9wZW54EixleUpwSWpvaVNqVkRMM3BvWTBGVE1rZEhSbWw2V1RWa1RVSlFkejA5SW4wPRjQ566e_jBIABIbCgxpZDUtc3luYy5jb20Y-OSunv4wSABSAghq
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e01f602ee63bf027e04fa14f95016c2128fb0672137e17b9088f263fe1432c7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11590
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://access-excel.tips
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODUwMTM0MTYyMTQ2MjczNyIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImFjY2Vzc19leGNlbF90aXBzLXBpeGVsMSIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlsxNjAwLDEyMDBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4NTAxMzQxNjIxNDYyNzM3IiwiZG9tYWluX2lkIjoiOTgwNjgiLCJ1bml0IjoiYWNjZXNzX2V4Y2VsX3RpcHMtcGl4ZWwxIiwidF9lcG9jaCI6MTY4MzE1Mzk4NywiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4NTAxMzQxNjIxNDYyNzM3IiwiZG9tYWluX2lkIjoiOTgwNjgiLCJ1bml0IjoiYWNjZXNzX2V4Y2VsX3RpcHMtcGl4ZWwxIiwidF9lcG9jaCI6MTY4MzE1Mzk4NywiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiJ1bmRlZmluZWQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:31 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:31 GMT
player.css
cds.connatix.com/p/264617/ 		65 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/264617/player.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d4d7169daabc676334f89544fef9f89cda2616e5d87c47630fb052f3cff2a35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:31 GMT
x-amz-version-id
u_.3GnSWe58dhsZIxWw3Vzib19DumXX1
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 03 May 2023 15:52:07 GMT
server
cloudflare
etag
W/"8515afd25779c595316d81b3d9c8593c"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
7c1c0a617b74910c-FRA
access-control-allow-headers
range
expires
Thu, 02 May 2024 22:46:31 GMT
/
pl.connatix.com/ Frame FFB1 		2 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pl.connatix.com/
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=5f049401-746e-4449-8c27-b6b9d8e25882
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 03 May 2023 22:46:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cf-ray
7c1c0a625d051959-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2
container.html
66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1CDC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://access-excel.tips/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 22:46:28 GMT
expires
Thu, 02 May 2024 22:46:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
army.gif
access-excel.tips/porpoiseant/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODUzMTIwNjg0OTQ4Njg2NiIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtYm94LTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODUzMTIwNjg0OTQ4Njg2NiIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtYm94LTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiJjY2ZhNTFiZDU3YmY3Yzg3MzNkMjNhMWEyMjMzYTQ1NSxjMzUyYmE1ODFiZDNmZmQ4Y2VhNjA4Y2YyZDU1ZjUxOSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODUzMTIwNjg0OTQ4Njg2NiIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtYm94LTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDYsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA2LCJiaWRfZmxvb3JfcHJldiI6MC4wMDEyLCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTE3LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODUzMTIwNjg0OTQ4Njg2NiIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtYm94LTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDA0MzUxNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODUzMTIwNjg0OTQ4Njg2NiIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtYm94LTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:32 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:32 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODUzMTIwNjg0OTQ4Njg2NiIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtYm94LTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA1LTAzIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMjIifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMyJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:32 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:32 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiODUzMTIwNjg0OTQ4Njg2NiIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtYm94LTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImF1Y3Rpb25fZXBvY2giOjE2ODMxNTM5OTIsImFkX3Bvc2l0aW9uIjoxMTA3LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiYmlkX2Zsb29yX2luaXRpYWwiOjEyMCwiYmlkX2Zsb29yX3ByZXYiOjEyMCwiYmlkX2Zsb29yX2ZpbGxlZCI6NjAsImF1Y3Rpb25fY291bnQiOjIsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjQzMCwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:31 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:31 GMT
container.html
66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EFB6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://access-excel.tips/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 22:46:28 GMT
expires
Thu, 02 May 2024 22:46:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg2OTkwMzg5MTQzMzA1NSIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtZWRnZS0yLTAiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJhZF9wb3NpdGlvbiI6MTk3NiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE4Njk5MDM4OTE0MzMwNTUiLCJkb21haW5faWQiOiI5ODA2OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFjY2Vzc19leGNlbF90aXBzLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY4MzE1Mzk4NywiYWRfcG9zaXRpb24iOjE5NzYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjJjMWZhODdlOGQ4NjNjNWMzNzUwNjhjNzM0MGViOGU2LDUyN2U1MmMxMDYzNWFjODEzNmE0Yzg0MDk0ZWU0OWE4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODY5OTAzODkxNDMzMDU1IiwiZG9tYWluX2lkIjoiOTgwNjgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hY2Nlc3NfZXhjZWxfdGlwcy1lZGdlLTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDcsImFkX3Bvc2l0aW9uIjoxOTc2LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA3LCJiaWRfZmxvb3JfcHJldiI6MC4wMDE0LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg2OTkwMzg5MTQzMzA1NSIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtZWRnZS0yLTAiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJhZF9wb3NpdGlvbiI6MTk3NiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwNDM1NTAifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE4Njk5MDM4OTE0MzMwNTUiLCJkb21haW5faWQiOiI5ODA2OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFjY2Vzc19leGNlbF90aXBzLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY4MzE1Mzk4NywiYWRfcG9zaXRpb24iOjE5NzYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:30 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:30 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg2OTkwMzg5MTQzMzA1NSIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtZWRnZS0yLTAiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJhZF9wb3NpdGlvbiI6MTk3NiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMy0wNS0wMyJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjIyIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjMifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:34 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:34 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTg2OTkwMzg5MTQzMzA1NSIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtZWRnZS0yLTAiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJhdWN0aW9uX2Vwb2NoIjoxNjgzMTUzOTkyLCJhZF9wb3NpdGlvbiI6MTk3NiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImJpZF9mbG9vcl9pbml0aWFsIjoxNDAsImJpZF9mbG9vcl9wcmV2IjoxNDAsImJpZF9mbG9vcl9maWxsZWQiOjcwLCJhdWN0aW9uX2NvdW50IjoyLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo0OTEsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:32 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:32 GMT
container.html
66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1A1F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://access-excel.tips/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 22:46:28 GMT
expires
Thu, 02 May 2024 22:46:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTUyMzA3MzMyMzQzMzA3NSIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJhZF9wb3NpdGlvbiI6MTk3NSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTE3LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU1MjMwNzMzMjM0MzMwNzUiLCJkb21haW5faWQiOiI5ODA2OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFjY2Vzc19leGNlbF90aXBzLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4MzE1Mzk4NywiYWRfcG9zaXRpb24iOjE5NzUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjIwNDUxNjdiNmI4ZmIwZmIzMWRkYzBiNzVlNWZhZDMzLGRmYTYwY2VlNmUxMDUzZmMwYzllNjA3YzgwNDdiZDI4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1NTIzMDczMzIzNDMzMDc1IiwiZG9tYWluX2lkIjoiOTgwNjgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hY2Nlc3NfZXhjZWxfdGlwcy1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDgsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA4LCJiaWRfZmxvb3JfcHJldiI6MC4wMDE2LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTE3LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTUyMzA3MzMyMzQzMzA3NSIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJhZF9wb3NpdGlvbiI6MTk3NSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTE3LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwNDM1MTcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU1MjMwNzMzMjM0MzMwNzUiLCJkb21haW5faWQiOiI5ODA2OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFjY2Vzc19leGNlbF90aXBzLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4MzE1Mzk4NywiYWRfcG9zaXRpb24iOjE5NzUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:32 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:32 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTUyMzA3MzMyMzQzMzA3NSIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJhZF9wb3NpdGlvbiI6MTk3NSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTE3LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMy0wNS0wMyJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjIyIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjMifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:32 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:32 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNTUyMzA3MzMyMzQzMzA3NSIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJhdWN0aW9uX2Vwb2NoIjoxNjgzMTUzOTkyLCJhZF9wb3NpdGlvbiI6MTk3NSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImJpZF9mbG9vcl9pbml0aWFsIjoxNjAsImJpZF9mbG9vcl9wcmV2IjoxNjAsImJpZF9mbG9vcl9maWxsZWQiOjgwLCJhdWN0aW9uX2NvdW50IjoyLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo0OTksIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:32 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:32 GMT
container.html
66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 408C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://access-excel.tips/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 22:46:28 GMT
expires
Thu, 02 May 2024 22:46:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDA4OTYzMTcyMzQ1Mjk4MCIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDA4OTYzMTcyMzQ1Mjk4MCIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIyYzFmYTg3ZThkODYzYzVjMzc1MDY4YzczNDBlYjhlNiw1MjdlNTJjMTA2MzVhYzgxMzZhNGM4NDA5NGVlNDlhOCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDA4OTYzMTcyMzQ1Mjk4MCIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDcsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA3LCJiaWRfZmxvb3JfcHJldiI6MC4wMDE0LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDA4OTYzMTcyMzQ1Mjk4MCIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDQxNjk4OCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDA4OTYzMTcyMzQ1Mjk4MCIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:34 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:34 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDA4OTYzMTcyMzQ1Mjk4MCIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA1LTAzIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMjIifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMyJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:31 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:31 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDA4OTYzMTcyMzQ1Mjk4MCIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImF1Y3Rpb25fZXBvY2giOjE2ODMxNTM5OTIsImFkX3Bvc2l0aW9uIjoxMTAwLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiYmlkX2Zsb29yX2luaXRpYWwiOjE0MCwiYmlkX2Zsb29yX3ByZXYiOjE0MCwiYmlkX2Zsb29yX2ZpbGxlZCI6NzAsImF1Y3Rpb25fY291bnQiOjIsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjUyMywibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:34 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:34 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODUzMTIwNjg0OTQ4Njg2NiIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtYm94LTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjIxNSJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTIyIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODM5NTU0Nzc3MTQzMTQwNiIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtbGFyZ2UtbGVhZGVyYm9hcmQtMS0wIiwidF9lcG9jaCI6MTY4MzE1Mzk4NywiYWRfcG9zaXRpb24iOjExMTEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTA0NiJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiNzMyIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg2OTkwMzg5MTQzMzA1NSIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtZWRnZS0yLTAiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJhZF9wb3NpdGlvbiI6MTk3NiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIxNDQwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIzMDAifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU1MjMwNzMzMjM0MzMwNzUiLCJkb21haW5faWQiOiI5ODA2OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFjY2Vzc19leGNlbF90aXBzLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4MzE1Mzk4NywiYWRfcG9zaXRpb24iOjE5NzUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMzAwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0MDg5NjMxNzIzNDUyOTgwIiwiZG9tYWluX2lkIjoiOTgwNjgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hY2Nlc3NfZXhjZWxfdGlwcy1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY4MzE1Mzk4NywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTEwNCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoidHJ1ZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:32 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:32 GMT
container.html
66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 56B6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305010101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://access-excel.tips/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 22:46:28 GMT
expires
Thu, 02 May 2024 22:46:28 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODM5NTU0Nzc3MTQzMTQwNiIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtbGFyZ2UtbGVhZGVyYm9hcmQtMS0wIiwidF9lcG9jaCI6MTY4MzE1Mzk4NywiYWRfcG9zaXRpb24iOjExMTEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4NSwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIyIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4Mzk1NTQ3NzcxNDMxNDA2IiwiZG9tYWluX2lkIjoiOTgwNjgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hY2Nlc3NfZXhjZWxfdGlwcy1sYXJnZS1sZWFkZXJib2FyZC0xLTAiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJhZF9wb3NpdGlvbiI6MTExMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiY2NmYTUxYmQ1N2JmN2M4NzMzZDIzYTFhMjIzM2E0NTUsYzM1MmJhNTgxYmQzZmZkOGNlYTYwOGNmMmQ1NWY1MTkifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjgzOTU1NDc3NzE0MzE0MDYiLCJkb21haW5faWQiOiI5ODA2OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFjY2Vzc19leGNlbF90aXBzLWxhcmdlLWxlYWRlcmJvYXJkLTEtMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDYsImFkX3Bvc2l0aW9uIjoxMTExLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDA2LCJiaWRfZmxvb3JfcHJldiI6MC4wMDEyLCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODM5NTU0Nzc3MTQzMTQwNiIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtbGFyZ2UtbGVhZGVyYm9hcmQtMS0wIiwidF9lcG9jaCI6MTY4MzE1Mzk4NywiYWRfcG9zaXRpb24iOjExMTEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4NSwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDM0NTg1In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4Mzk1NTQ3NzcxNDMxNDA2IiwiZG9tYWluX2lkIjoiOTgwNjgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hY2Nlc3NfZXhjZWxfdGlwcy1sYXJnZS1sZWFkZXJib2FyZC0xLTAiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJhZF9wb3NpdGlvbiI6MTExMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:30 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:30 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODM5NTU0Nzc3MTQzMTQwNiIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtbGFyZ2UtbGVhZGVyYm9hcmQtMS0wIiwidF9lcG9jaCI6MTY4MzE1Mzk4NywiYWRfcG9zaXRpb24iOjExMTEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4NSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDUtMDMifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyMiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIzIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:34 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:34 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiODM5NTU0Nzc3MTQzMTQwNiIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtbGFyZ2UtbGVhZGVyYm9hcmQtMS0wIiwidF9lcG9jaCI6MTY4MzE1Mzk4NywiYXVjdGlvbl9lcG9jaCI6MTY4MzE1Mzk5MiwiYWRfcG9zaXRpb24iOjExMTEsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTIwLCJiaWRfZmxvb3JfcHJldiI6MTIwLCJiaWRfZmxvb3JfZmlsbGVkIjo2MCwiYXVjdGlvbl9jb3VudCI6MiwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NTI2LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:32 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:32 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9A53 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNV_cxC0MU2wuMwY3-GIdazrkoHw_0euBwAZ7skLczvA0EQlWRcfEqZpvqWukiiS2VCBQpWXxYQuRFyBZodhDamne29dDH94Df09xThtbriZhINLWnugLl8hPhyUpu-PqiMK3rCUevRyp8V8Awfv4YxOBmN4WeDIaDbh5EbJCn1xsDQR_FvHUSDiWuExY2t-H925PiwPm35ULknwxY7H0Ev7vJUVlQ
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 22:46:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1CDC 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 03 May 2023 22:46:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CDC 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CXdxZAEUzYRtUwBfi1diFxu5HBNHhTi29zjJ425oDVXnhMGPrpkZlgC4eyb_O-p4B1VZ5pw5g-T_I0z2M6OwD36uE9RPBYb2QXgqMroLQeBFENZ1E
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CDC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8657933443639569422&x=1&ct=77
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 1CDC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=203336&plc=7322076&sid=18330&dvregion=0&unit=970x250
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Wed, 03 May 2023 22:46:32 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 10:59:51 GMT
Server
Microsoft-IIS/10.0
ETag
"2d4a10aae224d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 1CDC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/window_focus_fy2021.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 19:48:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
10691
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 May 2023 19:48:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 1CDC 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7141471cf38c1e5f68499d03fc12899c1d4f91358d533881a7c5e8ddf10a5ad5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 17:35:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
18637
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7957
x-xss-protection
0
server
cafe
etag
10936619172403307163
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 May 2023 17:35:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1CDC 		160 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50014
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683113006724128"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 22:46:32 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1278 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYm4Lo4gEwAQ&v=APEucNW2SLi2PqCWaqRrZfs17j36Zvr0O3Y3UtW5eHm9zbz9HJtu6GYRNZvKGtVZRTPfXqxlq0pTepzazsMWIlY3klpLok_ZPg9AP13_6F6s-DOFaFfBhwNjIZ_g5b9OSyXSu1zBiWmYXcxPUI2r6gdk0pRpfLqeFmnTSKDGerDgfMuPVVcYvoA-vB1B9yjTSo3AR8Msl4a9YXaJy0bAQd2If0SfSEEugg
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 22:46:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame EFB6 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 03 May 2023 22:46:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EFB6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D-9833XNHh37g6-7Vs7l2pa9-HRowmd0QNRKf0ygUG4G6RfqhOVgeXYlRez59qjH3fC86_5YcpTlpiakkvHZdDzS2BwBRaCO9-sHQoVdQXu7I8SK0
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EFB6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14431400074469266043&x=1&ct=76
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1352960/70224255/xbbe/creative/ Frame EFB6 		252 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1352960/70224255/xbbe/creative/adj?p=APEucNWkcZqnkVmkesuUrqsTnH2tUrghoQk1-YLL4wGGgy8azDUzW5Q&d=CokBAKAmf-DmKtX3OD0QHjMBTh-__rzSeWyJPqPQ-ScQXdCA1twIHlZQfu7Bjr-1iAIP3FxAkoyR8NeiOM5TseN0oTL7gK9fSq-NUv8stjOWIxQquGR7Gg_bk8gEvaKQ8efRWiwAfh8egfb0z_A6ZTpBS2TwYO-JmlA0EGo9KEjFfiz9Wf8ztwdL5HoSyRQAoCZ_4HPO3_KVKocNWzJIZx2sBD7-iqTQ9cv8H3ECarxdLbQ4EyxYBIwOaw07ZEK3zqDBJfz4Ur8WKwIKgX3DnujgOsMMMkii0e15RyYT_khBQvUZweZfGCGjDB1XsdRxWw4vatEJk3vgBim0szoyoCxF61d_VQzhosLLUPuDWhjN7EPOIl_ZSqVxhWf-qIBWFqsGFkpF537n51VPRLZvWh81XafAupjP4tb0ww02KQIP1AGcWVIO3cpq7AfsEbw9PT7B3nLaslVk1VXZAGildYhiFasxBIWHiuNLbMrej2-JogTjukiVmx5tbr1mByadHZnUjZBr0ofmDgAvfnAu5PDm0YqYh-OhYpnoJtx8Qao7H0t3kJ4yqAGVeWED9gppMXG6YyjYZsFhqAI26evWhMVWtlNhQl59Rrgm2zafNLn7t2wHezl9IaCusAYR0bmwij6P80vOkAGAls91WQaGkU5FhO4xn1IZS9jdISQIhRnf264L2SZdB0w-YoBg4pQFvPBGAHVhYfyfeuwk93Dxpl7CnS__jUAOjxgU9076LPhVCiIOCT3nivCVqeRO5mhJqdevt1lJc39eKB-xvbr4LcXmwwoe_uyRHmoOGd1mth2IGnD5MdQgZsgkr6jrntajUkB17XpeOwArqYbRCH3uR-YUg22QZSxhvj1kkVlYOVheWP3hSA21CuQsO57d-uQQUvmp7a9MOG8Ub5O-LQan-lk6i1MJlfTINc_Wt-SgWeZJudrhfX_rXXx8OGp-BjWYc70HWIDEB2WXHP9xjSEXjrMQz9RxXgnVQ-GhjpCol42_C2FOjPJZeNaBtU56-_kaTt2Mgumt9VXr79TQdiv6fZiRzxQswSoNpPB7ljxTXDSE52-Fu5XlFUw7ORNE4Vbk08AgjzhrdYkK-HdiUiUiZYwecpVwIW-8ZW8fatxky22hTgFJQwXxmClhdWwGpX0G5SazL2eON5GMJOB7xjDZd8SlefaDcVB8rMJiepHsC398otlpNAiWx44EhNjYF9-YVnkOFRsaZpkazst7ltunlMWxxwo5OH5X1HBe0SxTjXrBpTY9Kf-X0sExnJiEAtWdVkGKEqxDsZEzRijVhQi-dm5qPggpGQQTG4DLQA7dhHqoWDX5m_5w3WYwLKg6Wp8WLtuxA0URSEmxiKeWokHqR39NP2Dv_rblrhVr_Vmn5zWtBoOVq8IgCQXjzjpDNBgh1xBfzL5GAvP--KRSscgDAtvEs6dmSrodFemW2Id05zI9VLnBvPWgj4f-RuYxMtUbsYnftpEKZ0nV25gdx8O-ROOwdQ5I8edYq3ZpuiKxZmWKok8j8dDKluv3cbTQ_2f7r6pq47zhhBwYxgNa7fr9OaGt2fexvdcqQ-5omO7NEFrc-s_yBpwZGGZgCc3K1avSm0GmOOPbCY6BmZuoygi0BChF4tOWcDRYLmtIeDbd9Lw5940eCJSbB5AXXPhWy1GVuClSKHvhLjCPIihdpnaqgT2hMUDhSQkfuACcH646VM5K5bNvJxWjI5Cr8FP8wSNKpp5TfqzwAyFZD2GIBSgHGI_SAlH6g2daHVTM7vNuZ-G_dYIkfeLUtnrrb55JkgJ5glpS_5CWJOvRHrG4jgTlb8w40VJfnRW67yxlHRMvCMnQxGrI5kvZF-x8Zc5KYn2RQ4VlKau2UUk-BdTEg0Tc9wmiYj5V9YUifIB1VU5vyYUhSaroZTICjIYpPN8SNGWCbAAZCnAiSJdIbjxt2s3IWuXOh8wNGxDAxCB2Ylg-P4s3n8GWvmGCBxBlPF7gEykFj_llQpJVeJdBn8rGYUnOjWBn0T76DBZlqh19EN9UPwEt1OfmGJnungPkbhu677f92wTtlEQvZ9caxj8f0Ncwl3CL8Ix1jjInaQWYTwx6pdRoznfhgUuCw9uTte3VVVSYce5hkneNm7mhpWLewQlzZ1WWQ-ThgA1fKKpdrLo_UnLLrfIJetm90ShGigBf3AEE0TAsMdnYRPsiFz3rg75D-C8_ewP_coXLTk3LqpH6KLWD3VT44CGWUiYsGmhTTCGnoUReuSTzlJsPt6YYv9eIrbrcz77O9iuqlGsvAiQylZU3hX1I1RjBFI5vt59fX-wvIksYZc3-FE4SDk0aaRn8zJ2gAPNdiXHUYeoPlgouGe_ADd8Rw41zOtJtCcu-IgLEH2E_rOS7YKuwjBHM-3DrUO0tmPPQCu2PsuiGedBm8xs3BUvHreVELioZkoC3iW_VLDnXdSMqPcOA-R-vIVoNzrgOu3zRwSsWPEPMmfnDTqhf-TX2DtISdQQpQrXO1iyGO2f2u4Tq9ZjqhajO-IP7gCyBi5IjNm2hjHsKZSvZpMMbO2N_YNxIwrFL6CjTbW2mdHQVSOxJ3-TAW2f5n8PkOztdXogMxqg4pG78iJq_S5YE-LYTJRaijyxFG_hTWOZQEOVCL-yCGXYUnBNUAGmsPCcJHn330IYt8SSjEjhhrfMBxcSUbj4OBDMKURqXOL8VLIo5LeRxvb9xF8fSHfTlvE9asY72dB51VzOgYH2GxbwexrI-41YdBswq0WCrb-sSr3cIQlreCY3BSC4H5tgauQDklmDj9qe65EzrjOt0TLccli7FFCvdGNMDKqFPC0F0pd3zGeMD7jDJVrK2mkaiUsJTyzfq0ZETu7FQWom6_AXlVyZxRvz7CK05xHDI3WINWNo50_LBlIXhS12I6n3UZHqhO1KyJenRnjgqwFs0yOVYb7191uxIQzYG_ACvgTHcWq3QexiKk46TFchrd75QN-Y8AmEOnT1pqv-6FFaX8QUXhhnMq6w6icAb7KK70s9yYhVs4QmbLbJMYheR7GDrwdFgO8ux86HuwhVWz5dg91WEAMYN1rVCeYSh1TzWNJ7P-WrT8e-PoTZM9UqgibNILc4_nTDyRoKtbCBlJUVLYQ8MPW_xJuADI1DxuUfUch43m8H_22B1kxsUHFmma9H0iAXnhvZa4p8DP3hATq3dEFmGmrchXHAAxjX1PRu6wa2aSJHeU1RDCx9imY-EeL0IKhikhDv_5E5xGvR7PAqTSn-kKgNe6DjTLd3kctMcdAOD8a8-AKze7dhlTStKvAkGtN7lnC9JZ3tIoZZHuaqEFlYyigVzgz5M2wVL3i_U3GzD4CMZhKrgbdUqPwOx6g31M46Vpdo25b89P__nuEYKnpEbUCkE0fZb24JgWeaC7BtA-8oPLY4xeJ8sXqcpHpBcCbzAaI4E1jpNtzNOvXADLSA6ZokL-XasufsJ_k22fdwcCJLpuWwxTcNsbzTB96lVgwA9GGZkRAqUs7y4XnQhULCooLCdGcIBhI6BK-1y3ukQ_W7xkX-2fx07rPUZxRJ3_RKZLbLE-vzTArdk0EuB0xTPfo2VcNuVp786yDfv2WwC-VeAupyg3uPzbgEJ6AkjJNciF8hHqQfgrxrbN3VSXHdTaUwGm58Zs_5xF8N2HVZ6NriWRSmRwyUm8_mIY_zJpgw9Z1ooJBDVqfpM6zj0RDT7kB5IZ00o3RpCCAQSPABygQiDlU46MUgokLTEDVkmwva4g8wAUokZvSNM-M4ulgURidKDKrMnsO4jNn0GvKIw9W-nlCfGoPKDrBgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-6396844742497208&ias_chanId=1&ias_placementId=18513634021&bidurl=https://access-excel.tips/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0i9fbiHpv2kN11bS2fOJQEb
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.94.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-94-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f60f373edf213b75f26374f410dbfaca33d9b5bce11101f5ee8d7deb582a098f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame EFB6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/window_focus_fy2021.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 19:48:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
10691
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 May 2023 19:48:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame EFB6 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7141471cf38c1e5f68499d03fc12899c1d4f91358d533881a7c5e8ddf10a5ad5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 17:35:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
18637
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7957
x-xss-protection
0
server
cafe
etag
10936619172403307163
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 May 2023 17:35:55 GMT
l
www.google.com/ads/measurement/ Frame EFB6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRLC9hZwot_PL-3RlUM943QZdihY0owP3dOsE1Txs5i1sQfpIEoeFdqiMebbRBsdMWmJ_jV4W1yUeDDiC6JNp7_QgUljQ
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EFB6 		160 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50014
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683113006724128"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 22:46:32 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F880 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYm4Lo4gEwAQ&v=APEucNW9nCArdv4nanTf3W3NsdZFQMdx-VtXh1XJ5c6HCYkFuKYGGRFmlABDsg0vO7eVMOPtNkS1towfkrEHD5yvK8BHYS3ZurmCvrS3tJ0BEUbOUMlTGyYTQIg2iig1Q79FDE4gXlxWuB22UO5vcMbNYwBWueLHiLr3g0Kbch40ZLnVkZxR_Vgxznyu9BiPcFBe_MFPzUuUckP5ZFpxDmQgaENVU-8iiQ
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 22:46:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1A1F 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 03 May 2023 22:46:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A1F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BH9HQvVhzobHZ-BWo9fnDIXfgK7cptduwDibUxs1SG_TCipB-hrecWP0w5YXtHCk5-bti6LztmoiQgidZnkv_m8rNKzPbnZcDVddgTfGjzAB9lbC4
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A1F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6127711857886504530&x=1&ct=76
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1352960/70224255/xbbe/creative/ Frame 1A1F 		252 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1352960/70224255/xbbe/creative/adj?p=APEucNWkcZqnkVmkesuUrqsTnH2tUrghoQk1-YLL4wGGgy8azDUzW5Q&d=CokBAKAmf-A8LXt1rvPA1SpOoMu7NOaaJafGn9ykbw6wEvBJ3hY23k4d_sdQCForI8ovtLnMpU5ClZAbyKRE1LldC8EawX6erRAirwsyS-N8MYsILpYvVhLXvos5IPrf1QvXajuvHglfmWGOk6sl3cFNJdUOp-3CmqXDsD1ji8Ww9KRrjQ_w60pgIMYSuRQAoCZ_4AdFIpqD4WdUV-Qd6ycmp4-ysz2ZeUqc2J7_x9E7Rmzub326XTWQGpn9dYNcokrCG1KYzbgY_vy91iS1ccCqApy64l2GOEoCNJsLUSva-5hWEZlC7tzCVeCw2o4FvDCnoPs26PhbfTMGxIOQd_voEw5O5MBw6ARm4eUcv1n0hE0PwSI0fPBJAY66nubu7FTNKIMnH0UeE1lJB5IX1aIpYEyadfkvJX8k5vUpVNpzD8SMqftI_GvAuWzt3ZQZ1iId0DsG1CmA2XOltk6MLe2JCvZiyob2t-B2ExczKOtjMvH27kbBSi0cW4tQupVdIfsDdoH_NpGrYD8c1Di-ZNuxJq19b_yYaQpYVG2_gA0howzVr18XsubjA2bxNMNpc-Tul5w9gOqt85jNFUlSCEaHm1GmqTfZobNDNEIkZCjlJt6iKmvLDZVfc2C7T1Rt48LzaQi6d3j-hL4M1HhzV8whqlqo7tgpn9zWtpvcxBH-a1VK7dYxpPFKlSQ0WBqTnyb-8VqfiDrXglf58VkIKZQjvYAlo-XeTgErA7GV_vJrVkdUFYNj9klkm2JS32R5kf7MdnKkugfPEveSUlm4vJMxEcxzGFkYQ-aTZvXhm2nMJluNwgEVF2GTond5mfG1d5cfX63Nhj-kZlBvc4edL5WTrAwOoKbHuzv4EW_OSmB4TQ_oXSZzS0WvSu75Sq-fEOyNIMwQa7JHRytBaLF2jzRu6xpBs0dMLrLOGbB-1bLhj36ylPL4d8P-Ecf3ilFFUYIc6UXpUaIMeFcCrN2uenImS45i5McxBHSEm8Dn08dpIa3_3sj1upRuI6SrGjkeLAasvGCoO-lbD0HwSU8PdN0-iw13Us_Sgymy88b_YAbIORxSDoF7Sp3SQex4n_iEl-9x4gh90QjDvvLO87XhamXQrmTSfBZh64SOuyFLlo6jq21LZRRKWIP0bYuyPO_iP0QfaEUKwsbN0ErAfsJZJ9_016P1VzoL6z8foPmu5sUYZEL0XibkSTWMuU_FFBUfnSj61uJ3YXaGQjVoZhIkw6utLVeSVRD0q7aYzKbmnkLFZm5KAGZg95VnVD66FeaoWAOaNt7Jm-XUQ4wlxbSVJwNuTYyz-C5eAZSYSlJ96vjCrwTdMFBCaVSWHmsxVv5zcnSdqcGH71HjR78M_2zWNTPfOTN99VmzHhfFDi49iKrVnVrpwG6SiKqnRGsw8epe7jQQBZaFYIQVDqqHZgtnjNXi2--_OVf1geBBIcy4HsWc8iIys1oDIDSI5j6Fex2TWBWrOamtqvIA8bN-0HKBt_tamr65T80cbSzEkQdZETlxLZJ0juwOhoE6DZDqn8UsL2kxh2KVfxaztakeYWsLbEcSY-pzvPc7ISYyec6Xy5D8nLpaWutbEyaIiEAIKDUPT9dAlUA9dkdNYclpMeJm3TlFg9esqv4GvoXnpBXo52-6YtR5uDaAc2Un1Y7GQG2U4w77aDwXOblMv2i4r_0_GHV7t3KitrfDKUmVL2mrrUcYp-_o9c6i0PbVHVwwFa57yLN1CF5m0oWaodDOcRWjLm7iy0kxIMqg_eQfFC6a8M7JQsfxtIdtAmz32lXyytSnJ9m5amMDfqndOEMAAImysU2g4FyhvYtuD__ektCYg3cIFYeHuqtWDh90H4UkXAMrHjHMXW0wldcPSyj5O7hxJDup5KaQ6HvQ9ehSGNi1qc56loXX_GNqUqcpuE-O8mTr96dyN2uHokP6ormXejEQli9uSJ3ICZ0BmrkmtXekztjCjtrc7kn6-EbGrxAtZBxDy7IqwYh7wt9d7D_RrSzRdnRMxsbBUrUwdlRW8-95eKvEnMQcFQSlTtVNk_ZbFTv04ff9c68WWB7DbcjvNzR4ObVCtJeIdbA5LxO7djgIkZPT2IXJAdUSfGNrS5DkGnFplETChu0WfubveCAM1r0SE2xpWs6C20WJZrzCZoxP7DCaPjF0UazywVGsfP3DtI6M7rMpfGLiIW9SvgCInZdNMhhESAdGwCT00GZhV1NAT-b2HvgSTLoZrA9SY6bCBBpIJp92177XhmYl-WKI3-ZFkyhk_ZP18ga16xS6rhv90bh-_fqRuDDj0LAHV1_n5FJY7MD6kLZrvD8TbkUflO5GPcYRdJa5aEkI3FP8q1-qPz7SJLncOb2XLPpf3xcNrG9_uaLQKtrbvUIlNARSeht57sJCAZB3yWauWphISlSjxJBtYG2FU0ERW_0AZ3F5nago-JyhkuEIDRe5iV3QsyPJiMHb8fUlsSF7anURFNBIrMDJSdpJ7enPKMAKedBrY-1XM2MdVE8lGLLkhHaeOuAM0M5uDDSeLlELTALT-L9DUhER0zZS1BvJVxlktBJYOQ45sBmlll3IoifXi0SpvaEOE1IgzXvnsvuKsEQ-Atydti_lQf9jWPY1Y5ap-vYv84vUn3BzRwTvMWHwh4sbNZdMPF87hkX8h9rWJTml_2yYNPd7ErjNUJ-TEt38gs5pb1mp6uISpXRKcLV9osjFCxjw8aFyRSM2XgivNZQLD3D5zD_VgAK7YcirGte3NmR6OTpZ0ZraX-EfRB7hzEVe2UW9InsAw53oaR0fwEiPhkjOqp0nvVIy-eNxFGulQqvjbgj4sV5hpzBGyL4wRRSsdGSRHEAsT0N0VeMF0kW4D3Cer3esK3PsLk9zbl0933TccAFWs_o0kSKESJ1RTP12LVPML--V9pz1D98lwBQARMLlFdNzESNtwQ1lqBYY5dwt9BRxk6esrtqqj0vp5QOTp_jbqZcbzie7SEhJx72Y4UpI_5k1py9jP8DHXgXlyYZWlM6BLtr6mtBGepdy4lx8Riq4vthWqtpwgcVn6_QifRF6RNZZwBjDgdfLRSQm8OmJmm6z4Dc6Fq-KQl25_GOgC9nPjlcTFosghII28LlXGWSQUf_NkUx0fYl0ajocU7ojddgu_az34pImdfCBAjv0T3KuNQLPtDlSqDBfG4JntbmpA1xliNZkToi-ro9FlPQgwI1b5uihlSRBev9a9AFajuLdKbkJhGNJXN5oXk_6o0fFYFpi-46TTpH-4sXzCFFtdyMgaMXqW7o0686umrn-44ymDxKA8uuP-VjL-9E4LrCsGOrIdJE-w1OzTPcvyKaZlq8xcB5AJoPgzFckOilvauq_hAeN38-b36jMDsFSvbCPzhQDX2xMzmyPL0vOAXNngafE1UJhfDxpr_uvxY77vplz1T3iHGHs3rVrXmtc2nWHR0GJMCr_RRWmaZSakeQ1deHLld2sQ-tTEJcYQH6wbvdGCqh7RXaLseFpwYYUcdp3aFsITlQf7iT4yItXrgaE20SdevqsK-SrjOdo9n81pvUGGCj8NA58tLItkiHL29zIyze6_yknGQQSy2JQSbWlwYPebBcyjnhX_XoWf7l4_rNtA1sZmof8ELqFQ_vhjbVru50tG8ayE6qwl9jgw5Z7VbRzaPmYH7ZkRXJB5chko9czkD4D9zS45ZNeGkIIBBI8AHKBCIMMx8TfmWwEGwefmLCEB8uVBGhcxTaTxmH8n3wRV3lqSJ4lHpUZN--KUeBNsJ0g_Ur7BSK3riFIGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-6396844742497208&ias_chanId=1&ias_placementId=18513634021&bidurl=https://access-excel.tips/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j2cVvXih8UnCD5ZHDiz9Tb
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.94.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-94-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 1A1F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/window_focus_fy2021.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 19:48:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
10691
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 May 2023 19:48:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 1A1F 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7141471cf38c1e5f68499d03fc12899c1d4f91358d533881a7c5e8ddf10a5ad5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 17:35:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
18637
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7957
x-xss-protection
0
server
cafe
etag
10936619172403307163
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 May 2023 17:35:55 GMT
l
www.google.com/ads/measurement/ Frame 1A1F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaShBETKr-3o5U0oeCxtzhDW9I-OGh7qBVQl8taL64-isUcgDbsJBUscYp3BoEoppzhw2VHJkh9ba_BKyF5NOabilJgQlw
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A1F 		160 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50014
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683113006724128"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 22:46:32 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame EE9F 		599 B
266 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJa-_eICEIjrweQCGPOEt-UBMAE&v=APEucNUbJEog0ubSttIcmzKtvePQRzsvBc2umW5lvKGQJEZD-zdhfk3NGlpex5a76N83NZ8ZYtuWOOWvV1PALBKlCsZuoaYHKdrAZ7VKP9xDMh07cT_KqbnZBUfmXMunfcSdxddxSjb6xYlV2At4IuGV7qkrXAphemmOzigavQ6lBWIQHdmNatUa-aPu3a2JDJZ97s2KtK4z1eRPOJeT71v5VO0XSuop4Q
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0dcc44d0d45a79942a50f0a78ee69e380cbcd8d6c02316c2af886dc634c8997
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
246
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 22:46:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 408C 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 03 May 2023 22:46:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 408C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BEb8xyFNeliShSjHaN2nrUsQ5QSlQ3u9lPVmX0TWSKdYIWh_6iaB5RlsqTzp5pkE_4_CYRJwcUIpqKVxBHHdmWuz65Pr6yTfuyzzW178dnITi5Q98
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 408C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2904563361130455779&x=1&ct=76
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 408C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/window_focus_fy2021.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 19:48:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
10691
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 May 2023 19:48:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 408C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7141471cf38c1e5f68499d03fc12899c1d4f91358d533881a7c5e8ddf10a5ad5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 17:35:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
18637
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7957
x-xss-protection
0
server
cafe
etag
10936619172403307163
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 May 2023 17:35:55 GMT
l
www.google.com/ads/measurement/ Frame 408C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ8rnkkIiMOrLS-yGD8wDGE62kSZvlCfX_NCN-7XiYpDe10D14x2zE_0QKDiKl722Q4r6VlnIQjzaemnh22K8Qcrk4_gw
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 408C 		160 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50014
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683113006724128"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 22:46:32 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 98A6 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJa-_eICEIjrweQCGL2Gt-UBMAE&v=APEucNVa8JWYxapmgrQiP1-KF6ad39yJBWG-J6xqDsc9MrB_dnyfusOJGZWDOdrf_e3f6V7UbZs9IXb2CUIe3TT1zFOWbhvH0KHEMKKJ7baNYEqagMIcspzdavw8-cnkEnFBBOCsiVb1UoZdqspbmiRxvzrve9Ikp-8LT-q6DRw7h_A8A8BOM4wbt9zG8rSLVmmOjU8DTkQ467F0OmrzDARdIDapKGL5zg
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 22:46:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 56B6 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 03 May 2023 22:46:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 56B6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DcfBJfZtfQYhGDpk07Wc8hnjY9Veq2IZ9i268AW0G3535sUWSBb7leXfrG7pQYd-iFsQ7RHwh9nywNHD9gVvVYbz7Xrri4E5utN-LzuNf0bNSYJ_A
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 56B6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15814335860320392147&x=1&ct=76
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 56B6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/window_focus_fy2021.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 19:48:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
10691
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 May 2023 19:48:21 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 56B6 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7141471cf38c1e5f68499d03fc12899c1d4f91358d533881a7c5e8ddf10a5ad5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 17:35:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
18637
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7957
x-xss-protection
0
server
cafe
etag
10936619172403307163
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 May 2023 17:35:55 GMT
l
www.google.com/ads/measurement/ Frame 56B6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQG9poUGkfKFx_ZFa6siygY_J5g75HZekI116ijkBC_q1Pf_ZiBtpO-cZYTve4Cs4vicB1exkB_uXYbf6opNiung_WFRg
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 56B6 		160 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50014
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683113006724128"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 22:46:32 GMT
rum
dsum-sec.casalemedia.com/ Frame 9A53
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5tho3WpyuEiZFyvKT6F5w&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5tho3WpyuEiZFyvKT6F5w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNV_cxC0MU2wuMwY3-GIdazrkoHw_0euBwAZ7skLczvA0EQlWRcfEqZpvqWukiiS2VCBQpWXxYQuRFyBZodhDamne29dDH94Df09xThtbriZhINLWnugLl8hPhyUpu-PqiMK3rCUevRyp8V8Awfv4YxOBmN4WeDIaDbh5EbJCn1xsDQR_FvHUSDiWuExY2t-H925PiwPm35ULknwxY7H0Ev7vJUVlQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 May 2023 22:46:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5tho3WpyuEiZFyvKT6F5w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9A53
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZFLkRsoLeJgLk4lPdSyTVQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5tho3WpyuEiZFyvKT6F5w&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5tho3WpyuEiZFyvKT6F5w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNV_cxC0MU2wuMwY3-GIdazrkoHw_0euBwAZ7skLczvA0EQlWRcfEqZpvqWukiiS2VCBQpWXxYQuRFyBZodhDamne29dDH94Df09xThtbriZhINLWnugLl8hPhyUpu-PqiMK3rCUevRyp8V8Awfv4YxOBmN4WeDIaDbh5EbJCn1xsDQR_FvHUSDiWuExY2t-H925PiwPm35ULknwxY7H0Ev7vJUVlQ
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 May 2023 22:46:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL5tho3WpyuEiZFyvKT6F5w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9A53
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEI4_JyShuhbegRQT6QMERdc&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEI4_JyShuhbegRQT6QMERdc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNV_cxC0MU2wuMwY3-GIdazrkoHw_0euBwAZ7skLczvA0EQlWRcfEqZpvqWukiiS2VCBQpWXxYQuRFyBZodhDamne29dDH94Df09xThtbriZhINLWnugLl8hPhyUpu-PqiMK3rCUevRyp8V8Awfv4YxOBmN4WeDIaDbh5EbJCn1xsDQR_FvHUSDiWuExY2t-H925PiwPm35ULknwxY7H0Ev7vJUVlQ
Protocol
HTTP/1.1
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 May 2023 22:46:32 GMT
AN-X-Request-Uuid
a12cd6d1-fc88-452f-9b09-130a1af2c437
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEI4_JyShuhbegRQT6QMERdc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9A53
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU1Nzg1ODg3NTI4MTc4MjQ2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU1Nzg1ODg3NTI4MTc4MjQ2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGM6PneYBMAE&v=APEucNV_cxC0MU2wuMwY3-GIdazrkoHw_0euBwAZ7skLczvA0EQlWRcfEqZpvqWukiiS2VCBQpWXxYQuRFyBZodhDamne29dDH94Df09xThtbriZhINLWnugLl8hPhyUpu-PqiMK3rCUevRyp8V8Awfv4YxOBmN4WeDIaDbh5EbJCn1xsDQR_FvHUSDiWuExY2t-H925PiwPm35ULknwxY7H0Ev7vJUVlQ
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 03 May 2023 22:46:32 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f6432e91-d085-4fff-b27d-54024b617795
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU1Nzg1ODg3NTI4MTc4MjQ2
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 1278
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELNBHjbgtrt780GRJDQNiYw&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELNBHjbgtrt780GRJDQNiYw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYm4Lo4gEwAQ&v=APEucNW2SLi2PqCWaqRrZfs17j36Zvr0O3Y3UtW5eHm9zbz9HJtu6GYRNZvKGtVZRTPfXqxlq0pTepzazsMWIlY3klpLok_ZPg9AP13_6F6s-DOFaFfBhwNjIZ_g5b9OSyXSu1zBiWmYXcxPUI2r6gdk0pRpfLqeFmnTSKDGerDgfMuPVVcYvoA-vB1B9yjTSo3AR8Msl4a9YXaJy0bAQd2If0SfSEEugg
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELNBHjbgtrt780GRJDQNiYw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 1278 		43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYm4Lo4gEwAQ&v=APEucNW2SLi2PqCWaqRrZfs17j36Zvr0O3Y3UtW5eHm9zbz9HJtu6GYRNZvKGtVZRTPfXqxlq0pTepzazsMWIlY3klpLok_ZPg9AP13_6F6s-DOFaFfBhwNjIZ_g5b9OSyXSu1zBiWmYXcxPUI2r6gdk0pRpfLqeFmnTSKDGerDgfMuPVVcYvoA-vB1B9yjTSo3AR8Msl4a9YXaJy0bAQd2If0SfSEEugg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 1278
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEHiGZlwseqwa98WVzgMtuAI&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEHiGZlwseqwa98WVzgMtuAI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYm4Lo4gEwAQ&v=APEucNW2SLi2PqCWaqRrZfs17j36Zvr0O3Y3UtW5eHm9zbz9HJtu6GYRNZvKGtVZRTPfXqxlq0pTepzazsMWIlY3klpLok_ZPg9AP13_6F6s-DOFaFfBhwNjIZ_g5b9OSyXSu1zBiWmYXcxPUI2r6gdk0pRpfLqeFmnTSKDGerDgfMuPVVcYvoA-vB1B9yjTSo3AR8Msl4a9YXaJy0bAQd2If0SfSEEugg
Protocol
H2
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires
Wed, 03 May 2023 22:46:32 GMT
pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEHiGZlwseqwa98WVzgMtuAI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 1278 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYm4Lo4gEwAQ&v=APEucNW2SLi2PqCWaqRrZfs17j36Zvr0O3Y3UtW5eHm9zbz9HJtu6GYRNZvKGtVZRTPfXqxlq0pTepzazsMWIlY3klpLok_ZPg9AP13_6F6s-DOFaFfBhwNjIZ_g5b9OSyXSu1zBiWmYXcxPUI2r6gdk0pRpfLqeFmnTSKDGerDgfMuPVVcYvoA-vB1B9yjTSo3AR8Msl4a9YXaJy0bAQd2If0SfSEEugg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires
Wed, 03 May 2023 22:46:32 GMT
pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CDC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8770062027915&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1CDC 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8770062027915&version=m202301230201&ct=77&x=1&cor=8657933443639569000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1CDC 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AZpLDtnKSMkucVuGz6CMtZC9JtHdb49ZJvVK-GhHDPm726b2kViLr8ddx1QC0wxeJGThQVmCjXcFHlfXZxyza475M7oPb_y6KzVsY90A0-RK_dRt6xEINm_SFL2V8bywy5Pl3yRX_cPf-UkqD3roIrlsT-EV2pnZDgP05D-Aa-e05A2VI&cry=1&dbm_d=AKAmf-B-BbI-iSX_wAsvzXNmc4g02igQ2Ciw1FVvpQWuXfwl89Bb0MKV9AgwebKcFT6Hr0fgY4XoRh7ZJk4rhA1c86sohYIBQsdWK9JBy0pYva2ln2ViRbVKB228ulD5Wf7_6vNbRZ6EQ5AC52uujBqPFfOObCbjDSj8kp41YMjMdCVwh3nQjrMcyd4GLV_Wby27Q8zsJasiJ8uCOUJRxC-U1tIeAo1GOWS7wiWqVStTu0Ys7R4leYw_TfkyKejZQYJ0XL98gKNB4oFu9P1ehDcfDHYXx-3npeot2k89_m1Xrg5GfyV46sch1OY5Hg68Znwf6DUtF6XPEk_rXgef9hAibbLsv1lQu_NbYyzC920HY0jOrNSL5zN9KEAVqYGC5QIOGqpXbuJsSOB0ZbUHu-md30jQ_NKlp0oXbBkHcdp8PFaBGi67jx2h5s1pLt0AZMDQl3r-mLp9suRPyq-F2x0qQwpyJ2zP8JjRfaucOEZj19vYEXfRT4mmlLctaJTJgRBuAViZpwsDUIy1e6SuNM52Pjl7JKt22NaInbwvmnTBBHYGmit4MG4N8tDNAbL-8pfN1bWNptpdk05NTWfg5OrY8qOdX1moSkSsuD0dj5eTCcskJSG2UD1wjd6h-PmjuEzKX7meGCxm-v7DxnLkRgy8vin2RaIqb7KgPY_w8aVUkvA_LzElfnGklXz_EAFxL77X4cO4fCGO2Geb8K9hqsoJZ8NUhHfjjEEx_lgAnkLn87RUHDopEpzUZcOQxRx7uRJvhLA6-VA-HPGzFD7VnLZZ-FoFiBFibaxy0XK6XSSZZDRTbML0tcfrE9ze02WOs4Ub_jR1_0X8IdmNAxwCQWybZzERdMHxOGad9lE6h15DAFYymjvobnVojkBVdpNUllDgcZRPOM3TxyoOados5g8Uds5gyC5rHhMjOuGr_rSSgl8LZN9VMOFIZmb62KWZ0lJs-pfahhifnEBv8VgkrW4cbNtLh2mTK0Z4CKHu90DiEzwPZIm8cgO0SvpZZG1uDCJ0lIUuOjAwtGzGlfAuJw7SoyY6jJZE-uzFmJ1CVoyro3J2VoPeD0CzSIc7CYbrW-gsdEnQow7lk1-Nw-4jRk3ok2UGOSKALjB64ZXU1VnZOexs06pkiw4vPk7qRThvgbczL5RgKEXUc6OS07H4hcr9MCaUWK7e2EsM7xy2HsyG85T8yvbwxC6ou23Vo0zNQCFjfqChP2fEkjH4J3KZXAUz1yTIWCSkpEQfqEf2BQKUiW6bqR5R7iaWwS_TgaAzTR1o3pn6etpNTl87Gv587Bckuy6AZJek6z21RHDH_OIqFfUBZ8VJxkI_CXLUcbLwDktwOa48A1efuwPLQ4nUBrFv0mQ_PBVHC5zqC63AVSkzrkPrgXeuG1MZJBsXJgaUeFvF7mGBnJ2MuaomUv37X_WWu536MT37klL0XllYUbFl7SHmgJBQIdOOYmHTkOaPEDvx0AFy16x704RYZb4uUcnuJe3V70bT9hWlJ-16qMTPG-58o6WDhU4wPcXc1EJ_DKYKdxU0lyLuot6eZNcEjY6xTD0XOWXaJQWvyZNUmkO8j6R2STUwwnQVwst7xvNbe34kzePYxsU_eydwjHeA2XTpZj-Ag4OYyfB0FO2OcPBRQK-F_EVLp_TWj5MqIyUUnIouUda-zzESZcEUxli8O2HUtXkh1WhebiOsp4581proMdfUij6iZiGaIMqQnTPFYLAaDhyK6UxKsGBiNdTq-uLoh8vAxapx21hzNZgBARu9BEGbUom3n7ydAEO5NZf_5wGX8A2FB9W8N7jieLKGaIsagQ6FORm9tBq9QyucRWLx7MQqmNjsIuopzLH4TjvGTlpjZl7uyQFuVXkqXVw2EHciJbkQ3rx9PpI5YghgpuAiqtXZlFTpOKq5Q_kvYmtFtdgbLwjj3ca8RITo48AAbZQI7_45pQRb1eF3QHjz5HNKgKYc2-XJl_sL8_g4vyuVhwHfR9LCRlGsILngie7Yl4oEeNbUJ8nylkA2VrrC0ksLJycgTcqFTdeCeWucESbvlVKFqPmtMMX77lCQ6JTL1gkjE7nJ-3AEN6syyByUacth-1PRhrZZpKf63kgiHs-AUEn6WWNk8yJTNGm13lGgEV7lF0tonk2NXMxGrwMGqYxpOu-bZF8fL3rCrANNDgrl-ZPG--TX4S4YBgujEmMHyPRXapTMTKFFsxBJETeTXO0qOq4iYPl4uN4CpOjrPHpkdHGY1V_mb6ZdHconKTtJcMUsnA93qV2DSWwAX-F-zhRS7lC9G_a_cb14Bkmn0gLHLmPqQItW0G25P5UR5PMDNR_zkTD8NDecR0DCLwCDm8D-PLkwl6A8lPZHQeMD4q9fP5lOj06VRaNcLbYwKkHJhBDo52lTnX3NfvLdI_3vrGweqthO3g5ATJKA6KRPL-aoTpChSQbNhV6jhdu4ZAyMK1hztA6wAuGz9vuzNinLn_81z1iABIIFoFCoKwDI8hBBBqw6O-HsB1gLyVMoQ218BrBk7TajfTp9ilxFZi0ioDWZPAiTGl2CzwQa3M9SLtTBhRV9-ofVhc3VlILkM31jOldZmax4O6gmXG1bQ8iqVzY6UxBVSFLtcwNZTmnF_0xB9VrAW7Wfn1IpiCDRCdw5TapMJJk_IZU-jZ9hL3kmupQp1y_5sN7JrPndLLiHZw0L3VOKkJF0WA8cj2Bl6bLxRbuNw8RX2PBd0BXr-68BPdNWxwgpvZ-OTXaCuBWbcLMfn6fUgbi3fvZrlA5PZYYjgwLtzcBom9a4ZoYv1MPFp6YWLUdYavzTdFKfL8FK8mRL7E604NpO0HLDup7RnK9-UvMMwal4E76475WjZp4ob4xczig8n-p9mwMZyErG7vw4pgLRFj-FQddCXiOXFTJWP-Mr8o6yfAk4HJoCHgxy3VWorfFHN4Q6C2VYz4RJK_HhWXwlcpTR2zGb-kgYCESIJCZcVldu5vh47_kXJylFQPzWHCbTSGov10ziaVE8-OQVuF0ehSNPqgK72lI41-kyBGuuwY1pBTSWjLgH4hP9XcusnkTk8GUQmSk3hzdYQnKNG9J4t-QVkg1r_Xe6OzO0i8jVqmbMHLgDILyDhPLJ3KsBa3HsqVhkCD4vpDDo7Q7ASWzHox-9Gn70xH-ii06WEHv7aJv9YBNIpA11qtYffNGKq3p5_jRAj57xqpOnw6jap3-Ykb9jNNKN8t3ocd-hET6q-AfLyUPRblZkHwNrDnvDlHJ_mM40rjpHZVqK6F8Q1a6nT_R-mZkxXWy4fPxUCgh6K3Mj8-FwLb6VElRc87nbPJnnHGiLVEOnjpupXNlhYHRJnJvvhNAGYN7RL_z1NLGgln76114RzhBrhfaOMfXySACtyYwBDFch2Ot-ZwIe8vvMLKMI0LGZmI671SdP9vr62MCy4xYFFxN-kmuSPnqMeiCiuyEf9T7KbBCVipwSBLhRZ6C9AG_O&cid=CAQSPABygQiDy8-dic6N7zggL7BYy5ezhs29nhJpH2C5fkUVetO2KUHAXjHTpQR9_Vf7vsivyaXYV9keVThz8xgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Faccess-excel.tips%2F&ds=l&xdt=1&iif=1&cor=8657933443639569000&adk=3047537735&idt=49&cac=0&dtd=37
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a17d46c6ecc1556ff15b57901af8fb3109518674c83e76d88a9dcc5c7829b053
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11254
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame F880
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDS1TcgsLRTEkJoRH_o3q3M&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDS1TcgsLRTEkJoRH_o3q3M&google_cver=1&__user_check__=1&sync_id=59afdb5c-ea04-11ed-8fc3-1d21b9eb0106
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDS1TcgsLRTEkJoRH_o3q3M&google_cver=1&__user_check__=1&sync_id=59afdb5c-ea04-11ed-8fc3-1d21b9eb0106
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYm4Lo4gEwAQ&v=APEucNW9nCArdv4nanTf3W3NsdZFQMdx-VtXh1XJ5c6HCYkFuKYGGRFmlABDsg0vO7eVMOPtNkS1towfkrEHD5yvK8BHYS3ZurmCvrS3tJ0BEUbOUMlTGyYTQIg2iig1Q79FDE4gXlxWuB22UO5vcMbNYwBWueLHiLr3g0Kbch40ZLnVkZxR_Vgxznyu9BiPcFBe_MFPzUuUckP5ZFpxDmQgaENVU-8iiQ
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Wed, 03 May 2023 22:46:32 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
97
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Wed, 03 May 2023 22:46:32 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=7025&uid=CAESEDS1TcgsLRTEkJoRH_o3q3M&google_cver=1&__user_check__=1&sync_id=59afdb5c-ea04-11ed-8fc3-1d21b9eb0106
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
73
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame F880
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTlhZTliZjYtZWEwNC0xMWVkLWExMjQtMTU2OTczYjYwNTA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTlhZTliZjYtZWEwNC0xMWVkLWExMjQtMTU2OTczYjYwNTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYm4Lo4gEwAQ&v=APEucNW9nCArdv4nanTf3W3NsdZFQMdx-VtXh1XJ5c6HCYkFuKYGGRFmlABDsg0vO7eVMOPtNkS1towfkrEHD5yvK8BHYS3ZurmCvrS3tJ0BEUbOUMlTGyYTQIg2iig1Q79FDE4gXlxWuB22UO5vcMbNYwBWueLHiLr3g0Kbch40ZLnVkZxR_Vgxznyu9BiPcFBe_MFPzUuUckP5ZFpxDmQgaENVU-8iiQ
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 03 May 2023 22:46:32 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTlhZTliZjYtZWEwNC0xMWVkLWExMjQtMTU2OTczYjYwNTA2
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
121
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame F880
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1tWTlhNHNoRTJ1R2NhVm43M016Mjh4eGQyTkxxU1dtVX5B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1tWTlhNHNoRTJ1R2NhVm43M016Mjh4eGQyTkxxU1dtVX5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYm4Lo4gEwAQ&v=APEucNW9nCArdv4nanTf3W3NsdZFQMdx-VtXh1XJ5c6HCYkFuKYGGRFmlABDsg0vO7eVMOPtNkS1towfkrEHD5yvK8BHYS3ZurmCvrS3tJ0BEUbOUMlTGyYTQIg2iig1Q79FDE4gXlxWuB22UO5vcMbNYwBWueLHiLr3g0Kbch40ZLnVkZxR_Vgxznyu9BiPcFBe_MFPzUuUckP5ZFpxDmQgaENVU-8iiQ
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1tWTlhNHNoRTJ1R2NhVm43M016Mjh4eGQyTkxxU1dtVX5B
date
Wed, 03 May 2023 22:46:32 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
gen_204
pagead2.googlesyndication.com/pagead/ Frame 408C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8740226150616&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 408C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8740226150616&version=m202301230201&ct=76&x=1&cor=2904563361130455600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 408C 		109 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjhUXVOu6K6VZMAqpw4MxRM5Bu9gd2U-IySz9IJtuCH06krKeJkGH5d7th7VqkX7zpzI6BxbR3WMpmyR5pgnoQyyCeCLjipTxvlzpaeIaHCafXyAs&cry=1&dbm_d=AKAmf-Ba1h2HYmlmHvCN9K_bvubu3Fct3ak3i6TfDLZwQUfbDRLOju1DZydOSbAMRicuABV0Evj16OCjw5LdzS4E9owdmJyMAiuyOVfjHH3QEYSrMhxWc8QnFFWilMpajwPuayYvFhufQsOv8alhI4ydjfD9fjJKuWYcf5_jNttaaXSETJKMqKibT0gHuA0ljFfyXuP4N9V4nBbHlrmlMtHWofo8eF3IAlLSSKLCyl_AP12VQWt6FSspWjzF-30fHGkEvB1zGkvJmrdOkJWNc4UpXlSd2I0oz8P4VMCi52RyCkr7da8u-2UVFUEaJUOeVG_0_vMLDQfm18I3XegeQkuAdKz3AczZnwFRtb2jYX-DLfaXrA8cxVywK0TFRhQJObOiGpJ-YUM0-yP4L48E5xEqwbUewViYYELdWsAXwtaEXaHseMZo8mUh1TEc5-oGMcqhhETpixH5X-2G8KnNxS8IU9p8Wsy-ZaDXipUNk5cjZh2Vo8bXnkQijKnrG_vfbjy5w1W19P7zJpy9UBKEuBDNZH96B9wIq-CZ9SGRmAW2Six0r55yce7X4NM2spdznS4eUOfK85tEJioy_PIiTzXBJTXGsisc31BKt6m8yneowK4a8mdDlI1R-rMcxdXPJAKVt_D1M4NSUXhJTzqVlqNT0rYtGXxSmijLDxJRW8OSOcjw12eQM1JYKSl898GqGuPOC2x3iw254Ka8mEfPTodcT2-ljRk5JnRXWoO75lk968vkRiBXFmbgWfPttsFuPFsuEEsMI5mZXlyy517hU-fP2_0zNSTrUf_SVCVXE2XViTC-1FTHjYB0EbHjKl3U8YG4ReawGKIJVHdL4XCU_UQ7NBB5ikYNw0Ui47CixuiUrR6rqYfwAjEfT8HQvS0IzK0sx1t7PLiRX9O2yG4--6DChOIa16R5TWBq3kJtp0l__uqNuIB07LtzZGwty4EaYgDvGCUfTMjUjxm-hgAlD9qg5nOIIAyhTAdWiYSL3qoYIxDLer7HLyFLJy-akJ-PUPd58UtkCtnTU-ZjAjUF14ACW_K8kukd6wJ-KYib9hZCmDLPNMenbhmjtdLpTR-f5OpIjdH2vFgHwI0JoMoa_RBJKz4tf4K6vFAB7wzYapNC8c14O9MhX4zXIFuOVAQ83AFzsy9gsMNyMPUTL_OaSDZ8jYAAKabUHjWpn7vwa_R147Jet_nwecTNOiCBOJhLw5o_WTUKLNtCGTIf_6GE-Rsq6RSG5aCGJWH4pvzn5wbbpherrUNVeyg-dVnn-7QVD8eP0vKOmXzRhq06apjMioh-Et0BPgf9yX0QPBIb97vDu4I6LQ5ZJA63RP_LUqNrV-TJLxFMrmrpXKNJMdvkE_TOnIWcmlFcpxGDXA0H1PpWu5hDoFRm6XI6FXBpfJaQHdDcoEysvLWeLt0myRdpasA6C_tDXtXwti4foMrHVtNcVxF11FQYT2uS1RnJ45mqHNYF4Kl0Mtg7W0PUVAszjTSNerb83-vtE3SxzKWMaSCGmGhT6K00bpIjahg1mbEfHH4p1RDRNuu-BWDcay6C-2pkVS3_xwQ1HPVltxRDZHNUjDZDmEY7glHEvdsnT58VGUfjjervdjz3s-1gqamCySLtqhs9ZurgXrUnle3r2QLOHwCi1y4ci6IgZUDShFIMB6qi1QkI3w65g7zgXu36zeTbmVImqvvunm82IWdHlaQJg3h2gS_TCULcAVmRm7iBPu135IDw-fgtkp34NXPD5B13d4juaKigybxUAjybjjU6EHQ0f5RFnR0QmeeBeFZcOiOsbz0GCIeaumN1bs0zvweMdnbkgwe5Fnifx2Mfe1YWTjCCjM3oy1K3VVUWrKMMebWM1y8ilB4Lhyz8ESd5BIz5LlhNw5watMthm0A3ohxwW9P6t8QhFCb4s7K1FnuYKAs5799TuRqGNxzDkQT1qvF3lGI4rI-t1pLekoOAcSr2OqdWZNJ6EhrB6CbcyMjim-jFdZpmV9m8jy3kGa3g98ASt2EVrHmdtpwerI-u6wA79sRcgZOwPhrz23EfHdfkPgir1YJAIQw0WncbEFhkmn-jzsyFHu7Rdj7Hdry-dQ6cmqUikUbG48M2bRwXjnQplzACmrMVvObHmcxztNcnqPF2_yiYzFFS_XoMxwl1-6-KK1D2WvxKFZ2rKp9iA9V5G8E1lXwGIArsf8BWANDWTsuOHK8o7UxiJrSV1aR_ZzPb25oGWn2vJTzTBofbhZ_vJQCpiY_pu7Z8_D_7-cmafnLIvh5clPN8sn7s-1LP2C2P8kQ1F3p07mJrdbTOA_i_GqE2NeaivLZzguU7WvY3lkWoIx8GSMwyh3ErfNWmxpvMPmqJ0NYIezSaT6jZfzBsK8fFZaJKD7eOipUobScgxDMYetUhSwNni4Vc0iKQqvmw_dYVHFymiYpHZsnTUDDxLaxAOeQl1IHS0cnuZrI4cRsMqczmtzGueLPn8K1qmf4YYfRJg1GeIa5za06vpXYJKFkqBOpZA3ALXpOA2dnS6Y4ZWQN2x1497-YcYau2ap12xbFUY5lxCwQoRvuQjzgdw_vilv6CivkcM7sYSpXG-CTYQgEf3ksSopSCP72Qi0_ywePGaQSTvqd7wsUroFVrsJuHTmiAq749W_0RF4fmq0UJlrxS_40lIaZI21-GHw8Zddi6uzFTTzB7BkxW2bCMrHlr18yNOUEauAsQP_HeyTj0M7ONVMjaGOLKoiReI2U_LApoMVSo1lCjt8DL6xDSzK5OLyEAYb6x9_1ij9-ZxK4MUQgZNLTv2KGihHEiLkrDWQd4Hkqgmz_F2g5lo7ZU2KPHQ6Xel-ndeVBQbYrLZenK6NMfLTg5VxNeAejHrdOalmbP1z8HatY8iMga_yb6dYkUzgY3ci4iEdXXf8Fhdmm7tLv1gjLf82jOySjcVtX1-4C_tcwtnV5zxaq5rWiZ4ieQYAnaE9cWRppvFqsQxemj3gNrnWD-WCy-m_pDaS5OCymfYNjYuDa15SHH4S0PS9J0NoFQ09iZOb8-wJHUNbztML5OCurjadxZmfdiLARwBjpCz33ytDMVhmZwHWgEH04ABjzbrvlUuE2mP3l7kNA1AwCoVKzroqNtrU5TK9fWIV-VibmYVvW_ZKg1RNfJzijJx4sRWhFZ9z4r4hbRUfRpPMDrcKSjsS-0XfSnHWqUk8jFcOvMQBtPCQsqFlMtRqzvjsYeT8CQXZMLPY5I3rucGpRmlg70TLKXHdARzG9Scx0mQwPZzKeHV3QaOj4ZZSe3zkCpSDhO3TRmnU-H6n-wxlb4i2M3P-icjKEelOmnQnwj4zRajiwhdIYBSiB102tSlGVB3hacqu-pC9bQ0wjiTHihgQgST1KrnXFI1QlNrIDadRCi5ruND-MbAE1zjDz4cX7jr7SsQYs5i94_F6mEpDc51d0G2zQMfUgdaSj7zyf2xCw-l2DKlEOMSh3GUQxC5unMZ2yW5padAzvPhkZ0YF7kLrX_R2l7mW90q3Q6ukhpbRxB18mxMVcmsl7FZZWOwNKZGluadCZzBB4S0I2GK8S7Clw4az5wfN5yUzvyuf62QSV5Mmh-Z0NdZOX8WwKoU36UDMAPtYNFVMiqoMkl5m5SuLU2PWwglqZgPq_u55vnxj1UDBaWn4FIBry-fCx3d_oGygIo&cid=CAQSPABygQiDl_1t6OIrkcoEW-O2giOsuG4sQmpIhx3BEOPdy-lMUw_he2UJJb-WheqmMgcNizT5ZvWsEuO3wBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Faccess-excel.tips%2F&ds=l&xdt=1&iif=1&cor=2904563361130455600&adk=3944675600&idt=75&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c047292542cf2fa6591f9871dea0876108eb83f91ec8d831c17a96f486ad7bf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40636
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EFB6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4247794143127&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EFB6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4247794143127&version=m202301230201&ct=76&x=1&cor=14431400074469265000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame EFB6 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A98KJVy29oIW9rIt01Z4ZS0YE79VUvrVCVFJCpn6nI5-pEG94P5e78l6gMcVJAZMj5ddLLwlx_sbdl4lBvyzMHaTID3hqHN5ZRwTxiIscLkOc4q6y8qxjwwoYEL89R-GJ-ems9_lREdfHAMiV1YF7XVfpFWEsFaEKO9HKBfH4RZVPlXKc&cry=1&dbm_d=AKAmf-BYG9huCsJwlLV-4xMH5e01wp7_SqPkGrF0O3E7GGOR_JEsKYImMBIfwOsqPKjWullSQzvhTXaTbB2SH2Fx3HWEix5an7vSZLwVjA0upv0HRYK2gCvTGU8iQa-QlwLZK9oLyorMR1Bfqinejux9LbgXH1dqoLEoKVvPNcGDiDm_o2OycTfeX8SPx47s1RYqMWQgd6zw5xAtIQgvv4iCjJgbGW4vVCQ1eBqyASBo97XIsufHIYYCVZv5nmuMNlOo5GwPXjxRwkwxU6JrEP5u-NO5c9dGOt8PncbpE_5jpvDMSbn-0vsow-utgZX4VoGOcpX0zFGkWNZI6Xyf1vOwy10rXSGe2CxIa5kvWyKOuT0WN5JTa-OFYMLP8bk2_ovszKsnL7Y5sTGqrzssw5mUbZM7CnMnqDcnnWCYDixoOC-kDtf5VmJxFfttLZRiFeSocmv7u1yIKL5I9vRZIZWq0LdWzjUfe6BScG83QychkgARXsv_k2oucBG9kughxic-HYtS9h_ASuj3ofpfGAyW-C83cFrEmdPKuesVg2pLkt4tXWyDaqZX9dUXlNiq86Zz0GLata-oNlm7N3xNykdzxYRUd1NNawHK6HgXpl7l4UQBlOXNEx3BABMHfZUqW_UJnsMS2AieUqhByrYRvwSEduA_MhwesQ5zt5Vnv0s6Gmyg_3yAq2Beg21TV7WHPULbGE68_emdB1_ptdsEXnt8UvzJfiCVfKYJT6LeyJ4J-CeV01xLX6JWzJ3pes8Yfv2ZZArfpit_9sbjrhJtxvU6zAnwQy93CnZLA78EiKycd4wKGN6o44DN7j_wZi6GxsX23lK2A5S23lGDPTC0ZHuzIp4_5v32wZAY3lRIFhvXE4t4uE7cw0Eb9f4NM5FK7YJGIM-mDkCjtU-W3ThsIxe7ubwj-1AOLq9eLq1i0OJ6ttmCdxu0wJfVv-lqqxCDprQSR65-ltgPMd6mC7gghwyb6ppNikIZQah-_7i6EzypReXV_H9DbTMbrvIkONzjktjqXIMs1vyLlCrvU-ubR9UptJJyymFo40JThydeemE9UN6_wo76U1vTwYdVH08frw2sd4wXquzvce5_OgqDKLs2w-FEQ2wDqaK4RSP6i5vMBVmdvZxACY6agljdsQ3D1a-uV2JPikLdyCr22lf6YJORuklJWKvjMcla1TSVPhKFKyHZBb2yKpAfoxMhegAy10_s6EX6fAH4UuXNNR6E8ucekcVyKgJkKDvVUd3StiiYXSpzrgOy6t6kfbOQJSqYj1VyxWK7YOWzIUu7ZT7SjWxts6Cx5KQ2Ey_OXAr448DryAO67pk0Mi1br0GdvdlpnYoV2fqCbbDedqFiI9d5WvUiw4Wbf8phWBWl9d03axRSmj1zsVL2prElqXFgY_xqeiSy6Lmq6VPtAFCpMZVQZ-Nd226-WyMU9iNtmPsTqtaAhELbEX076s7TYRvLf-BmBVAJXdO1PlFAqH-0OOuL7bqJu4bftDUgrgiDjP8Pt_nKeBM6HetxFbzWKrx1AdNreenI4cUk1JUup8KEBAv2r_ABKU7JEpxFEKk2GGqfJNIcLHrVOXvCDrz_2dDpAgS-vklgOV2kcvjvnY6xJuZTNk6zJN98Q_N2NwT7mM-PrwjVJN1Sv5ewT5G9bi9zEgbG0SL74K_FipaQ0AundEHmhTPPJAeuIKTgwoejlieaWGR-F4jfsuSkJUF7N4ZtIkWWplbjg7D4EhstT_-_1GZMG2URcesmz1YRIKChQckhvkquhqYzQitJhqVVXRFZa1l2f4QmMSsK4Sd_diosENVfqOXEyKFJqt2LmlCxS2fkRGKy0d069INH3kAG20L8xORF1mC2pXr8pCy3Rue6K0IzMIRHgDxP2wnEXE4jOvn3PU4OGrwQfgCbETwCS03KJvW17Maf35T9N78c91dXAraR_MRwl8yGBtTt6osL0zSqCJTTJUM5fK80eGaDZ_FsoIFJlUxB_1FZZ_uvUaFu0ZtBQM6Tv8iCWr4yiGcXUe7GJfzMLymWc01A_vHZXmG27J-2tDMUZNCQsFfwC2Ie_b-W74NFBPwSg4xA89H_jy7SFUnRRp6uh6YBsPw1zlY3iPH9UPg6UdUpkfSOYSby-WuYT6SKpJtHN_pXC_8fLlPFwqaKLlBcBp9feXZ5hbJU0G_fd2-lcudalL_L8reElDiOUhEFMkmWRg4CWncRSPtYX0SxRTpRosBdfzKImQJ2iRjxO_HEG43qR1cLNFIs5dgYmJQ3ZTAE6M9n53IQ74flqamWok1WBHUKi1hzXwInOvkGsE_Ye4JN_AiaTSgccACGEZdEg8thVSR4DyuVLrFjBIc10Sc728ja3EErlM51i70RcBcEHcCd2T_Wee9t_0NjUsosBOq12iddJSsmNMQYsBrs8334S2c4UCss2IM21T_m7uEn5ubkJ0kakVqmaJx9FZIWfzpGTsqzh2KhQbPSoTsOEVK6BE7xi5i99FCMecm0ypiZwsw9W5Mk6-KTYaMoGT9fv168dAEs0XKpiOLLIpGDwc6dUvDkKm1drnTIDSb55JNrnjCbDLk78qLGdDwNDzSbFufROBabq5BkyQIEzfN3SE7kiHyfd2si2Pao4rLDnqkVu-CeqHsFjNpswpfWPi0j7jAppey-K2YLA4-F0t9E8g65C9dzMzvdG13sSvJ-E914yX_uGATLqzv6h6qptZf5-jLOxX0WeoKdgIpkZA3bvnSBd2PKff4Jc6gxqR24Cu6yZ9fWlrj-y8NwBW0DM7Koh1oRksLVi7lItxlAJ9-qKpazsGoaGiCYv0SPH8JlSvqGHlTDEhbp1Z_lx-K2hM5ZKvWvsqgD4aUDIzPHmKa2vzr-thHYgeuO-1PWwELGu43g8j67cFg47TA3syjRlpBAnWjHOrM4ANwVoe0jyWilJhMPYJcMUJwYlykyK9Mp36_uIF_Ws_XZtHOeQKx_6EXv7Do904z-8cTd4jezUaRfr5p1IpEXRfRsZ_U9OqVM0LtCTGjPmzGxrFfWJAhFo49MjzxEgP7cFWz5bk1N-qPAYx7GeirZxq7TLOhfQ55wcxvhYx14DzWAfNgoimkfN9q34tLqm3a_oRklkU86kMM5AA5N4fnCBYwCsAaDcPzksH2etVSKPxeoyf_t70_YMfhOfL48rH0ygA&cid=CAQSPABygQiDlU46MUgokLTEDVkmwva4g8wAUokZvSNM-M4ulgURidKDKrMnsO4jNn0GvKIw9W-nlCfGoPKDrBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Faccess-excel.tips%2F&ds=l&xdt=1&iif=1&cor=14431400074469265000&adk=2857193498&idt=116&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b103186d7fa99d76259fbbf4b8c051e3ceea2e2e4becdf98702c7144cfcf972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11086
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A1F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8938236077337&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A1F 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8938236077337&version=m202301230201&ct=76&x=1&cor=6127711857886505000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1A1F 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bj6yOljP80Z141Ey2tcweldPQSQc05gROgFGpLpJXcGbNBRUJw2TgsWEQbSMM449Tyiq7rKyM5eeDA80r-mWDXcQsV_1G-e5z_8R32v0y-m9nYlHcK9Doi9wctExeXpkP2ggJDR6NTdB4iPXD371oGnKJdM5zgeDm7Ozl_AgmtX4pvVRg&cry=1&dbm_d=AKAmf-DbXYOIUMH_iC3oID6OSNGvNT2e-jOPDmsSCvZUuge13UelZv46vwKUNN0xrG0bnJQ2udFh48W6m-huf7hfVm_UFh1nZX5C3zalQ3649UCXVSg2EaJ0zikiggiy54FJd5NTPcozxxnrHmqWkfAVAB-a5_kAkgNtUNRuuXHC4JYcQsSBEPFzwZtm8SLV-afz0qUfCyaaZBYt2xFgQytoNZpx75799z_L74Q2YF6M0emWbwCD5XJ7j2bDYkQSQ5Gfo1P0poPRt8v7IMk6lKiSGxozN0JHC33F-C5j-Xn46L3QTIqjO9wJTFTXHfPp1sI-pdnUTd7DioNDCax99YDD8zkEbpcy6TOq7iAxwyiMHYfD9nZL1htq-UUKdXf06DlOS7FHGDV95n9ycEmIaKLLo0DsFudVJY-WrQhu29_cK39m3P0OAiHIjVSe1OfBvM5ZS05ISpr1G1mu7n9G38uT4Q45MbXzEUGnLTJTxZ99tZwbRrDzrBOTQ1iS9YvMcSkTKcw0VGFIlEIRmlrAyiEym1BPw-KANtO7tOgDpPXQkAd7xa8QK3qab8g5FBMJNu8hBl5WWj4lH0wPBEswkkWO3EB8JhbYUQPHT7or0vSspCRJLvwZiBYc19kOA_4QJPpABMXHrA2if03jhrUJAuEUjejADvBiwGW0lq8A5Dla7S5xYqtSr_TlG_xwKXcETPh6vVdfcXKdUzVFvd_UcADuAtQxgsqq97tlSfbXwwwl3vluSnkOZZl0awUUefI7KZUcEcJdR3ctWo-2jcCMKdtTL2Br-wrrhRT48LC2-FQWD2ryO9MZuCt9ljxhPNJgAPbtNAOhGir1lhe7I2TDgYZc3Oewiap4zMgCDbTPMV2cgyDzkKw_eR9V5dzNxAr_EqIFBkvKhw0EDXJ7Cusiz4Jzd5x91ypQ8RDR5LfM5RUlJnUVdo4LSTG_EGiHOJIfHRb6lo0PcPLpzpJktnNJ3Fc3_Ym2h0K7LP-EYrX45lGbFmeB-va6rn4A57UV3nkBIxBW3wA_zcb52wGpPD2v9H-8OyQmgG16daktj5oqhYSLL8icaW6VQuYS81dKGUxn1SkU5JY4hOPjjQ0lqLeaCoa6COecG0_ny9_JeeaBCb_vfYtKGO-vZZ1So5oTd4qXnZHFKq1BZ7uyWmkPMBaVoOOn89YgGuufcpGN8bIDoZE64K-P_1XBhi6TStFc4F_W8GvSPfWdiMKDjOZrrj0LaATY_ramoKUiMS28PBM-TdYUsG6ZrSg3S1Hl7R1hJj3I6U7jUjMIejskEd7rX5_ualR9xhOTign9l44LXzM4Ep401YzRT9tz9ql8IVvNz-3M2_mmDj7T-M2ZwgAubgBze4eqLouO83OLVSidHvSUCIf1iGtCeiJ8TxR1xV10eT2G87IHy9Ws2XQiwS9rrcju3iRnFM_7IKL6VgEbz91ST98jhyyUyoIgWBVlC3aSw2tb1ifKUQoHJBxXgNzzTAhl9-u-FMGzyrRyBB_MbtlVShsdnofzNPs46-fUhw8qNnngh1t6fkZHH8f9GxwQ_kA3DXteuZrd5tqguGvr_WX16rCkDEtjw76rPm1rh6kNpDkj0ur3UYueMD2GVJP2UjEeAcEA3gbDAC4nAMAmLfcsgGI51AqO5Tbp0wngpVINynvowcKKoXNVaOT0uoxIYMbqPX_RkgaOIRUoI8dyHsYLcZ2qO6CXA6yIxh4ULOQc0vXcG1PeWUwQD9x7mk_H5Cklk2oYvpEwlmuO-u8sHuR3elgdCYRoG6-SxVugSf9h8PWfEDCNQS0YSy6uPI30p1UNbILMiP9vyA6J6w5XpM6FySEH55kJ-6NefJC2ZS1muNb-so1QvyOveJ3Kgeodj5JIGPy40YnOHATm5XPQsghKUAvEHm1akCc9FoB2EqZ4r-nbZjdhMSR9UOgObHvyO6hVnbZYoTeSxfhvFdyEfOmHYXQYLfGVfaiiKQGzgBareWXV7UcuT-jhuR_q052QNO4QzPi7ZnzReoR0Mz_vcT7Nfg4ZfPia4jJrSfM9pf6nyoEKU2TxQR_49_31z7f2LYOwRPHQhOqrSNmroPefiZ_MP-IgYq0sScKKXmnMshTiLTEarhzNpOq_egeHSiDhtbkzcx_P-yZ4Xa_mttP6R7UrGh_JAVQiRatlMiDI8k7zyb68J_v1x8RKBLC_5Qa1SOJMvd9FmNFlMVEkCN6_tZqV7WY4GgcmjWB1HV-K5qb61wWLNNmHNhDLzBj0JCRFKlFeFjcgUJuuNJzV5vHkN7Hw9u44YD-5WUGYGNSGx2ZREqDSILjE82LVqdC0LVBorQjP4A0WUm7rsOrORSSXOf2YQ1vBJylEUwE1SlomV7QhwUQeVYn1-z2os-QPWZzWQWFzfVUdSWEC66MVeHBY5Zx2CeJgeMHX2rGD1EHDVW2Fj4tM-owrDzHy1__5Xic28ZdGJujHbo3fza1nMxMNb-9ff04WumaA7v6QpJ1e6sa79aDjRwjqFT9f_ZELYxkB14PjI6MlNWlRqFPj-96KbvUxbCI2tBmzMllQ_-_9BT3ak-12KNKiI-j65v4U9QiinFzdNNLQ8ALz9W5LNoli0w8vagBn-sCE17LtghK2h2mwHw9We5_ZFS4glznbRsx6YituwQAWVBmnr-bB2UMWBztY2hg2mMDUeoVb7kU0kmjHiOhKpagz0RzDRS3zwmaEt07LiKbl05uG5exmFaAGJ-oPbySD4wgXSFabeIIxa7GyaZXlD4Xf80zmFQMIGPVgZFV2v35M1LlKRPqHvSXIbFhjIcuL2WUOyZv5lKJoGmbPxAyE1nEcRZX-P35yW5kQLKYV7hrnhSI60Cqpy-WvOgUXepXoPYc-FpWIWKUaX3p1IClkLAPuAZnLZfu51gAFVtgVyk0zjvsedkNhdd-jvqP_Jx4SjnkFQjg_ykec-qnzjeZnPiFZ4zwl9w9pmh_vTOVIC8ehABUa_ciqN_L9o0vov7BJierb7tvAqsw0CrG1za6orNXmy7vi0egj8M7-N4zrwV0rVgeAV8-0oeYB5a7kDM6uVAkUMcOT1P3Q4kIl1XTzPAgbRUhaZrT5UU8rt1cxyN8vVA7VpKBx6mzk6lPU71IP0tzhcfk4_nQcfVmWS7zVA1DvqKAi1Fe0-w6Hur9o00IGVENh-G9hEQ&cid=CAQSPABygQiDDMfE35lsBBsHn5iwhAfLlQRoXMU2k8Zh_J98EVd5akieJR6VGTfvilHgTbCdIP1K-wUit64hSBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Faccess-excel.tips%2F&ds=l&xdt=1&iif=1&cor=6127711857886505000&adk=2086295851&idt=122&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c480938fc64cfe54a50f42ef4a9cadd24164b630bb7bd2a7df637f293ae883c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11261
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 56B6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1195249303100&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 56B6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1195249303100&version=m202301230201&ct=76&x=1&cor=15814335860320391000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 56B6 		109 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXzFbMjpv9VXW8bon_gywqkugcLg2o5aZhNGsblE67DBg1kMoU0-oe2xkcQkp3jtu9prEsJ-silS0H48LH8GfZnR4Bo7nI2XXCACe35dSXHLcyD0s&cry=1&dbm_d=AKAmf-BXeDBch4ef6ATLRK13shURvUtV-ldh-tCDthR7wy0p3dzSZF09YiaJIpwfUQK3GYeCO2cRcOvOniCfiicmVOu03oIG95M4I9dt6LLCbD1cVJ09e9BeYcSwNn7C1Iju8RR6jD6Rk3gH_bl0_3udXgY3S571ZcWcOQJ77xcI7XcEsvieBbOP7dPHJaPdRa_kzg4rwpVGrts2Wt_ik42i1CzNx8K0l-Z3wdPFs-NZEtvWstWKi8YZSfnqyP5elLk2YXCECkOKPq0-kKLkOJLNAN5XAGQOvI0rGxNB2tCPiOlsM79Htx1556xPtpY2GCgKzxECkfOCgo_6jp0AIqJUkGU0KPyVS1O2rbH560iTL5tg-J6WrzXMj8y6ELNkMkecDl3zqW9AbjMWosboLjWWYdaucNHhvczc-vpMOCIB6vAvC_DuudmOkGxBiDmaj-pPLsJzkNJpHtzArJK2__Lzgub9_X3tEPCFwOkosgCqApMqLAQQclgEvp1z3OyQgMB1tpwZeDzy88HeLOz25L7fhbuVH9IIu_luDBUKMg_oGjJYD5WdjS5vRlngQ6YnGysCx8ojOjNJ-Xd-WzUmDoRlYZ2IdEjJYi9_40qmT06PgySRIBBNgJci2mLu_CKNEzu1g9cxLlyfzyO3Yh4iWHe3cybPtC3IqzEG4FuTL3QysKjYpXF4-3AaTfkXg381VV2ZmevGxU7K5UH9KSWVDYulYNtCqkjK9ZzYl4SYatM8KgtwJoIYfCjHU5JuJ_IPbIVHC2hfzBztNBhhCpBKeqlVu_RV0C6cNawr7bl2pdplqzm2JZXh6eCVqliWhYWIG9JuSm1PN8C_xchCx-RBz5Pixe7OuGBOxChbvn9nlum1qwRJZFHDiNHUsUVL2C6LEtxKRE9CBPYl4ifBgHKig29MOfUjS9pq9jUYuCEnTdJFXKJEZ-e0XKOFZt5pjlz1ahAjUmjf_db7LlhYbsoLNN1Iv5aQ1dhnz5HTug1uJx2_Fl6Cm--JoYgEk2FBTSg9V0STWqrJJ3mhjUjwNVjVZPVgN2S8DF7bkSa9IQHKE6WI52-cv9MK51e4qT4M4jtHLKhBxiDavCIpaOHb49PL1Iou4JxiXPdm39g8DI8ACp_7g9udJzLf-BYXVnGZFhnscTZoWxieSXg8YkUJAlBVe9IVdVbWVTixa7s-TCX3PvsI6T0hdRb_C3uUShUBiULseWkT6SQP6ZSppVk-DnzpI-ZnznrHIYeJvWOtR42G7cI3hDRLVWjxHWRJjAz5CuwsPJOuKTFPQorB29lyR2XQkRYPLnHsL4JDUbc3LAoTBEcAnA0LFsUoIrkHLXc2r2cFBYAB58WaV9Q7_2Iq8EhaJ7bOfScm4z3mvLqK8ou54IN2DgF89NHdYT2ouz0jw9BIA29Ld4GhU9fbD4xR9r-jpSacBt-WrkG4UfSuib3DWGLAE_GedVkmoPD3S-YI7CHwyBuY1wyc4KPMZv86A6coIFIZCv2uLf_OZapTCJgRpmRnkBfD0wAJoFafdAF7sRZKnYO6kgYiFEs5MBp6OfZRo-0SYNqHmPToAvtZYOLtF9R-QYexwdUnWB7YQzNyQ-s281jYtwoHQgGW9th6MZZaH0mYe84PFNjvjUym4ZoDpzF8Voydj3Lj6AKCGPvMHMyCAp10OGrOKeBFWF5jkFMVT1sQRaYGvDR3HJjXM4NEN3pQ3g-ZluZ4fa7Xx6SMWDLSNJQfNVIYYN9YbUVS5KqELY0e2N473jIUyrm7GuBhOTZjudDoURc8x1oy-2rd8fR5bKrivBBM0jG0YvvD2YMqTm5Ystou9KJ3_1w0WKskkXJbGZGOeVRJpPRpdB-2fs1A99Za8YHUiy55JONaaWIoTFNOftp5mPLywFUyCId9Cygf9OKmZ8eobMF4AzBrJwkaUkPD_GGXwEaOBz1XJpotWusWcqZjcC542b1dLAKTbixzMYgtRMlykm56uCWLJRTb5TEDicGXdN4XE8JOuoCD-31KwSRwY-UrK_Sc3JirrdnfFiU_aH6MMm6H-PsFIS_aNBzafTEryYwfubC9DNrD9OYghprJ8ImQucPGZBPqZtth9qiBAyK9UKgenFzcmxMdugerg7AG37CfF6G9tJoS_XozFLZHVtLTiYccXPzNB0-bXjCMHNTQZkfUHCx8JhFDF_IHYT-53zs93OeCh4IVijmk3FjqeFT5HZeV_9PgcPrS19gHG78QL67rYhbonG6w6_NbCnIIkG81WSEj4ROSSJlsPaZnhplXgeOyc8kIICWdLHZep0GAKiPy9mnBylQeZa3J7KG8jNxmt61hdZp-BKTIUAzxLBSCXD6o6JgxIUwYilTqd1AuPB-4UbMsEYyvbRFCKtlkzUx-OYjL0FV--Bqkc5wAEivAuW2xKDqXNTSTGC1LJKNT0G8IVfb4ZT8QH5w-FfAJAf4e00M_2xJzLUFU08nAJkv06eR8zJXDYbZ0z_ittXm5DqoXKxPvBuUvSzkgAuBFe3DOSzl2QKkNP6IvgmTYAfbSuat2BWaQiBB9ReVBl1JQbEnIWTvWM-zzAiT_JmocUtu2Y5_Z0MJ1IKcqfttO1Kbm_dWSXof4L8xUHAbholN_Eyw35sLCpzd4WvgvLDn4gBOog0m_VTeiq3f5zbah7k-H7sjtblWxAeradcc2yBbL5h2Ps41SdGunY5LZvGYp3MZh8VGsVU2MTPo2weW8Jxnm2ECd353EmnqwOVCxa0l5ADau7SjECz5XttB6oqep8Bf9ZFOBV2ekLCwi_hPstxNWOKME0Jc-2CEe3SiAC0Stty6wpE4cSlhg6kuCHx3-MCga58Lh5WAeX_15LTwh2rhuzy5-kubLDTWKf3yrNPQGf2N8vOvq2Lm_G7X6BzpD65PxJPikHIiyGH3SFEJyXY2FGPmIlKaKzGLYkbCf4uEsWqDdfAt7zrVtXCazm6THjktzuiHYfvJUVNOiLQLJmGS8Dm0Hog-sfLe1rUVN1RIRAHY9hKe0qqk-M2XZl3apHfUoMuY9alFrxk8yov_w3LISq3HlnhgqsQfJxIEeTdhokmmafJOQb7SNhcunH5S0wpt-iJxyfHAwcBwrJYhfBK5SS6zqRp9JvjohSb1bOTA7OOBCvsz691eK5XrrrnQdaC6tvp8Z4CICusL6uOzGz-LTeGftcyuZJE1es7q00T07yfPT_t3BfhzccTmBcr3U6aG-yMAPpZl--9dpL77JZ38XQxDA-EAuix0abRfKpr4sK0cWykEVOg3nvQe6KU3X1v7w_tZ9Xb0S-8WCYxOmGWSAPQnIbXHNWu92HzLTVB_RYT3xv4vWXQc8Yz-5ID1fzmGiZc3fqZqMmHYw2oVWKek79zYWjiaQtu46PRO0K8Qxic6FESP6DsLLz2l7KavzEygvH5dP6f8q48pnPLZxVuxLRrd86C34UWz0ak-xdr3z_tWCy7iB-0mKkxdKu7W3tWd4YN0203LJ65ryf-AfQ6csbJ_3MzK8t2KHRszxr_VMNyzDZOaeui8Ef7ddIfow6ifAo7kxUs4hfQ8E12TKanQbsejqUPpIfG9-U5gWLBNNzebAVtCB8ugDjWckAMWKHxepLWXhK5ZAtWXb1FUavk-ER08nE2c79Z0ZYwtw-mNPqrcZgHfPeIlEh1kFmoZwIYQIy24mDSh02edFhlQu4JWDgQ&cid=CAQSPABygQiDCmr9rDPITPuqWuEzuttWBZpwhK3SK3mDn8AEY5ldMMCCszwtdw0rYqeJ55DmbpmSCU5M2hec2xgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Faccess-excel.tips%2F&ds=l&xdt=1&iif=1&cor=15814335860320391000&adk=943508955&idt=107&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66584c7b347eedd764c4bc54ecea9f717f48218e698955328b5e8b489ac478e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40668
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame EE9F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEOtgqiwCMYVMqFJp_OoMs34&google_cver=1
43 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEOtgqiwCMYVMqFJp_OoMs34&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJa-_eICEIjrweQCGPOEt-UBMAE&v=APEucNUbJEog0ubSttIcmzKtvePQRzsvBc2umW5lvKGQJEZD-zdhfk3NGlpex5a76N83NZ8ZYtuWOOWvV1PALBKlCsZuoaYHKdrAZ7VKP9xDMh07cT_KqbnZBUfmXMunfcSdxddxSjb6xYlV2At4IuGV7qkrXAphemmOzigavQ6lBWIQHdmNatUa-aPu3a2JDJZ97s2KtK4z1eRPOJeT71v5VO0XSuop4Q
Protocol
HTTP/1.1
Server
95.101.54.106 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 May 2023 22:46:32 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1683153992549015-388
Expires
Wed, 03 May 2023 22:46:32 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEOtgqiwCMYVMqFJp_OoMs34&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
317
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EE9F
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmE4NTk0MTdiNzI5M2Y2M2RlY2ZjNjM1ZmE3NDM=&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmE4NTk0MTdiNzI5M2Y2M2RlY2ZjNjM1ZmE3NDM=&gdpr=0&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJa-_eICEIjrweQCGPOEt-UBMAE&v=APEucNUbJEog0ubSttIcmzKtvePQRzsvBc2umW5lvKGQJEZD-zdhfk3NGlpex5a76N83NZ8ZYtuWOOWvV1PALBKlCsZuoaYHKdrAZ7VKP9xDMh07cT_KqbnZBUfmXMunfcSdxddxSjb6xYlV2At4IuGV7qkrXAphemmOzigavQ6lBWIQHdmNatUa-aPu3a2JDJZ97s2KtK4z1eRPOJeT71v5VO0XSuop4Q
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 03 May 2023 22:46:32 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmE4NTk0MTdiNzI5M2Y2M2RlY2ZjNjM1ZmE3NDM=&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1683153992422077-337
Expires
Wed, 03 May 2023 22:46:32 GMT
/
rtb-csync.smartadserver.com/redir/ Frame EE9F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOUOLCVPuenSGQiKF5KvOiI&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOUOLCVPuenSGQiKF5KvOiI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJa-_eICEIjrweQCGPOEt-UBMAE&v=APEucNUbJEog0ubSttIcmzKtvePQRzsvBc2umW5lvKGQJEZD-zdhfk3NGlpex5a76N83NZ8ZYtuWOOWvV1PALBKlCsZuoaYHKdrAZ7VKP9xDMh07cT_KqbnZBUfmXMunfcSdxddxSjb6xYlV2At4IuGV7qkrXAphemmOzigavQ6lBWIQHdmNatUa-aPu3a2JDJZ97s2KtK4z1eRPOJeT71v5VO0XSuop4Q
Protocol
HTTP/1.1
Server
185.86.138.153 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:31 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEOUOLCVPuenSGQiKF5KvOiI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame EE9F 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJa-_eICEIjrweQCGPOEt-UBMAE&v=APEucNUbJEog0ubSttIcmzKtvePQRzsvBc2umW5lvKGQJEZD-zdhfk3NGlpex5a76N83NZ8ZYtuWOOWvV1PALBKlCsZuoaYHKdrAZ7VKP9xDMh07cT_KqbnZBUfmXMunfcSdxddxSjb6xYlV2At4IuGV7qkrXAphemmOzigavQ6lBWIQHdmNatUa-aPu3a2JDJZ97s2KtK4z1eRPOJeT71v5VO0XSuop4Q
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.153 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:32 GMT
transfer-encoding
chunked
content-type
image/gif
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1CDC 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AZpLDtnKSMkucVuGz6CMtZC9JtHdb49ZJvVK-GhHDPm726b2kViLr8ddx1QC0wxeJGThQVmCjXcFHlfXZxyza475M7oPb_y6KzVsY90A0-RK_dRt6xEINm_SFL2V8bywy5Pl3yRX_cPf-UkqD3roIrlsT-EV2pnZDgP05D-Aa-e05A2VI&cry=1&dbm_d=AKAmf-B-BbI-iSX_wAsvzXNmc4g02igQ2Ciw1FVvpQWuXfwl89Bb0MKV9AgwebKcFT6Hr0fgY4XoRh7ZJk4rhA1c86sohYIBQsdWK9JBy0pYva2ln2ViRbVKB228ulD5Wf7_6vNbRZ6EQ5AC52uujBqPFfOObCbjDSj8kp41YMjMdCVwh3nQjrMcyd4GLV_Wby27Q8zsJasiJ8uCOUJRxC-U1tIeAo1GOWS7wiWqVStTu0Ys7R4leYw_TfkyKejZQYJ0XL98gKNB4oFu9P1ehDcfDHYXx-3npeot2k89_m1Xrg5GfyV46sch1OY5Hg68Znwf6DUtF6XPEk_rXgef9hAibbLsv1lQu_NbYyzC920HY0jOrNSL5zN9KEAVqYGC5QIOGqpXbuJsSOB0ZbUHu-md30jQ_NKlp0oXbBkHcdp8PFaBGi67jx2h5s1pLt0AZMDQl3r-mLp9suRPyq-F2x0qQwpyJ2zP8JjRfaucOEZj19vYEXfRT4mmlLctaJTJgRBuAViZpwsDUIy1e6SuNM52Pjl7JKt22NaInbwvmnTBBHYGmit4MG4N8tDNAbL-8pfN1bWNptpdk05NTWfg5OrY8qOdX1moSkSsuD0dj5eTCcskJSG2UD1wjd6h-PmjuEzKX7meGCxm-v7DxnLkRgy8vin2RaIqb7KgPY_w8aVUkvA_LzElfnGklXz_EAFxL77X4cO4fCGO2Geb8K9hqsoJZ8NUhHfjjEEx_lgAnkLn87RUHDopEpzUZcOQxRx7uRJvhLA6-VA-HPGzFD7VnLZZ-FoFiBFibaxy0XK6XSSZZDRTbML0tcfrE9ze02WOs4Ub_jR1_0X8IdmNAxwCQWybZzERdMHxOGad9lE6h15DAFYymjvobnVojkBVdpNUllDgcZRPOM3TxyoOados5g8Uds5gyC5rHhMjOuGr_rSSgl8LZN9VMOFIZmb62KWZ0lJs-pfahhifnEBv8VgkrW4cbNtLh2mTK0Z4CKHu90DiEzwPZIm8cgO0SvpZZG1uDCJ0lIUuOjAwtGzGlfAuJw7SoyY6jJZE-uzFmJ1CVoyro3J2VoPeD0CzSIc7CYbrW-gsdEnQow7lk1-Nw-4jRk3ok2UGOSKALjB64ZXU1VnZOexs06pkiw4vPk7qRThvgbczL5RgKEXUc6OS07H4hcr9MCaUWK7e2EsM7xy2HsyG85T8yvbwxC6ou23Vo0zNQCFjfqChP2fEkjH4J3KZXAUz1yTIWCSkpEQfqEf2BQKUiW6bqR5R7iaWwS_TgaAzTR1o3pn6etpNTl87Gv587Bckuy6AZJek6z21RHDH_OIqFfUBZ8VJxkI_CXLUcbLwDktwOa48A1efuwPLQ4nUBrFv0mQ_PBVHC5zqC63AVSkzrkPrgXeuG1MZJBsXJgaUeFvF7mGBnJ2MuaomUv37X_WWu536MT37klL0XllYUbFl7SHmgJBQIdOOYmHTkOaPEDvx0AFy16x704RYZb4uUcnuJe3V70bT9hWlJ-16qMTPG-58o6WDhU4wPcXc1EJ_DKYKdxU0lyLuot6eZNcEjY6xTD0XOWXaJQWvyZNUmkO8j6R2STUwwnQVwst7xvNbe34kzePYxsU_eydwjHeA2XTpZj-Ag4OYyfB0FO2OcPBRQK-F_EVLp_TWj5MqIyUUnIouUda-zzESZcEUxli8O2HUtXkh1WhebiOsp4581proMdfUij6iZiGaIMqQnTPFYLAaDhyK6UxKsGBiNdTq-uLoh8vAxapx21hzNZgBARu9BEGbUom3n7ydAEO5NZf_5wGX8A2FB9W8N7jieLKGaIsagQ6FORm9tBq9QyucRWLx7MQqmNjsIuopzLH4TjvGTlpjZl7uyQFuVXkqXVw2EHciJbkQ3rx9PpI5YghgpuAiqtXZlFTpOKq5Q_kvYmtFtdgbLwjj3ca8RITo48AAbZQI7_45pQRb1eF3QHjz5HNKgKYc2-XJl_sL8_g4vyuVhwHfR9LCRlGsILngie7Yl4oEeNbUJ8nylkA2VrrC0ksLJycgTcqFTdeCeWucESbvlVKFqPmtMMX77lCQ6JTL1gkjE7nJ-3AEN6syyByUacth-1PRhrZZpKf63kgiHs-AUEn6WWNk8yJTNGm13lGgEV7lF0tonk2NXMxGrwMGqYxpOu-bZF8fL3rCrANNDgrl-ZPG--TX4S4YBgujEmMHyPRXapTMTKFFsxBJETeTXO0qOq4iYPl4uN4CpOjrPHpkdHGY1V_mb6ZdHconKTtJcMUsnA93qV2DSWwAX-F-zhRS7lC9G_a_cb14Bkmn0gLHLmPqQItW0G25P5UR5PMDNR_zkTD8NDecR0DCLwCDm8D-PLkwl6A8lPZHQeMD4q9fP5lOj06VRaNcLbYwKkHJhBDo52lTnX3NfvLdI_3vrGweqthO3g5ATJKA6KRPL-aoTpChSQbNhV6jhdu4ZAyMK1hztA6wAuGz9vuzNinLn_81z1iABIIFoFCoKwDI8hBBBqw6O-HsB1gLyVMoQ218BrBk7TajfTp9ilxFZi0ioDWZPAiTGl2CzwQa3M9SLtTBhRV9-ofVhc3VlILkM31jOldZmax4O6gmXG1bQ8iqVzY6UxBVSFLtcwNZTmnF_0xB9VrAW7Wfn1IpiCDRCdw5TapMJJk_IZU-jZ9hL3kmupQp1y_5sN7JrPndLLiHZw0L3VOKkJF0WA8cj2Bl6bLxRbuNw8RX2PBd0BXr-68BPdNWxwgpvZ-OTXaCuBWbcLMfn6fUgbi3fvZrlA5PZYYjgwLtzcBom9a4ZoYv1MPFp6YWLUdYavzTdFKfL8FK8mRL7E604NpO0HLDup7RnK9-UvMMwal4E76475WjZp4ob4xczig8n-p9mwMZyErG7vw4pgLRFj-FQddCXiOXFTJWP-Mr8o6yfAk4HJoCHgxy3VWorfFHN4Q6C2VYz4RJK_HhWXwlcpTR2zGb-kgYCESIJCZcVldu5vh47_kXJylFQPzWHCbTSGov10ziaVE8-OQVuF0ehSNPqgK72lI41-kyBGuuwY1pBTSWjLgH4hP9XcusnkTk8GUQmSk3hzdYQnKNG9J4t-QVkg1r_Xe6OzO0i8jVqmbMHLgDILyDhPLJ3KsBa3HsqVhkCD4vpDDo7Q7ASWzHox-9Gn70xH-ii06WEHv7aJv9YBNIpA11qtYffNGKq3p5_jRAj57xqpOnw6jap3-Ykb9jNNKN8t3ocd-hET6q-AfLyUPRblZkHwNrDnvDlHJ_mM40rjpHZVqK6F8Q1a6nT_R-mZkxXWy4fPxUCgh6K3Mj8-FwLb6VElRc87nbPJnnHGiLVEOnjpupXNlhYHRJnJvvhNAGYN7RL_z1NLGgln76114RzhBrhfaOMfXySACtyYwBDFch2Ot-ZwIe8vvMLKMI0LGZmI671SdP9vr62MCy4xYFFxN-kmuSPnqMeiCiuyEf9T7KbBCVipwSBLhRZ6C9AG_O&cid=CAQSPABygQiDy8-dic6N7zggL7BYy5ezhs29nhJpH2C5fkUVetO2KUHAXjHTpQR9_Vf7vsivyaXYV9keVThz8xgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Faccess-excel.tips%2F&ds=l&xdt=1&iif=1&cor=8657933443639569000&adk=3047537735&idt=49&cac=0&dtd=37
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 09:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 May 2024 09:20:28 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EFB6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A98KJVy29oIW9rIt01Z4ZS0YE79VUvrVCVFJCpn6nI5-pEG94P5e78l6gMcVJAZMj5ddLLwlx_sbdl4lBvyzMHaTID3hqHN5ZRwTxiIscLkOc4q6y8qxjwwoYEL89R-GJ-ems9_lREdfHAMiV1YF7XVfpFWEsFaEKO9HKBfH4RZVPlXKc&cry=1&dbm_d=AKAmf-BYG9huCsJwlLV-4xMH5e01wp7_SqPkGrF0O3E7GGOR_JEsKYImMBIfwOsqPKjWullSQzvhTXaTbB2SH2Fx3HWEix5an7vSZLwVjA0upv0HRYK2gCvTGU8iQa-QlwLZK9oLyorMR1Bfqinejux9LbgXH1dqoLEoKVvPNcGDiDm_o2OycTfeX8SPx47s1RYqMWQgd6zw5xAtIQgvv4iCjJgbGW4vVCQ1eBqyASBo97XIsufHIYYCVZv5nmuMNlOo5GwPXjxRwkwxU6JrEP5u-NO5c9dGOt8PncbpE_5jpvDMSbn-0vsow-utgZX4VoGOcpX0zFGkWNZI6Xyf1vOwy10rXSGe2CxIa5kvWyKOuT0WN5JTa-OFYMLP8bk2_ovszKsnL7Y5sTGqrzssw5mUbZM7CnMnqDcnnWCYDixoOC-kDtf5VmJxFfttLZRiFeSocmv7u1yIKL5I9vRZIZWq0LdWzjUfe6BScG83QychkgARXsv_k2oucBG9kughxic-HYtS9h_ASuj3ofpfGAyW-C83cFrEmdPKuesVg2pLkt4tXWyDaqZX9dUXlNiq86Zz0GLata-oNlm7N3xNykdzxYRUd1NNawHK6HgXpl7l4UQBlOXNEx3BABMHfZUqW_UJnsMS2AieUqhByrYRvwSEduA_MhwesQ5zt5Vnv0s6Gmyg_3yAq2Beg21TV7WHPULbGE68_emdB1_ptdsEXnt8UvzJfiCVfKYJT6LeyJ4J-CeV01xLX6JWzJ3pes8Yfv2ZZArfpit_9sbjrhJtxvU6zAnwQy93CnZLA78EiKycd4wKGN6o44DN7j_wZi6GxsX23lK2A5S23lGDPTC0ZHuzIp4_5v32wZAY3lRIFhvXE4t4uE7cw0Eb9f4NM5FK7YJGIM-mDkCjtU-W3ThsIxe7ubwj-1AOLq9eLq1i0OJ6ttmCdxu0wJfVv-lqqxCDprQSR65-ltgPMd6mC7gghwyb6ppNikIZQah-_7i6EzypReXV_H9DbTMbrvIkONzjktjqXIMs1vyLlCrvU-ubR9UptJJyymFo40JThydeemE9UN6_wo76U1vTwYdVH08frw2sd4wXquzvce5_OgqDKLs2w-FEQ2wDqaK4RSP6i5vMBVmdvZxACY6agljdsQ3D1a-uV2JPikLdyCr22lf6YJORuklJWKvjMcla1TSVPhKFKyHZBb2yKpAfoxMhegAy10_s6EX6fAH4UuXNNR6E8ucekcVyKgJkKDvVUd3StiiYXSpzrgOy6t6kfbOQJSqYj1VyxWK7YOWzIUu7ZT7SjWxts6Cx5KQ2Ey_OXAr448DryAO67pk0Mi1br0GdvdlpnYoV2fqCbbDedqFiI9d5WvUiw4Wbf8phWBWl9d03axRSmj1zsVL2prElqXFgY_xqeiSy6Lmq6VPtAFCpMZVQZ-Nd226-WyMU9iNtmPsTqtaAhELbEX076s7TYRvLf-BmBVAJXdO1PlFAqH-0OOuL7bqJu4bftDUgrgiDjP8Pt_nKeBM6HetxFbzWKrx1AdNreenI4cUk1JUup8KEBAv2r_ABKU7JEpxFEKk2GGqfJNIcLHrVOXvCDrz_2dDpAgS-vklgOV2kcvjvnY6xJuZTNk6zJN98Q_N2NwT7mM-PrwjVJN1Sv5ewT5G9bi9zEgbG0SL74K_FipaQ0AundEHmhTPPJAeuIKTgwoejlieaWGR-F4jfsuSkJUF7N4ZtIkWWplbjg7D4EhstT_-_1GZMG2URcesmz1YRIKChQckhvkquhqYzQitJhqVVXRFZa1l2f4QmMSsK4Sd_diosENVfqOXEyKFJqt2LmlCxS2fkRGKy0d069INH3kAG20L8xORF1mC2pXr8pCy3Rue6K0IzMIRHgDxP2wnEXE4jOvn3PU4OGrwQfgCbETwCS03KJvW17Maf35T9N78c91dXAraR_MRwl8yGBtTt6osL0zSqCJTTJUM5fK80eGaDZ_FsoIFJlUxB_1FZZ_uvUaFu0ZtBQM6Tv8iCWr4yiGcXUe7GJfzMLymWc01A_vHZXmG27J-2tDMUZNCQsFfwC2Ie_b-W74NFBPwSg4xA89H_jy7SFUnRRp6uh6YBsPw1zlY3iPH9UPg6UdUpkfSOYSby-WuYT6SKpJtHN_pXC_8fLlPFwqaKLlBcBp9feXZ5hbJU0G_fd2-lcudalL_L8reElDiOUhEFMkmWRg4CWncRSPtYX0SxRTpRosBdfzKImQJ2iRjxO_HEG43qR1cLNFIs5dgYmJQ3ZTAE6M9n53IQ74flqamWok1WBHUKi1hzXwInOvkGsE_Ye4JN_AiaTSgccACGEZdEg8thVSR4DyuVLrFjBIc10Sc728ja3EErlM51i70RcBcEHcCd2T_Wee9t_0NjUsosBOq12iddJSsmNMQYsBrs8334S2c4UCss2IM21T_m7uEn5ubkJ0kakVqmaJx9FZIWfzpGTsqzh2KhQbPSoTsOEVK6BE7xi5i99FCMecm0ypiZwsw9W5Mk6-KTYaMoGT9fv168dAEs0XKpiOLLIpGDwc6dUvDkKm1drnTIDSb55JNrnjCbDLk78qLGdDwNDzSbFufROBabq5BkyQIEzfN3SE7kiHyfd2si2Pao4rLDnqkVu-CeqHsFjNpswpfWPi0j7jAppey-K2YLA4-F0t9E8g65C9dzMzvdG13sSvJ-E914yX_uGATLqzv6h6qptZf5-jLOxX0WeoKdgIpkZA3bvnSBd2PKff4Jc6gxqR24Cu6yZ9fWlrj-y8NwBW0DM7Koh1oRksLVi7lItxlAJ9-qKpazsGoaGiCYv0SPH8JlSvqGHlTDEhbp1Z_lx-K2hM5ZKvWvsqgD4aUDIzPHmKa2vzr-thHYgeuO-1PWwELGu43g8j67cFg47TA3syjRlpBAnWjHOrM4ANwVoe0jyWilJhMPYJcMUJwYlykyK9Mp36_uIF_Ws_XZtHOeQKx_6EXv7Do904z-8cTd4jezUaRfr5p1IpEXRfRsZ_U9OqVM0LtCTGjPmzGxrFfWJAhFo49MjzxEgP7cFWz5bk1N-qPAYx7GeirZxq7TLOhfQ55wcxvhYx14DzWAfNgoimkfN9q34tLqm3a_oRklkU86kMM5AA5N4fnCBYwCsAaDcPzksH2etVSKPxeoyf_t70_YMfhOfL48rH0ygA&cid=CAQSPABygQiDlU46MUgokLTEDVkmwva4g8wAUokZvSNM-M4ulgURidKDKrMnsO4jNn0GvKIw9W-nlCfGoPKDrBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Faccess-excel.tips%2F&ds=l&xdt=1&iif=1&cor=14431400074469265000&adk=2857193498&idt=116&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 09:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 May 2024 09:20:28 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 34A4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
113324
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 15:17:48 GMT
expires
Wed, 01 May 2024 15:17:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1294488/70429366/ Frame 408C 		243 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1294488/70429366/skeleton.js
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.94.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-94-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 408C 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
Origin
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 13:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31989
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 May 2023 13:53:23 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230501/r20110914/elements/html/ Frame 408C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230501/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjhUXVOu6K6VZMAqpw4MxRM5Bu9gd2U-IySz9IJtuCH06krKeJkGH5d7th7VqkX7zpzI6BxbR3WMpmyR5pgnoQyyCeCLjipTxvlzpaeIaHCafXyAs&cry=1&dbm_d=AKAmf-Ba1h2HYmlmHvCN9K_bvubu3Fct3ak3i6TfDLZwQUfbDRLOju1DZydOSbAMRicuABV0Evj16OCjw5LdzS4E9owdmJyMAiuyOVfjHH3QEYSrMhxWc8QnFFWilMpajwPuayYvFhufQsOv8alhI4ydjfD9fjJKuWYcf5_jNttaaXSETJKMqKibT0gHuA0ljFfyXuP4N9V4nBbHlrmlMtHWofo8eF3IAlLSSKLCyl_AP12VQWt6FSspWjzF-30fHGkEvB1zGkvJmrdOkJWNc4UpXlSd2I0oz8P4VMCi52RyCkr7da8u-2UVFUEaJUOeVG_0_vMLDQfm18I3XegeQkuAdKz3AczZnwFRtb2jYX-DLfaXrA8cxVywK0TFRhQJObOiGpJ-YUM0-yP4L48E5xEqwbUewViYYELdWsAXwtaEXaHseMZo8mUh1TEc5-oGMcqhhETpixH5X-2G8KnNxS8IU9p8Wsy-ZaDXipUNk5cjZh2Vo8bXnkQijKnrG_vfbjy5w1W19P7zJpy9UBKEuBDNZH96B9wIq-CZ9SGRmAW2Six0r55yce7X4NM2spdznS4eUOfK85tEJioy_PIiTzXBJTXGsisc31BKt6m8yneowK4a8mdDlI1R-rMcxdXPJAKVt_D1M4NSUXhJTzqVlqNT0rYtGXxSmijLDxJRW8OSOcjw12eQM1JYKSl898GqGuPOC2x3iw254Ka8mEfPTodcT2-ljRk5JnRXWoO75lk968vkRiBXFmbgWfPttsFuPFsuEEsMI5mZXlyy517hU-fP2_0zNSTrUf_SVCVXE2XViTC-1FTHjYB0EbHjKl3U8YG4ReawGKIJVHdL4XCU_UQ7NBB5ikYNw0Ui47CixuiUrR6rqYfwAjEfT8HQvS0IzK0sx1t7PLiRX9O2yG4--6DChOIa16R5TWBq3kJtp0l__uqNuIB07LtzZGwty4EaYgDvGCUfTMjUjxm-hgAlD9qg5nOIIAyhTAdWiYSL3qoYIxDLer7HLyFLJy-akJ-PUPd58UtkCtnTU-ZjAjUF14ACW_K8kukd6wJ-KYib9hZCmDLPNMenbhmjtdLpTR-f5OpIjdH2vFgHwI0JoMoa_RBJKz4tf4K6vFAB7wzYapNC8c14O9MhX4zXIFuOVAQ83AFzsy9gsMNyMPUTL_OaSDZ8jYAAKabUHjWpn7vwa_R147Jet_nwecTNOiCBOJhLw5o_WTUKLNtCGTIf_6GE-Rsq6RSG5aCGJWH4pvzn5wbbpherrUNVeyg-dVnn-7QVD8eP0vKOmXzRhq06apjMioh-Et0BPgf9yX0QPBIb97vDu4I6LQ5ZJA63RP_LUqNrV-TJLxFMrmrpXKNJMdvkE_TOnIWcmlFcpxGDXA0H1PpWu5hDoFRm6XI6FXBpfJaQHdDcoEysvLWeLt0myRdpasA6C_tDXtXwti4foMrHVtNcVxF11FQYT2uS1RnJ45mqHNYF4Kl0Mtg7W0PUVAszjTSNerb83-vtE3SxzKWMaSCGmGhT6K00bpIjahg1mbEfHH4p1RDRNuu-BWDcay6C-2pkVS3_xwQ1HPVltxRDZHNUjDZDmEY7glHEvdsnT58VGUfjjervdjz3s-1gqamCySLtqhs9ZurgXrUnle3r2QLOHwCi1y4ci6IgZUDShFIMB6qi1QkI3w65g7zgXu36zeTbmVImqvvunm82IWdHlaQJg3h2gS_TCULcAVmRm7iBPu135IDw-fgtkp34NXPD5B13d4juaKigybxUAjybjjU6EHQ0f5RFnR0QmeeBeFZcOiOsbz0GCIeaumN1bs0zvweMdnbkgwe5Fnifx2Mfe1YWTjCCjM3oy1K3VVUWrKMMebWM1y8ilB4Lhyz8ESd5BIz5LlhNw5watMthm0A3ohxwW9P6t8QhFCb4s7K1FnuYKAs5799TuRqGNxzDkQT1qvF3lGI4rI-t1pLekoOAcSr2OqdWZNJ6EhrB6CbcyMjim-jFdZpmV9m8jy3kGa3g98ASt2EVrHmdtpwerI-u6wA79sRcgZOwPhrz23EfHdfkPgir1YJAIQw0WncbEFhkmn-jzsyFHu7Rdj7Hdry-dQ6cmqUikUbG48M2bRwXjnQplzACmrMVvObHmcxztNcnqPF2_yiYzFFS_XoMxwl1-6-KK1D2WvxKFZ2rKp9iA9V5G8E1lXwGIArsf8BWANDWTsuOHK8o7UxiJrSV1aR_ZzPb25oGWn2vJTzTBofbhZ_vJQCpiY_pu7Z8_D_7-cmafnLIvh5clPN8sn7s-1LP2C2P8kQ1F3p07mJrdbTOA_i_GqE2NeaivLZzguU7WvY3lkWoIx8GSMwyh3ErfNWmxpvMPmqJ0NYIezSaT6jZfzBsK8fFZaJKD7eOipUobScgxDMYetUhSwNni4Vc0iKQqvmw_dYVHFymiYpHZsnTUDDxLaxAOeQl1IHS0cnuZrI4cRsMqczmtzGueLPn8K1qmf4YYfRJg1GeIa5za06vpXYJKFkqBOpZA3ALXpOA2dnS6Y4ZWQN2x1497-YcYau2ap12xbFUY5lxCwQoRvuQjzgdw_vilv6CivkcM7sYSpXG-CTYQgEf3ksSopSCP72Qi0_ywePGaQSTvqd7wsUroFVrsJuHTmiAq749W_0RF4fmq0UJlrxS_40lIaZI21-GHw8Zddi6uzFTTzB7BkxW2bCMrHlr18yNOUEauAsQP_HeyTj0M7ONVMjaGOLKoiReI2U_LApoMVSo1lCjt8DL6xDSzK5OLyEAYb6x9_1ij9-ZxK4MUQgZNLTv2KGihHEiLkrDWQd4Hkqgmz_F2g5lo7ZU2KPHQ6Xel-ndeVBQbYrLZenK6NMfLTg5VxNeAejHrdOalmbP1z8HatY8iMga_yb6dYkUzgY3ci4iEdXXf8Fhdmm7tLv1gjLf82jOySjcVtX1-4C_tcwtnV5zxaq5rWiZ4ieQYAnaE9cWRppvFqsQxemj3gNrnWD-WCy-m_pDaS5OCymfYNjYuDa15SHH4S0PS9J0NoFQ09iZOb8-wJHUNbztML5OCurjadxZmfdiLARwBjpCz33ytDMVhmZwHWgEH04ABjzbrvlUuE2mP3l7kNA1AwCoVKzroqNtrU5TK9fWIV-VibmYVvW_ZKg1RNfJzijJx4sRWhFZ9z4r4hbRUfRpPMDrcKSjsS-0XfSnHWqUk8jFcOvMQBtPCQsqFlMtRqzvjsYeT8CQXZMLPY5I3rucGpRmlg70TLKXHdARzG9Scx0mQwPZzKeHV3QaOj4ZZSe3zkCpSDhO3TRmnU-H6n-wxlb4i2M3P-icjKEelOmnQnwj4zRajiwhdIYBSiB102tSlGVB3hacqu-pC9bQ0wjiTHihgQgST1KrnXFI1QlNrIDadRCi5ruND-MbAE1zjDz4cX7jr7SsQYs5i94_F6mEpDc51d0G2zQMfUgdaSj7zyf2xCw-l2DKlEOMSh3GUQxC5unMZ2yW5padAzvPhkZ0YF7kLrX_R2l7mW90q3Q6ukhpbRxB18mxMVcmsl7FZZWOwNKZGluadCZzBB4S0I2GK8S7Clw4az5wfN5yUzvyuf62QSV5Mmh-Z0NdZOX8WwKoU36UDMAPtYNFVMiqoMkl5m5SuLU2PWwglqZgPq_u55vnxj1UDBaWn4FIBry-fCx3d_oGygIo&cid=CAQSPABygQiDl_1t6OIrkcoEW-O2giOsuG4sQmpIhx3BEOPdy-lMUw_he2UJJb-WheqmMgcNizT5ZvWsEuO3wBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Faccess-excel.tips%2F&ds=l&xdt=1&iif=1&cor=2904563361130455600&adk=3944675600&idt=75&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 17:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
18514
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 May 2023 17:37:58 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230501/r20110914/ Frame 408C 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230501/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BjhUXVOu6K6VZMAqpw4MxRM5Bu9gd2U-IySz9IJtuCH06krKeJkGH5d7th7VqkX7zpzI6BxbR3WMpmyR5pgnoQyyCeCLjipTxvlzpaeIaHCafXyAs&cry=1&dbm_d=AKAmf-Ba1h2HYmlmHvCN9K_bvubu3Fct3ak3i6TfDLZwQUfbDRLOju1DZydOSbAMRicuABV0Evj16OCjw5LdzS4E9owdmJyMAiuyOVfjHH3QEYSrMhxWc8QnFFWilMpajwPuayYvFhufQsOv8alhI4ydjfD9fjJKuWYcf5_jNttaaXSETJKMqKibT0gHuA0ljFfyXuP4N9V4nBbHlrmlMtHWofo8eF3IAlLSSKLCyl_AP12VQWt6FSspWjzF-30fHGkEvB1zGkvJmrdOkJWNc4UpXlSd2I0oz8P4VMCi52RyCkr7da8u-2UVFUEaJUOeVG_0_vMLDQfm18I3XegeQkuAdKz3AczZnwFRtb2jYX-DLfaXrA8cxVywK0TFRhQJObOiGpJ-YUM0-yP4L48E5xEqwbUewViYYELdWsAXwtaEXaHseMZo8mUh1TEc5-oGMcqhhETpixH5X-2G8KnNxS8IU9p8Wsy-ZaDXipUNk5cjZh2Vo8bXnkQijKnrG_vfbjy5w1W19P7zJpy9UBKEuBDNZH96B9wIq-CZ9SGRmAW2Six0r55yce7X4NM2spdznS4eUOfK85tEJioy_PIiTzXBJTXGsisc31BKt6m8yneowK4a8mdDlI1R-rMcxdXPJAKVt_D1M4NSUXhJTzqVlqNT0rYtGXxSmijLDxJRW8OSOcjw12eQM1JYKSl898GqGuPOC2x3iw254Ka8mEfPTodcT2-ljRk5JnRXWoO75lk968vkRiBXFmbgWfPttsFuPFsuEEsMI5mZXlyy517hU-fP2_0zNSTrUf_SVCVXE2XViTC-1FTHjYB0EbHjKl3U8YG4ReawGKIJVHdL4XCU_UQ7NBB5ikYNw0Ui47CixuiUrR6rqYfwAjEfT8HQvS0IzK0sx1t7PLiRX9O2yG4--6DChOIa16R5TWBq3kJtp0l__uqNuIB07LtzZGwty4EaYgDvGCUfTMjUjxm-hgAlD9qg5nOIIAyhTAdWiYSL3qoYIxDLer7HLyFLJy-akJ-PUPd58UtkCtnTU-ZjAjUF14ACW_K8kukd6wJ-KYib9hZCmDLPNMenbhmjtdLpTR-f5OpIjdH2vFgHwI0JoMoa_RBJKz4tf4K6vFAB7wzYapNC8c14O9MhX4zXIFuOVAQ83AFzsy9gsMNyMPUTL_OaSDZ8jYAAKabUHjWpn7vwa_R147Jet_nwecTNOiCBOJhLw5o_WTUKLNtCGTIf_6GE-Rsq6RSG5aCGJWH4pvzn5wbbpherrUNVeyg-dVnn-7QVD8eP0vKOmXzRhq06apjMioh-Et0BPgf9yX0QPBIb97vDu4I6LQ5ZJA63RP_LUqNrV-TJLxFMrmrpXKNJMdvkE_TOnIWcmlFcpxGDXA0H1PpWu5hDoFRm6XI6FXBpfJaQHdDcoEysvLWeLt0myRdpasA6C_tDXtXwti4foMrHVtNcVxF11FQYT2uS1RnJ45mqHNYF4Kl0Mtg7W0PUVAszjTSNerb83-vtE3SxzKWMaSCGmGhT6K00bpIjahg1mbEfHH4p1RDRNuu-BWDcay6C-2pkVS3_xwQ1HPVltxRDZHNUjDZDmEY7glHEvdsnT58VGUfjjervdjz3s-1gqamCySLtqhs9ZurgXrUnle3r2QLOHwCi1y4ci6IgZUDShFIMB6qi1QkI3w65g7zgXu36zeTbmVImqvvunm82IWdHlaQJg3h2gS_TCULcAVmRm7iBPu135IDw-fgtkp34NXPD5B13d4juaKigybxUAjybjjU6EHQ0f5RFnR0QmeeBeFZcOiOsbz0GCIeaumN1bs0zvweMdnbkgwe5Fnifx2Mfe1YWTjCCjM3oy1K3VVUWrKMMebWM1y8ilB4Lhyz8ESd5BIz5LlhNw5watMthm0A3ohxwW9P6t8QhFCb4s7K1FnuYKAs5799TuRqGNxzDkQT1qvF3lGI4rI-t1pLekoOAcSr2OqdWZNJ6EhrB6CbcyMjim-jFdZpmV9m8jy3kGa3g98ASt2EVrHmdtpwerI-u6wA79sRcgZOwPhrz23EfHdfkPgir1YJAIQw0WncbEFhkmn-jzsyFHu7Rdj7Hdry-dQ6cmqUikUbG48M2bRwXjnQplzACmrMVvObHmcxztNcnqPF2_yiYzFFS_XoMxwl1-6-KK1D2WvxKFZ2rKp9iA9V5G8E1lXwGIArsf8BWANDWTsuOHK8o7UxiJrSV1aR_ZzPb25oGWn2vJTzTBofbhZ_vJQCpiY_pu7Z8_D_7-cmafnLIvh5clPN8sn7s-1LP2C2P8kQ1F3p07mJrdbTOA_i_GqE2NeaivLZzguU7WvY3lkWoIx8GSMwyh3ErfNWmxpvMPmqJ0NYIezSaT6jZfzBsK8fFZaJKD7eOipUobScgxDMYetUhSwNni4Vc0iKQqvmw_dYVHFymiYpHZsnTUDDxLaxAOeQl1IHS0cnuZrI4cRsMqczmtzGueLPn8K1qmf4YYfRJg1GeIa5za06vpXYJKFkqBOpZA3ALXpOA2dnS6Y4ZWQN2x1497-YcYau2ap12xbFUY5lxCwQoRvuQjzgdw_vilv6CivkcM7sYSpXG-CTYQgEf3ksSopSCP72Qi0_ywePGaQSTvqd7wsUroFVrsJuHTmiAq749W_0RF4fmq0UJlrxS_40lIaZI21-GHw8Zddi6uzFTTzB7BkxW2bCMrHlr18yNOUEauAsQP_HeyTj0M7ONVMjaGOLKoiReI2U_LApoMVSo1lCjt8DL6xDSzK5OLyEAYb6x9_1ij9-ZxK4MUQgZNLTv2KGihHEiLkrDWQd4Hkqgmz_F2g5lo7ZU2KPHQ6Xel-ndeVBQbYrLZenK6NMfLTg5VxNeAejHrdOalmbP1z8HatY8iMga_yb6dYkUzgY3ci4iEdXXf8Fhdmm7tLv1gjLf82jOySjcVtX1-4C_tcwtnV5zxaq5rWiZ4ieQYAnaE9cWRppvFqsQxemj3gNrnWD-WCy-m_pDaS5OCymfYNjYuDa15SHH4S0PS9J0NoFQ09iZOb8-wJHUNbztML5OCurjadxZmfdiLARwBjpCz33ytDMVhmZwHWgEH04ABjzbrvlUuE2mP3l7kNA1AwCoVKzroqNtrU5TK9fWIV-VibmYVvW_ZKg1RNfJzijJx4sRWhFZ9z4r4hbRUfRpPMDrcKSjsS-0XfSnHWqUk8jFcOvMQBtPCQsqFlMtRqzvjsYeT8CQXZMLPY5I3rucGpRmlg70TLKXHdARzG9Scx0mQwPZzKeHV3QaOj4ZZSe3zkCpSDhO3TRmnU-H6n-wxlb4i2M3P-icjKEelOmnQnwj4zRajiwhdIYBSiB102tSlGVB3hacqu-pC9bQ0wjiTHihgQgST1KrnXFI1QlNrIDadRCi5ruND-MbAE1zjDz4cX7jr7SsQYs5i94_F6mEpDc51d0G2zQMfUgdaSj7zyf2xCw-l2DKlEOMSh3GUQxC5unMZ2yW5padAzvPhkZ0YF7kLrX_R2l7mW90q3Q6ukhpbRxB18mxMVcmsl7FZZWOwNKZGluadCZzBB4S0I2GK8S7Clw4az5wfN5yUzvyuf62QSV5Mmh-Z0NdZOX8WwKoU36UDMAPtYNFVMiqoMkl5m5SuLU2PWwglqZgPq_u55vnxj1UDBaWn4FIBry-fCx3d_oGygIo&cid=CAQSPABygQiDl_1t6OIrkcoEW-O2giOsuG4sQmpIhx3BEOPdy-lMUw_he2UJJb-WheqmMgcNizT5ZvWsEuO3wBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Faccess-excel.tips%2F&ds=l&xdt=1&iif=1&cor=2904563361130455600&adk=3944675600&idt=75&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7310c44f614d2e5bf715e47504daf9ed198eacc46fb29894c51e1b84d3e1fa36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 17:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
18514
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10869
x-xss-protection
0
server
cafe
etag
11726329994378424975
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 May 2023 17:37:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1A1F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bj6yOljP80Z141Ey2tcweldPQSQc05gROgFGpLpJXcGbNBRUJw2TgsWEQbSMM449Tyiq7rKyM5eeDA80r-mWDXcQsV_1G-e5z_8R32v0y-m9nYlHcK9Doi9wctExeXpkP2ggJDR6NTdB4iPXD371oGnKJdM5zgeDm7Ozl_AgmtX4pvVRg&cry=1&dbm_d=AKAmf-DbXYOIUMH_iC3oID6OSNGvNT2e-jOPDmsSCvZUuge13UelZv46vwKUNN0xrG0bnJQ2udFh48W6m-huf7hfVm_UFh1nZX5C3zalQ3649UCXVSg2EaJ0zikiggiy54FJd5NTPcozxxnrHmqWkfAVAB-a5_kAkgNtUNRuuXHC4JYcQsSBEPFzwZtm8SLV-afz0qUfCyaaZBYt2xFgQytoNZpx75799z_L74Q2YF6M0emWbwCD5XJ7j2bDYkQSQ5Gfo1P0poPRt8v7IMk6lKiSGxozN0JHC33F-C5j-Xn46L3QTIqjO9wJTFTXHfPp1sI-pdnUTd7DioNDCax99YDD8zkEbpcy6TOq7iAxwyiMHYfD9nZL1htq-UUKdXf06DlOS7FHGDV95n9ycEmIaKLLo0DsFudVJY-WrQhu29_cK39m3P0OAiHIjVSe1OfBvM5ZS05ISpr1G1mu7n9G38uT4Q45MbXzEUGnLTJTxZ99tZwbRrDzrBOTQ1iS9YvMcSkTKcw0VGFIlEIRmlrAyiEym1BPw-KANtO7tOgDpPXQkAd7xa8QK3qab8g5FBMJNu8hBl5WWj4lH0wPBEswkkWO3EB8JhbYUQPHT7or0vSspCRJLvwZiBYc19kOA_4QJPpABMXHrA2if03jhrUJAuEUjejADvBiwGW0lq8A5Dla7S5xYqtSr_TlG_xwKXcETPh6vVdfcXKdUzVFvd_UcADuAtQxgsqq97tlSfbXwwwl3vluSnkOZZl0awUUefI7KZUcEcJdR3ctWo-2jcCMKdtTL2Br-wrrhRT48LC2-FQWD2ryO9MZuCt9ljxhPNJgAPbtNAOhGir1lhe7I2TDgYZc3Oewiap4zMgCDbTPMV2cgyDzkKw_eR9V5dzNxAr_EqIFBkvKhw0EDXJ7Cusiz4Jzd5x91ypQ8RDR5LfM5RUlJnUVdo4LSTG_EGiHOJIfHRb6lo0PcPLpzpJktnNJ3Fc3_Ym2h0K7LP-EYrX45lGbFmeB-va6rn4A57UV3nkBIxBW3wA_zcb52wGpPD2v9H-8OyQmgG16daktj5oqhYSLL8icaW6VQuYS81dKGUxn1SkU5JY4hOPjjQ0lqLeaCoa6COecG0_ny9_JeeaBCb_vfYtKGO-vZZ1So5oTd4qXnZHFKq1BZ7uyWmkPMBaVoOOn89YgGuufcpGN8bIDoZE64K-P_1XBhi6TStFc4F_W8GvSPfWdiMKDjOZrrj0LaATY_ramoKUiMS28PBM-TdYUsG6ZrSg3S1Hl7R1hJj3I6U7jUjMIejskEd7rX5_ualR9xhOTign9l44LXzM4Ep401YzRT9tz9ql8IVvNz-3M2_mmDj7T-M2ZwgAubgBze4eqLouO83OLVSidHvSUCIf1iGtCeiJ8TxR1xV10eT2G87IHy9Ws2XQiwS9rrcju3iRnFM_7IKL6VgEbz91ST98jhyyUyoIgWBVlC3aSw2tb1ifKUQoHJBxXgNzzTAhl9-u-FMGzyrRyBB_MbtlVShsdnofzNPs46-fUhw8qNnngh1t6fkZHH8f9GxwQ_kA3DXteuZrd5tqguGvr_WX16rCkDEtjw76rPm1rh6kNpDkj0ur3UYueMD2GVJP2UjEeAcEA3gbDAC4nAMAmLfcsgGI51AqO5Tbp0wngpVINynvowcKKoXNVaOT0uoxIYMbqPX_RkgaOIRUoI8dyHsYLcZ2qO6CXA6yIxh4ULOQc0vXcG1PeWUwQD9x7mk_H5Cklk2oYvpEwlmuO-u8sHuR3elgdCYRoG6-SxVugSf9h8PWfEDCNQS0YSy6uPI30p1UNbILMiP9vyA6J6w5XpM6FySEH55kJ-6NefJC2ZS1muNb-so1QvyOveJ3Kgeodj5JIGPy40YnOHATm5XPQsghKUAvEHm1akCc9FoB2EqZ4r-nbZjdhMSR9UOgObHvyO6hVnbZYoTeSxfhvFdyEfOmHYXQYLfGVfaiiKQGzgBareWXV7UcuT-jhuR_q052QNO4QzPi7ZnzReoR0Mz_vcT7Nfg4ZfPia4jJrSfM9pf6nyoEKU2TxQR_49_31z7f2LYOwRPHQhOqrSNmroPefiZ_MP-IgYq0sScKKXmnMshTiLTEarhzNpOq_egeHSiDhtbkzcx_P-yZ4Xa_mttP6R7UrGh_JAVQiRatlMiDI8k7zyb68J_v1x8RKBLC_5Qa1SOJMvd9FmNFlMVEkCN6_tZqV7WY4GgcmjWB1HV-K5qb61wWLNNmHNhDLzBj0JCRFKlFeFjcgUJuuNJzV5vHkN7Hw9u44YD-5WUGYGNSGx2ZREqDSILjE82LVqdC0LVBorQjP4A0WUm7rsOrORSSXOf2YQ1vBJylEUwE1SlomV7QhwUQeVYn1-z2os-QPWZzWQWFzfVUdSWEC66MVeHBY5Zx2CeJgeMHX2rGD1EHDVW2Fj4tM-owrDzHy1__5Xic28ZdGJujHbo3fza1nMxMNb-9ff04WumaA7v6QpJ1e6sa79aDjRwjqFT9f_ZELYxkB14PjI6MlNWlRqFPj-96KbvUxbCI2tBmzMllQ_-_9BT3ak-12KNKiI-j65v4U9QiinFzdNNLQ8ALz9W5LNoli0w8vagBn-sCE17LtghK2h2mwHw9We5_ZFS4glznbRsx6YituwQAWVBmnr-bB2UMWBztY2hg2mMDUeoVb7kU0kmjHiOhKpagz0RzDRS3zwmaEt07LiKbl05uG5exmFaAGJ-oPbySD4wgXSFabeIIxa7GyaZXlD4Xf80zmFQMIGPVgZFV2v35M1LlKRPqHvSXIbFhjIcuL2WUOyZv5lKJoGmbPxAyE1nEcRZX-P35yW5kQLKYV7hrnhSI60Cqpy-WvOgUXepXoPYc-FpWIWKUaX3p1IClkLAPuAZnLZfu51gAFVtgVyk0zjvsedkNhdd-jvqP_Jx4SjnkFQjg_ykec-qnzjeZnPiFZ4zwl9w9pmh_vTOVIC8ehABUa_ciqN_L9o0vov7BJierb7tvAqsw0CrG1za6orNXmy7vi0egj8M7-N4zrwV0rVgeAV8-0oeYB5a7kDM6uVAkUMcOT1P3Q4kIl1XTzPAgbRUhaZrT5UU8rt1cxyN8vVA7VpKBx6mzk6lPU71IP0tzhcfk4_nQcfVmWS7zVA1DvqKAi1Fe0-w6Hur9o00IGVENh-G9hEQ&cid=CAQSPABygQiDDMfE35lsBBsHn5iwhAfLlQRoXMU2k8Zh_J98EVd5akieJR6VGTfvilHgTbCdIP1K-wUit64hSBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Faccess-excel.tips%2F&ds=l&xdt=1&iif=1&cor=6127711857886505000&adk=2086295851&idt=122&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 09:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 May 2024 09:20:28 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame ED81 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
113324
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 15:17:48 GMT
expires
Wed, 01 May 2024 15:17:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
pagead2.googlesyndication.com/bg/ Frame 34A4 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa37b1b49143f1f0f5946a34c832d5a7c1da1e2be2a8f629322c66b13f191c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 19:59:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
10020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 May 2024 19:59:32 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1294488/70429355/ Frame 56B6 		243 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1294488/70429355/skeleton.js
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.94.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-94-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 56B6 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
Origin
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 13:53:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31989
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 May 2023 13:53:23 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230501/r20110914/elements/html/ Frame 56B6 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230501/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXzFbMjpv9VXW8bon_gywqkugcLg2o5aZhNGsblE67DBg1kMoU0-oe2xkcQkp3jtu9prEsJ-silS0H48LH8GfZnR4Bo7nI2XXCACe35dSXHLcyD0s&cry=1&dbm_d=AKAmf-BXeDBch4ef6ATLRK13shURvUtV-ldh-tCDthR7wy0p3dzSZF09YiaJIpwfUQK3GYeCO2cRcOvOniCfiicmVOu03oIG95M4I9dt6LLCbD1cVJ09e9BeYcSwNn7C1Iju8RR6jD6Rk3gH_bl0_3udXgY3S571ZcWcOQJ77xcI7XcEsvieBbOP7dPHJaPdRa_kzg4rwpVGrts2Wt_ik42i1CzNx8K0l-Z3wdPFs-NZEtvWstWKi8YZSfnqyP5elLk2YXCECkOKPq0-kKLkOJLNAN5XAGQOvI0rGxNB2tCPiOlsM79Htx1556xPtpY2GCgKzxECkfOCgo_6jp0AIqJUkGU0KPyVS1O2rbH560iTL5tg-J6WrzXMj8y6ELNkMkecDl3zqW9AbjMWosboLjWWYdaucNHhvczc-vpMOCIB6vAvC_DuudmOkGxBiDmaj-pPLsJzkNJpHtzArJK2__Lzgub9_X3tEPCFwOkosgCqApMqLAQQclgEvp1z3OyQgMB1tpwZeDzy88HeLOz25L7fhbuVH9IIu_luDBUKMg_oGjJYD5WdjS5vRlngQ6YnGysCx8ojOjNJ-Xd-WzUmDoRlYZ2IdEjJYi9_40qmT06PgySRIBBNgJci2mLu_CKNEzu1g9cxLlyfzyO3Yh4iWHe3cybPtC3IqzEG4FuTL3QysKjYpXF4-3AaTfkXg381VV2ZmevGxU7K5UH9KSWVDYulYNtCqkjK9ZzYl4SYatM8KgtwJoIYfCjHU5JuJ_IPbIVHC2hfzBztNBhhCpBKeqlVu_RV0C6cNawr7bl2pdplqzm2JZXh6eCVqliWhYWIG9JuSm1PN8C_xchCx-RBz5Pixe7OuGBOxChbvn9nlum1qwRJZFHDiNHUsUVL2C6LEtxKRE9CBPYl4ifBgHKig29MOfUjS9pq9jUYuCEnTdJFXKJEZ-e0XKOFZt5pjlz1ahAjUmjf_db7LlhYbsoLNN1Iv5aQ1dhnz5HTug1uJx2_Fl6Cm--JoYgEk2FBTSg9V0STWqrJJ3mhjUjwNVjVZPVgN2S8DF7bkSa9IQHKE6WI52-cv9MK51e4qT4M4jtHLKhBxiDavCIpaOHb49PL1Iou4JxiXPdm39g8DI8ACp_7g9udJzLf-BYXVnGZFhnscTZoWxieSXg8YkUJAlBVe9IVdVbWVTixa7s-TCX3PvsI6T0hdRb_C3uUShUBiULseWkT6SQP6ZSppVk-DnzpI-ZnznrHIYeJvWOtR42G7cI3hDRLVWjxHWRJjAz5CuwsPJOuKTFPQorB29lyR2XQkRYPLnHsL4JDUbc3LAoTBEcAnA0LFsUoIrkHLXc2r2cFBYAB58WaV9Q7_2Iq8EhaJ7bOfScm4z3mvLqK8ou54IN2DgF89NHdYT2ouz0jw9BIA29Ld4GhU9fbD4xR9r-jpSacBt-WrkG4UfSuib3DWGLAE_GedVkmoPD3S-YI7CHwyBuY1wyc4KPMZv86A6coIFIZCv2uLf_OZapTCJgRpmRnkBfD0wAJoFafdAF7sRZKnYO6kgYiFEs5MBp6OfZRo-0SYNqHmPToAvtZYOLtF9R-QYexwdUnWB7YQzNyQ-s281jYtwoHQgGW9th6MZZaH0mYe84PFNjvjUym4ZoDpzF8Voydj3Lj6AKCGPvMHMyCAp10OGrOKeBFWF5jkFMVT1sQRaYGvDR3HJjXM4NEN3pQ3g-ZluZ4fa7Xx6SMWDLSNJQfNVIYYN9YbUVS5KqELY0e2N473jIUyrm7GuBhOTZjudDoURc8x1oy-2rd8fR5bKrivBBM0jG0YvvD2YMqTm5Ystou9KJ3_1w0WKskkXJbGZGOeVRJpPRpdB-2fs1A99Za8YHUiy55JONaaWIoTFNOftp5mPLywFUyCId9Cygf9OKmZ8eobMF4AzBrJwkaUkPD_GGXwEaOBz1XJpotWusWcqZjcC542b1dLAKTbixzMYgtRMlykm56uCWLJRTb5TEDicGXdN4XE8JOuoCD-31KwSRwY-UrK_Sc3JirrdnfFiU_aH6MMm6H-PsFIS_aNBzafTEryYwfubC9DNrD9OYghprJ8ImQucPGZBPqZtth9qiBAyK9UKgenFzcmxMdugerg7AG37CfF6G9tJoS_XozFLZHVtLTiYccXPzNB0-bXjCMHNTQZkfUHCx8JhFDF_IHYT-53zs93OeCh4IVijmk3FjqeFT5HZeV_9PgcPrS19gHG78QL67rYhbonG6w6_NbCnIIkG81WSEj4ROSSJlsPaZnhplXgeOyc8kIICWdLHZep0GAKiPy9mnBylQeZa3J7KG8jNxmt61hdZp-BKTIUAzxLBSCXD6o6JgxIUwYilTqd1AuPB-4UbMsEYyvbRFCKtlkzUx-OYjL0FV--Bqkc5wAEivAuW2xKDqXNTSTGC1LJKNT0G8IVfb4ZT8QH5w-FfAJAf4e00M_2xJzLUFU08nAJkv06eR8zJXDYbZ0z_ittXm5DqoXKxPvBuUvSzkgAuBFe3DOSzl2QKkNP6IvgmTYAfbSuat2BWaQiBB9ReVBl1JQbEnIWTvWM-zzAiT_JmocUtu2Y5_Z0MJ1IKcqfttO1Kbm_dWSXof4L8xUHAbholN_Eyw35sLCpzd4WvgvLDn4gBOog0m_VTeiq3f5zbah7k-H7sjtblWxAeradcc2yBbL5h2Ps41SdGunY5LZvGYp3MZh8VGsVU2MTPo2weW8Jxnm2ECd353EmnqwOVCxa0l5ADau7SjECz5XttB6oqep8Bf9ZFOBV2ekLCwi_hPstxNWOKME0Jc-2CEe3SiAC0Stty6wpE4cSlhg6kuCHx3-MCga58Lh5WAeX_15LTwh2rhuzy5-kubLDTWKf3yrNPQGf2N8vOvq2Lm_G7X6BzpD65PxJPikHIiyGH3SFEJyXY2FGPmIlKaKzGLYkbCf4uEsWqDdfAt7zrVtXCazm6THjktzuiHYfvJUVNOiLQLJmGS8Dm0Hog-sfLe1rUVN1RIRAHY9hKe0qqk-M2XZl3apHfUoMuY9alFrxk8yov_w3LISq3HlnhgqsQfJxIEeTdhokmmafJOQb7SNhcunH5S0wpt-iJxyfHAwcBwrJYhfBK5SS6zqRp9JvjohSb1bOTA7OOBCvsz691eK5XrrrnQdaC6tvp8Z4CICusL6uOzGz-LTeGftcyuZJE1es7q00T07yfPT_t3BfhzccTmBcr3U6aG-yMAPpZl--9dpL77JZ38XQxDA-EAuix0abRfKpr4sK0cWykEVOg3nvQe6KU3X1v7w_tZ9Xb0S-8WCYxOmGWSAPQnIbXHNWu92HzLTVB_RYT3xv4vWXQc8Yz-5ID1fzmGiZc3fqZqMmHYw2oVWKek79zYWjiaQtu46PRO0K8Qxic6FESP6DsLLz2l7KavzEygvH5dP6f8q48pnPLZxVuxLRrd86C34UWz0ak-xdr3z_tWCy7iB-0mKkxdKu7W3tWd4YN0203LJ65ryf-AfQ6csbJ_3MzK8t2KHRszxr_VMNyzDZOaeui8Ef7ddIfow6ifAo7kxUs4hfQ8E12TKanQbsejqUPpIfG9-U5gWLBNNzebAVtCB8ugDjWckAMWKHxepLWXhK5ZAtWXb1FUavk-ER08nE2c79Z0ZYwtw-mNPqrcZgHfPeIlEh1kFmoZwIYQIy24mDSh02edFhlQu4JWDgQ&cid=CAQSPABygQiDCmr9rDPITPuqWuEzuttWBZpwhK3SK3mDn8AEY5ldMMCCszwtdw0rYqeJ55DmbpmSCU5M2hec2xgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Faccess-excel.tips%2F&ds=l&xdt=1&iif=1&cor=15814335860320391000&adk=943508955&idt=107&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 17:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
18514
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 May 2023 17:37:58 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230501/r20110914/ Frame 56B6 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230501/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXzFbMjpv9VXW8bon_gywqkugcLg2o5aZhNGsblE67DBg1kMoU0-oe2xkcQkp3jtu9prEsJ-silS0H48LH8GfZnR4Bo7nI2XXCACe35dSXHLcyD0s&cry=1&dbm_d=AKAmf-BXeDBch4ef6ATLRK13shURvUtV-ldh-tCDthR7wy0p3dzSZF09YiaJIpwfUQK3GYeCO2cRcOvOniCfiicmVOu03oIG95M4I9dt6LLCbD1cVJ09e9BeYcSwNn7C1Iju8RR6jD6Rk3gH_bl0_3udXgY3S571ZcWcOQJ77xcI7XcEsvieBbOP7dPHJaPdRa_kzg4rwpVGrts2Wt_ik42i1CzNx8K0l-Z3wdPFs-NZEtvWstWKi8YZSfnqyP5elLk2YXCECkOKPq0-kKLkOJLNAN5XAGQOvI0rGxNB2tCPiOlsM79Htx1556xPtpY2GCgKzxECkfOCgo_6jp0AIqJUkGU0KPyVS1O2rbH560iTL5tg-J6WrzXMj8y6ELNkMkecDl3zqW9AbjMWosboLjWWYdaucNHhvczc-vpMOCIB6vAvC_DuudmOkGxBiDmaj-pPLsJzkNJpHtzArJK2__Lzgub9_X3tEPCFwOkosgCqApMqLAQQclgEvp1z3OyQgMB1tpwZeDzy88HeLOz25L7fhbuVH9IIu_luDBUKMg_oGjJYD5WdjS5vRlngQ6YnGysCx8ojOjNJ-Xd-WzUmDoRlYZ2IdEjJYi9_40qmT06PgySRIBBNgJci2mLu_CKNEzu1g9cxLlyfzyO3Yh4iWHe3cybPtC3IqzEG4FuTL3QysKjYpXF4-3AaTfkXg381VV2ZmevGxU7K5UH9KSWVDYulYNtCqkjK9ZzYl4SYatM8KgtwJoIYfCjHU5JuJ_IPbIVHC2hfzBztNBhhCpBKeqlVu_RV0C6cNawr7bl2pdplqzm2JZXh6eCVqliWhYWIG9JuSm1PN8C_xchCx-RBz5Pixe7OuGBOxChbvn9nlum1qwRJZFHDiNHUsUVL2C6LEtxKRE9CBPYl4ifBgHKig29MOfUjS9pq9jUYuCEnTdJFXKJEZ-e0XKOFZt5pjlz1ahAjUmjf_db7LlhYbsoLNN1Iv5aQ1dhnz5HTug1uJx2_Fl6Cm--JoYgEk2FBTSg9V0STWqrJJ3mhjUjwNVjVZPVgN2S8DF7bkSa9IQHKE6WI52-cv9MK51e4qT4M4jtHLKhBxiDavCIpaOHb49PL1Iou4JxiXPdm39g8DI8ACp_7g9udJzLf-BYXVnGZFhnscTZoWxieSXg8YkUJAlBVe9IVdVbWVTixa7s-TCX3PvsI6T0hdRb_C3uUShUBiULseWkT6SQP6ZSppVk-DnzpI-ZnznrHIYeJvWOtR42G7cI3hDRLVWjxHWRJjAz5CuwsPJOuKTFPQorB29lyR2XQkRYPLnHsL4JDUbc3LAoTBEcAnA0LFsUoIrkHLXc2r2cFBYAB58WaV9Q7_2Iq8EhaJ7bOfScm4z3mvLqK8ou54IN2DgF89NHdYT2ouz0jw9BIA29Ld4GhU9fbD4xR9r-jpSacBt-WrkG4UfSuib3DWGLAE_GedVkmoPD3S-YI7CHwyBuY1wyc4KPMZv86A6coIFIZCv2uLf_OZapTCJgRpmRnkBfD0wAJoFafdAF7sRZKnYO6kgYiFEs5MBp6OfZRo-0SYNqHmPToAvtZYOLtF9R-QYexwdUnWB7YQzNyQ-s281jYtwoHQgGW9th6MZZaH0mYe84PFNjvjUym4ZoDpzF8Voydj3Lj6AKCGPvMHMyCAp10OGrOKeBFWF5jkFMVT1sQRaYGvDR3HJjXM4NEN3pQ3g-ZluZ4fa7Xx6SMWDLSNJQfNVIYYN9YbUVS5KqELY0e2N473jIUyrm7GuBhOTZjudDoURc8x1oy-2rd8fR5bKrivBBM0jG0YvvD2YMqTm5Ystou9KJ3_1w0WKskkXJbGZGOeVRJpPRpdB-2fs1A99Za8YHUiy55JONaaWIoTFNOftp5mPLywFUyCId9Cygf9OKmZ8eobMF4AzBrJwkaUkPD_GGXwEaOBz1XJpotWusWcqZjcC542b1dLAKTbixzMYgtRMlykm56uCWLJRTb5TEDicGXdN4XE8JOuoCD-31KwSRwY-UrK_Sc3JirrdnfFiU_aH6MMm6H-PsFIS_aNBzafTEryYwfubC9DNrD9OYghprJ8ImQucPGZBPqZtth9qiBAyK9UKgenFzcmxMdugerg7AG37CfF6G9tJoS_XozFLZHVtLTiYccXPzNB0-bXjCMHNTQZkfUHCx8JhFDF_IHYT-53zs93OeCh4IVijmk3FjqeFT5HZeV_9PgcPrS19gHG78QL67rYhbonG6w6_NbCnIIkG81WSEj4ROSSJlsPaZnhplXgeOyc8kIICWdLHZep0GAKiPy9mnBylQeZa3J7KG8jNxmt61hdZp-BKTIUAzxLBSCXD6o6JgxIUwYilTqd1AuPB-4UbMsEYyvbRFCKtlkzUx-OYjL0FV--Bqkc5wAEivAuW2xKDqXNTSTGC1LJKNT0G8IVfb4ZT8QH5w-FfAJAf4e00M_2xJzLUFU08nAJkv06eR8zJXDYbZ0z_ittXm5DqoXKxPvBuUvSzkgAuBFe3DOSzl2QKkNP6IvgmTYAfbSuat2BWaQiBB9ReVBl1JQbEnIWTvWM-zzAiT_JmocUtu2Y5_Z0MJ1IKcqfttO1Kbm_dWSXof4L8xUHAbholN_Eyw35sLCpzd4WvgvLDn4gBOog0m_VTeiq3f5zbah7k-H7sjtblWxAeradcc2yBbL5h2Ps41SdGunY5LZvGYp3MZh8VGsVU2MTPo2weW8Jxnm2ECd353EmnqwOVCxa0l5ADau7SjECz5XttB6oqep8Bf9ZFOBV2ekLCwi_hPstxNWOKME0Jc-2CEe3SiAC0Stty6wpE4cSlhg6kuCHx3-MCga58Lh5WAeX_15LTwh2rhuzy5-kubLDTWKf3yrNPQGf2N8vOvq2Lm_G7X6BzpD65PxJPikHIiyGH3SFEJyXY2FGPmIlKaKzGLYkbCf4uEsWqDdfAt7zrVtXCazm6THjktzuiHYfvJUVNOiLQLJmGS8Dm0Hog-sfLe1rUVN1RIRAHY9hKe0qqk-M2XZl3apHfUoMuY9alFrxk8yov_w3LISq3HlnhgqsQfJxIEeTdhokmmafJOQb7SNhcunH5S0wpt-iJxyfHAwcBwrJYhfBK5SS6zqRp9JvjohSb1bOTA7OOBCvsz691eK5XrrrnQdaC6tvp8Z4CICusL6uOzGz-LTeGftcyuZJE1es7q00T07yfPT_t3BfhzccTmBcr3U6aG-yMAPpZl--9dpL77JZ38XQxDA-EAuix0abRfKpr4sK0cWykEVOg3nvQe6KU3X1v7w_tZ9Xb0S-8WCYxOmGWSAPQnIbXHNWu92HzLTVB_RYT3xv4vWXQc8Yz-5ID1fzmGiZc3fqZqMmHYw2oVWKek79zYWjiaQtu46PRO0K8Qxic6FESP6DsLLz2l7KavzEygvH5dP6f8q48pnPLZxVuxLRrd86C34UWz0ak-xdr3z_tWCy7iB-0mKkxdKu7W3tWd4YN0203LJ65ryf-AfQ6csbJ_3MzK8t2KHRszxr_VMNyzDZOaeui8Ef7ddIfow6ifAo7kxUs4hfQ8E12TKanQbsejqUPpIfG9-U5gWLBNNzebAVtCB8ugDjWckAMWKHxepLWXhK5ZAtWXb1FUavk-ER08nE2c79Z0ZYwtw-mNPqrcZgHfPeIlEh1kFmoZwIYQIy24mDSh02edFhlQu4JWDgQ&cid=CAQSPABygQiDCmr9rDPITPuqWuEzuttWBZpwhK3SK3mDn8AEY5ldMMCCszwtdw0rYqeJ55DmbpmSCU5M2hec2xgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Faccess-excel.tips%2F&ds=l&xdt=1&iif=1&cor=15814335860320391000&adk=943508955&idt=107&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7310c44f614d2e5bf715e47504daf9ed198eacc46fb29894c51e1b84d3e1fa36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 17:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
18514
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10869
x-xss-protection
0
server
cafe
etag
11726329994378424975
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 May 2023 17:37:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 408C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 09:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 May 2024 09:20:28 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0467 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
26924
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 15:17:48 GMT
etag
48472445140208031
expires
Thu, 04 May 2023 15:17:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 408C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f25a5c5835eaef2f9e2e45b25e786b0fd3bd91922f371062b890e72d5951d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9533 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
113324
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 15:17:48 GMT
expires
Wed, 01 May 2024 15:17:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
pagead2.googlesyndication.com/bg/ Frame ED81 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa37b1b49143f1f0f5946a34c832d5a7c1da1e2be2a8f629322c66b13f191c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 19:59:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
10020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 May 2024 19:59:32 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 56B6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 09:20:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
134764
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 May 2024 09:20:28 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2C77 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
26924
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 15:17:48 GMT
etag
48472445140208031
expires
Thu, 04 May 2023 15:17:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 56B6 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae841a4a3bb319a2e451052fcc1d73effa1be95246549a10ba81ec32a4cd5fbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0467
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEqK55G4tKxgDsqLua0H6os&google_cver=1&google_push=ATf1kGMSaaJvItwUS5leADvHedKL5bKuYjyLxWu2qtG5ZFxfHxwco2PHL4pmGAm_GrSIvexpfex9sW1XJDoZqMKv2BcPpupoACME
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzA5OTA1ODI0MzIzNTMzODM0OQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEqK55G4tKxgDsqLua0H6os&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEqK55G4tKxgDsqLua0H6os&google_cver=1
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEqK55G4tKxgDsqLua0H6os&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0467
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBdTw7y0u6iR72X1Em_y_Ac&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBdTw7y0u6iR72X1Em_y_Ac&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SU9ucTZEcDYxUFVsZjI1&google_gid=CAESEBdTw7y0u6iR72X1Em_y_Ac&google_cver=1&google_push=ATf1kGN65hUMcl0ITZl6N27zi5spsOV92JdBDQk5R2e2LwJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SU9ucTZEcDYxUFVsZjI1&google_gid=CAESEBdTw7y0u6iR72X1Em_y_Ac&google_cver=1&google_push=ATf1kGN65hUMcl0ITZl6N27zi5spsOV92JdBDQk5R2e2LwJkcEy90NlEGfCwtB1zzYTmuk5XZEJXe2PeOxX4UIZTAvQZorGpWPd37Q
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 03 May 2023 22:46:32 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0a06c616171ab44f5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SU9ucTZEcDYxUFVsZjI1&google_gid=CAESEBdTw7y0u6iR72X1Em_y_Ac&google_cver=1&google_push=ATf1kGN65hUMcl0ITZl6N27zi5spsOV92JdBDQk5R2e2LwJkcEy90NlEGfCwtB1zzYTmuk5XZEJXe2PeOxX4UIZTAvQZorGpWPd37Q
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0467
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAYJ23h6U5A8aBRVZYaTvwk&google_cver=1&google_push=ATf1kGNqGcDbm16BATYiIwnL7oZpkyyKQdGlSnB9o1tJ8Q0FWnAiwq_tOjVQfNxAsTVi5KGHJTTt3d3c...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAYJ23h6U5A8aBRVZYaTvwk&google_cver=1&google_push=ATf1kGNqGcDbm16BATYiIwnL7oZpkyyKQdGlSnB9o1tJ8Q0FWnAiwq_tOjVQfNxAsTVi5KGHJTT...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTUzMjM4MDUzNTExMTg3OTIyMQ&google_push=ATf1kGNqGcDbm16BATYiIwnL7oZpkyyKQdGlSnB9o1tJ8Q0FWnAiwq_tOjVQfNxAsTVi5KGHJTTt3d...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTUzMjM4MDUzNTExMTg3OTIyMQ&google_push=ATf1kGNqGcDbm16BATYiIwnL7oZpkyyKQdGlSnB9o1tJ8Q0FWnAiwq_tOjVQfNxAsTVi5KGHJTTt3d3cwPQHaIWDo0BxDNkmHA0t9g
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTUzMjM4MDUzNTExMTg3OTIyMQ&google_push=ATf1kGNqGcDbm16BATYiIwnL7oZpkyyKQdGlSnB9o1tJ8Q0FWnAiwq_tOjVQfNxAsTVi5KGHJTTt3d3cwPQHaIWDo0BxDNkmHA0t9g
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 0467
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TYK5MNS2QYqQiKDP_NB75w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TYK5MNS2QYqQiKDP_NB75w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMhlk81jKhQGPpeK-sz6GVig-MpyzeIJBQasT_whZWMTDABLETLFMOps4RbdKjjMLhQSLjuC3k3bS5IYtMvw_iA29g2NLXFhQ
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TYK5MNS2QYqQiKDP_NB75w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMhlk81jKhQGPpeK-sz6GVig-MpyzeIJBQasT_whZWMTDABLETLFMOps4RbdKjjMLhQSLjuC3k3bS5IYtMvw_iA29g2NLXFhQ
date
Wed, 03 May 2023 22:46:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
sync
dsp.adkernel.com/ Frame 0467 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEBZzRG_UFS7E1uhSdAJCvgQ&google_cver=1&google_push=ATf1kGOsLL7JcmOJidhXjSt2aVASsu6YxxbNumNKNP-H8kLnF8JSJSe05SEvQWR5Zpf5dXa_CU6T-bFnUbP50ovYb6fVwMYuVJrMnQ
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 May 2023 22:46:32 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 0467
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEK5tKrSXQkeDTKoFhtfJltA&google_cver=1&google_push=ATf1kGM3eTE6sRkg4ncBu97gIMXEefOlezXQN99c3xbLBXC1ili1iTS8cJ9aZFHgkvIioMPnHkbAIbXwqETQTGmkzYp6ggzug...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI2MTU1NTkyODI4MDcyOTAwMFYxMA%3d%3d&mn_hm=MzI2MTU1NTkyODI4MDcyOTAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGM3eTE6sRkg4ncBu97gIMXEefO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI2MTU1NTkyODI4MDcyOTAwMFYxMA%3d%3d&mn_hm=MzI2MTU1NTkyODI4MDcyOTAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGM3eTE6sRkg4ncBu97gIMXEefOlezXQN99c3xbLBXC1ili1iTS8cJ9aZFHgkvIioMPnHkbAIbXwqETQTGmkzYp6ggzugu-M2g&gdpr=&gdpr_consent=
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 03 May 2023 22:46:32 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI2MTU1NTkyODI4MDcyOTAwMFYxMA%3d%3d&mn_hm=MzI2MTU1NTkyODI4MDcyOTAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGM3eTE6sRkg4ncBu97gIMXEefOlezXQN99c3xbLBXC1ili1iTS8cJ9aZFHgkvIioMPnHkbAIbXwqETQTGmkzYp6ggzugu-M2g&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Wed, 03 May 2023 22:46:32 GMT
v1
match.sharethrough.com/E4rooAtA/ Frame 0467 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEHvbMW6x6XwMsmbSKW2AaOk&google_cver=1&google_push=ATf1kGMYtztxntux8WmrqG-X-AfK3qUwJFUM8Pq74gj5NMYHrE4tziFIV1acoEos1r_KH06cZzfHK3CHmMRECZjZrNT14BL7B-zTRF0
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.71.167.37 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:32 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 0467 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L4_ur3TbESY77VvgHxKq7XLz1Mk61ONypw6iI7FiTm9MVE9nG7utnztrk0xfAbA15g_d186w
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3C0C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
113324
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 15:17:48 GMT
expires
Wed, 01 May 2024 15:17:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 2C77
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEqK55G4tKxgDsqLua0H6os&google_cver=1&google_push=ATf1kGN5w9VTOeQo68-lsUK9b5jTk0PWb0Ij6jwKOZTIVNyBo-dGnURwk0yzzF6KP5qBw58jk2sHE_YuSvP6ltElvggK2jWsZkA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzE3MTExNTgzNzI3MzI2NjI4NQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEqK55G4tKxgDsqLua0H6os&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEqK55G4tKxgDsqLua0H6os&google_cver=1
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEqK55G4tKxgDsqLua0H6os&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 2C77 		35 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHkrr2-1BtBB4m6eSKds8VA&google_cver=1&google_push=ATf1kGM8m3YlsA1l7_FO3eBw0gzNVNkOiTz-5iX10H35HlqaZTY1UcBuHSqrbYkKggBtDo8eiJiPe_B1UOLCcQa4HHdW5WH6N8k
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2C77
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEMqwYuAD_513kEytrSYmPhA&google_cver=1&google_push=ATf1kGNBCX42uDPPfpweLd8sSW6en8vN81ia0cJxiB5NYQpSatlAwUX7cnWSw4TuK6ozKPeS9EVsMr0FCdfWltxWCPVcisTijxQ
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODc4NzY1OTYzMzlGQzRCRA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODc4NzY1OTYzMzlGQzRCRA==
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODc4NzY1OTYzMzlGQzRCRA==
date
Wed, 03 May 2023 22:46:32 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 2C77
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIr2HrQfTxogYgofaog8p68&google_cver=1&google_push=ATf1kGOT0L4slGuJDgrYWcqjlku7bYg6AaHNB982kFmHkovtV53rmCsetZE1jFSWzPEudhochK8xqhGwzi-lL6Frf8090wm...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOT0L4slGuJDgrYWcqjlku7bYg6AaHNB982kFmHkovtV53rmCsetZE1jFSWzPEudhochK8xqhGwzi-lL6Frf8090wmal6g&google_hm=eS1kcFZGUkpKRTJwRVgySDJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOT0L4slGuJDgrYWcqjlku7bYg6AaHNB982kFmHkovtV53rmCsetZE1jFSWzPEudhochK8xqhGwzi-lL6Frf8090wmal6g&google_hm=eS1kcFZGUkpKRTJwRVgySDJpM1FIbDNzZkZfWDRyY1NBR35B
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 03 May 2023 22:46:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGOT0L4slGuJDgrYWcqjlku7bYg6AaHNB982kFmHkovtV53rmCsetZE1jFSWzPEudhochK8xqhGwzi-lL6Frf8090wmal6g&google_hm=eS1kcFZGUkpKRTJwRVgySDJpM1FIbDNzZkZfWDRyY1NBR35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2C77
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBPHjHBOoB5M-1ag8wW45Uw&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBPHjHBOoB5M-1ag8wW45Uw&google_hm=ZFLkRsoLeJgLk4lPdSyTVQAACJsAAAIB&google_nid=index&google_push=ATf1kGOnynwDbsPgR0dQ6jyDVKUJnIjweTl6c...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBPHjHBOoB5M-1ag8wW45Uw&google_hm=ZFLkRsoLeJgLk4lPdSyTVQAACJsAAAIB&google_nid=index&google_push=ATf1kGOnynwDbsPgR0dQ6jyDVKUJnIjweTl6c9BzWR4Lv9QvFUcinMz4mVQbAnvEdlllSGk3a76sjtFoO8kzkUnrF_uwFcuPoQ
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 03 May 2023 22:46:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBPHjHBOoB5M-1ag8wW45Uw&google_hm=ZFLkRsoLeJgLk4lPdSyTVQAACJsAAAIB&google_nid=index&google_push=ATf1kGOnynwDbsPgR0dQ6jyDVKUJnIjweTl6c9BzWR4Lv9QvFUcinMz4mVQbAnvEdlllSGk3a76sjtFoO8kzkUnrF_uwFcuPoQ
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame 2C77
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEB-DQIdRYlMeoCTyF6vmU_E&google_cver=1&google_push=ATf1kGOVDJ42kARjG1kCblj2iGU8kcOZgyXRpy5mwpbbyX8AwWElUmrPJ6JYaYyI0HsgKklh3ybPEBLQlFES923Vn42DiGERWgM
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ATf1kGOVDJ42kARjG1kCblj2iGU8kcOZgyXRpy5mwpbbyX8AwWElUmrPJ6JYaYyI0HsgKklh3ybPEBLQlFES923Vn42DiGERWgM...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUxNzI1NTEyNTg4NzcyMjM5NTU5&google_push=ATf1kGOVDJ42kARjG1kCblj2iGU8kcOZgyXRpy5mwpbbyX8AwWElUmrPJ6JYaYyI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUxNzI1NTEyNTg4NzcyMjM5NTU5&google_push=ATf1kGOVDJ42kARjG1kCblj2iGU8kcOZgyXRpy5mwpbbyX8AwWElUmrPJ6JYaYyI0HsgKklh3ybPEBLQlFES923Vn42DiGERWgM
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUxNzI1NTEyNTg4NzcyMjM5NTU5&google_push=ATf1kGOVDJ42kARjG1kCblj2iGU8kcOZgyXRpy5mwpbbyX8AwWElUmrPJ6JYaYyI0HsgKklh3ybPEBLQlFES923Vn42DiGERWgM
date
Wed, 03 May 2023 22:46:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 2C77
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEDSDlE3nzUeIX4mzWQCOECs&google_cver=1&google_push=ATf1kGPui8PNza40AqHXk4Ld_0yir9cGWo21BKlwpXUC7hj6sGSAhW_Z1...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGPui8PNza40AqHXk4Ld_0yir9cGWo21BKlwpXUC7hj6sGSAhW_Z1DyUbM43L6iPHWVioGbznmoryvZ5oIXXodZXzwLWsLUt&google_hm=QlMuZWY4My0zYmJmLT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGPui8PNza40AqHXk4Ld_0yir9cGWo21BKlwpXUC7hj6sGSAhW_Z1DyUbM43L6iPHWVioGbznmoryvZ5oIXXodZXzwLWsLUt&google_hm=QlMuZWY4My0zYmJmLTQ4ZmEtYTNhOQ==
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=ATf1kGPui8PNza40AqHXk4Ld_0yir9cGWo21BKlwpXUC7hj6sGSAhW_Z1DyUbM43L6iPHWVioGbznmoryvZ5oIXXodZXzwLWsLUt&google_hm=QlMuZWY4My0zYmJmLTQ4ZmEtYTNhOQ==
Date
Wed, 03 May 2023 22:46:32 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 2C77 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K48E9khd4V5AtEn4iZtT0dxAHF_uijKVt_o1cN77YPBPr7JW6d1u6rWE3OmG45XfVmyngRIQ
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C1EA 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
113324
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 May 2023 15:17:48 GMT
expires
Wed, 01 May 2024 15:17:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/5060234458730202781/ Frame D2CF 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5060234458730202781/index.html?e=69&leftOffset=0&topOffset=0&c=XJyifWqi2h&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2528
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 22:46:32 GMT
expires
Thu, 02 May 2024 22:46:32 GMT
last-modified
Mon, 27 Mar 2023 14:54:33 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 408C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5Dx_M3pjDqg0U-LMvxTFbluDqVm2fPRyL-_iB_Ha9QTHxx3l2wv85ud2aJ9HWSnG0R48cO-6x5G8LSc5PT_T3_8bZM-g5FwLSYDOJGFQZ6KwH7KpUm8KB_8I22cFcu23vSvc4DlXNt8vUsWbPWzd0WdMiyJ0XVE07qCbiHIFMlEwAA5ofsPxwNjbSKVnztU-KVdSd0zdLRtLxg4jllfti4N3VYA1fwf_HEax515Ha5fexYExvaYy6TkGMHRnwIbQpVALunJoNF27UeA1wMMNm8_wUGwUVp6QPrezzLl_H4imAcxhs8I8XfFmPwdX6u5fLygyNzRj9NS01xT9X2m9x9_u01yxLk3KR_R-SBIF-BWIqHHNjMcTC22Ep-YtlP2sQFO1SIrImUNeBmrRJJCHzTYwLnq5XTrlhyb8XtCiv3w_rFauexLrqEGzX84lBogu_AF1kTEQ3VSo8FJv5bics0W1iwUyOclMRxcVcz8S42bubB2gCmtx0w6Aq2VMsdfbLEvIRRmna2Cy8BOsSTErtXzfsLroZLDvGNatL-q7u3_K13Mj9ATN4RoXdFxKy38qJZavoGRPZ7CltocqDPjuROtvYzIvLWv8GxJazqjZ01ZVMMaXGyhbVNRb4Pw3dS10KMnzz7xQYxTNCNpnqcrsij6HqpyzQMWbIDYz2z0kFe6-k_S1H63sHiIdw8fGa521o1mSwANBAcAERSWs95sk3xyd_5mdh7WvWB0hmwUK79yf2TfD18V1JFb0Mw5JieQTUG8PhwzovDZzAiqYe8Ot-Sgr1kw15NpbnLpWr-Y0Jyi0y0wv9xJMSzvvraU2KFNoVEA8fzqnbUMYhAgN6aBlI_vM9J1ko5c_anJAwQUSLVPrZ52aArS8CsXZkqL_ttSH9f_8d_PEz9Pih4JXbmn8LIXdxN0UGHkWa4WlVmSKoMLFQGSrF-ZgpZqsVsFKbt9f4rI2Je1nKh-p-aogM-zQNNdIMY8fiA9ZhMYQQjGE0yl-I1PxMnVwzv5r-CqK2uDVqedLC4y73reNofQ2MSzbVCkwL8Xktdo8IF2JeNotr1qopt_dH-OfFXOJ75fgP321YKxi3iWFupGZOz5c3zvzT5d_xLhfqP7KWavbQEnqGzjMqGVH6P0xHJLqFi8tHq1UfKbo6H5GdNYSg11GKPcf7AhMhgN_0_W94ja0m4fJF5exVmKhqTcsGutes5b-nnq-sGmubvNn_YR44c3KN9kfwIbtwhXu9liBGoBHjzkJLTsdLABUOun-ol66lcAPQiplSllD7-BQYTmE8G-pbDyFfX3sgA8y4-jhJ8LxQG1VdXgDy-P7IZnRby_C8xRdRbg&sai=AMfl-YQxjbeFIYv2xBNy2uKKbyI7_e8WS5goozOK3nYtQ7uRkuFtkYkCbrm1YvPGjXHhoCrYScs4OT8ej_FtOolQ_TJIulPidAHqdAw2D1EUGzoXcjnLFp3yMaTbnjl2xcRTcnNthejADjBK4e-oKlWLK5JxtHQG6V6lXrQ2OniYTrEOv2qd4Es2H06JylXEBW80sdA5REOhY0133kcLkkzeavB7mAGkFXexcZl-_fjCaN_zGblfJ8vi0_5fNmq262m2mQfhQiY&sig=Cg0ArKJSzIpTIfugkFkqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=253&cbvp=1&cstd=243&cisv=r20230501.26625&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 03 May 2023 22:46:32 GMT
iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
pagead2.googlesyndication.com/bg/ Frame 9533 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa37b1b49143f1f0f5946a34c832d5a7c1da1e2be2a8f629322c66b13f191c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 19:59:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
10020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 May 2024 19:59:32 GMT
index.html
s0.2mdn.net/sadbundle/12798113095133070547/ Frame 8643 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12798113095133070547/index.html?e=69&leftOffset=0&topOffset=0&c=VvCmDGE6G4&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2524
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 22:46:32 GMT
expires
Thu, 02 May 2024 22:46:32 GMT
last-modified
Mon, 27 Mar 2023 14:54:03 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 56B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvHzrj47gpFdqmLUiRpf2N22Ys3gXLtmIG8_Oz4STcaXz-AcaUL_bpaGcQCShjlCeW5pORLgT_n0xDVrRMupuiTPgR_tgGewdY76qYT_P3oB058IOXxJxafxVQIqypI6GN-DtmpHhSj8uH0UYRKnKLfRqzoYI6dxxmwUMY5BCyG5tEKZp59yHpRKBEqhlqjwKXmNMqsU9rp1enth_PNjrSKCkhzP51rRMIKDZ_Vloj13oNd4e3H5hWKv9z73aCHJg762k9sBov1K-94wcFpRW1_zmcyqShxfPPXs_gkHfiXdvw2-gE_KUBrmI8j8hhLw77xiIraDxAKG0S7bt8qNn2K2_1PqlXgWys_xTKtyTk0uKlvOIEnZfMsqwpn8hG-Cgrl2ug81LfmZK0pvo_ZjRywTitm0DEej0C4p67A5xHkfpCQMklliJwF6PO8pWLDS-oZb0qhx-Mtxc54rKHbEPYh1LuJgy78_-zopGhsYqvWmDDJFwm8FmfiTzbwzmthHpwOd4DfNPd8RPXliVRpMAk0d78C37d67t8iibLYdmscB-wBl5O_kE4RzvK5sN77RLuEjc-IJf3ec3f405F_IGX8aNki6NtzLB-Jwi6HThs3YqKFK4G7NcL8nE-jF0oHxOd7M4JMsGuRy-58JI8ogfq7sLHRgQ-fPftfbZgg-RoowoY1ea9_hpOsVHbi9hkAnR0raeNfwTD0SY0dgow5pZ1VoQ0nDcScB6FK0_vTwFiXkLnipoGgo3uDlyHkhLEd6PtB4_PvrU0zWEnfXYcg7A0PDi6pWzDuDV8j4IRD_5T8yChv9DBpmgO6XsFsobOlZWyAi6Jx5gTyQSJtQIFcKLIAkoR1hWGkaFuv0LqmZTXBJW2_3CspY-IjY0_wBFAdzIGCv_plJIFJzo1l8AYERTgpBksM0qg0Ggc_aK4RNnk6Ydl5XQwhCoZ057rEic2h43Qnct2ge5_nDutt6cJLZW5iKqXcME6cURM5tiavdqh9DsPqNw6Y2TfxT_4vUOhtd4p8eD13hCxSzX1ltMHVK5o7S8vCYVHacg2jopY_e6eSpNnsgoLgmtC5ZHo3zgM0QlgQgiABGMNdpgc6x4FdfXp3EyAg4wA_A5TucUS-XIgSzNI6a0BRFWnHRvSyS_2OnnKOezRAPQ8LB-wP4OKds8ArdpoW4MHaDbV2sQWPjI3Hvdu7jIKWHWHWbGp7rZMJID6tS_JRm50GFiVJY4tfjGqj6HJQWljJsk3QQotVwSUfBo-67T5wT-_eNWuf1DwqhDb7katYRO2aS1glpK3bn0_NSffq-3vR_PR6YCBn02ebHoAejcAhe5d2Chk8D-C_t9vyyBHy&sai=AMfl-YRQY6c2uNNWDHQL-zcAWKQ6ZOL8dP8DDcMDfw7zDLq9D7k8ma2jRgjzTYr_5knHWsk6-L7-2EAJZcrTNPy-WSI3rGaS6IIUZRiDdJzwgaLXHTZmvy0Wc-bCGC6FNYw8_Z6A-qHAZDqUM2D-CPhIVv-pG9PZdfWuZdxAvVYsh7-Fsaj_AYyobcCai6m-43fQ1V_0i6v1TQoChtZNsHgJQ3CSoS5_SgeM3UTFzGeqwcjB1Zvwr3JKhf4DCdqB09zFb8IMaBQ&sig=Cg0ArKJSzCvoboJZy2j3EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=234&cbvp=1&cstd=227&cisv=r20230501.12349&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 03 May 2023 22:46:32 GMT
iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
pagead2.googlesyndication.com/bg/ Frame 3C0C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa37b1b49143f1f0f5946a34c832d5a7c1da1e2be2a8f629322c66b13f191c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 19:59:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
10020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 May 2024 19:59:32 GMT
dvbs_src_internal117.js
cdn.doubleverify.com/ Frame 1CDC 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=203336&plc=7322076&sid=18330&dvregion=0&unit=970x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba29 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Wed, 03 May 2023 22:46:32 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 11:00:18 GMT
Server
Microsoft-IIS/10.0
ETag
"0cda5b9e224d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18840
iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
pagead2.googlesyndication.com/bg/ Frame C1EA 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 19:59:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
10020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 May 2024 19:59:32 GMT
passback_160x600.js
static.adsafeprotected.com/ Frame EFB6
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1352960/70224255/xbbe/creative/adj?p=APEucNWkcZqnkVmkesuUrqsTnH2tUrghoQk1-YLL4wGGgy8azDUzW5Q&d=CokBAKAmf-DmKtX3OD0QHjMBTh-__rzSeWyJPqPQ-ScQXdCA1twIHlZQfu7Bjr-...
  • https://static.adsafeprotected.com/passback_160x600.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/passback_160x600.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:2127:8600:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 21:15:12 GMT
x-amz-version-id
8Lk6nwqXh6k6nfZmyjbOHVq75QkTtjZi
content-encoding
gzip
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
264680
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 18 Feb 2022 23:29:36 GMT
server
AmazonS3
etag
W/"e27cc778cdbd4fb2ab2c39d090d5c119"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
juiQ1GTWubFir9j75Lnl8dQKAAPKcekD8NB7Us6yO9j-YsIDR4GenA==

Redirect headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
server
nginx
x-server-name
app05.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/passback_160x600.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame E871 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:8600:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 01:38:18 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
4828094
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
iaLI75yosdjjL_ZC2O7mWqSiS7oa4p2SVHvBu1SLbjWsczqEowNKew==
dt
dt.adsafeprotected.com/ Frame EFB6 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=d1c95d7b-146a-c7c0-569f-71595821d641&tv=%7Bc:bAU9Gi,pingTime:-3,time:79,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:80,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B73~0%5D,as:%5B73~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tDeKCEr+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C171%7C172%7C18*.1352960-70224255%7C181%7C1821%7C191%7C1921%7C1a1%7C1a2%7C1a31%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4,idMap:18*,rmeas:1,rend:0,renddet:IMG.us,siq:23%7D&br=c
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:841d:db90:f6f3:b6f2 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame EFB6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=d1c95d7b-146a-c7c0-569f-71595821d641&tv=%7Bc:bAU9Gk,pingTime:-6,time:81,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:81,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B74~0%5D,as:%5B74~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tDeKCEr+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C171%7C172%7C18*.1352960-70224255%7C181%7C1821%7C191%7C1921%7C1a1%7C1a2%7C1a31%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4,idMap:18*,rmeas:1,rend:0,renddet:IMG.us,siq:23%7D&tpiLookup=ao:access-excel.tips*&br=c
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:841d:db90:f6f3:b6f2 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
verify.js
rtb0.doubleverify.com/ Frame 1CDC 		656 B
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_966936687440&jsTagObjCallback=__tagObject_callback_966936687440&num=6&ctx=15911784&cmp=203336&plc=7322076&sid=18330&advid=&adsrv=&unit=970x250&isdvvid=&uid=966936687440&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.50&dvpx_strhd=0.50&brid=3&brver=113&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=11&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTau2446DD%5C6I46%3D%5DE%3AADTauU2%3F4r92%3A%3Fl9EEADTbpTauTau2446DD%5C6I46%3D%5DE%3AADTar9EEADTbpTauTaueeabe34%6046_5%60ehe44_ah764c7f36g2a%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=5.30&callbackName=__verify_callback_966936687440
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 May 2023 22:46:33 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
05/02/2023 22:46:33
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 8643 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12798113095133070547/index.html?e=69&leftOffset=0&topOffset=0&c=VvCmDGE6G4&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12798113095133070547/index.html?e=69&leftOffset=0&topOffset=0&c=VvCmDGE6G4&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 23:21:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84316
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 03 May 2023 23:21:16 GMT
empty.svg
s0.2mdn.net/sadbundle/12798113095133070547/ Frame 8643 		216 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12798113095133070547/empty.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12798113095133070547/index.html?e=69&leftOffset=0&topOffset=0&c=VvCmDGE6G4&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12798113095133070547/index.html?e=69&leftOffset=0&topOffset=0&c=VvCmDGE6G4&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 14:33:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
375182
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
182
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 14:54:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 14:33:30 GMT
nologo.svg
s0.2mdn.net/sadbundle/12798113095133070547/ Frame 8643 		216 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12798113095133070547/nologo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12798113095133070547/index.html?e=69&leftOffset=0&topOffset=0&c=VvCmDGE6G4&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12798113095133070547/index.html?e=69&leftOffset=0&topOffset=0&c=VvCmDGE6G4&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 12:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
384149
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
182
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 14:54:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 12:04:04 GMT
backup.jpg
s0.2mdn.net/sadbundle/12798113095133070547/ Frame 8643 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12798113095133070547/backup.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12798113095133070547/index.html?e=69&leftOffset=0&topOffset=0&c=VvCmDGE6G4&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12798113095133070547/index.html?e=69&leftOffset=0&topOffset=0&c=VvCmDGE6G4&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 14:11:50 GMT
x-content-type-options
nosniff
age
376483
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4489
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 14:54:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 14:11:50 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8643 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12798113095133070547/index.html?e=69&leftOffset=0&topOffset=0&c=VvCmDGE6G4&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12798113095133070547/index.html?e=69&leftOffset=0&topOffset=0&c=VvCmDGE6G4&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 03 May 2023 22:46:32 GMT
app.js
s0.2mdn.net/sadbundle/12798113095133070547/ Frame 8643 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12798113095133070547/app.js?@@decache
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12798113095133070547/index.html?e=69&leftOffset=0&topOffset=0&c=VvCmDGE6G4&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12798113095133070547/index.html?e=69&leftOffset=0&topOffset=0&c=VvCmDGE6G4&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 21:10:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
351341
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7002
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 14:54:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 21:10:52 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame D2CF 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5060234458730202781/index.html?e=69&leftOffset=0&topOffset=0&c=XJyifWqi2h&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5060234458730202781/index.html?e=69&leftOffset=0&topOffset=0&c=XJyifWqi2h&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Tue, 02 May 2023 23:21:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
84316
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 03 May 2023 23:21:16 GMT
empty.svg
s0.2mdn.net/sadbundle/5060234458730202781/ Frame D2CF 		216 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5060234458730202781/empty.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5060234458730202781/index.html?e=69&leftOffset=0&topOffset=0&c=XJyifWqi2h&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5060234458730202781/index.html?e=69&leftOffset=0&topOffset=0&c=XJyifWqi2h&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 12:19:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
383201
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
182
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 14:54:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 12:19:51 GMT
nologo.svg
s0.2mdn.net/sadbundle/5060234458730202781/ Frame D2CF 		216 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5060234458730202781/nologo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5060234458730202781/index.html?e=69&leftOffset=0&topOffset=0&c=XJyifWqi2h&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5060234458730202781/index.html?e=69&leftOffset=0&topOffset=0&c=XJyifWqi2h&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 19:39:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356838
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
182
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 14:54:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 19:39:15 GMT
backup.jpg
s0.2mdn.net/sadbundle/5060234458730202781/ Frame D2CF 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5060234458730202781/backup.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5060234458730202781/index.html?e=69&leftOffset=0&topOffset=0&c=XJyifWqi2h&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5060234458730202781/index.html?e=69&leftOffset=0&topOffset=0&c=XJyifWqi2h&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 15:23:20 GMT
x-content-type-options
nosniff
age
372193
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4283
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 14:54:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 15:23:20 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame D2CF 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5060234458730202781/index.html?e=69&leftOffset=0&topOffset=0&c=XJyifWqi2h&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5060234458730202781/index.html?e=69&leftOffset=0&topOffset=0&c=XJyifWqi2h&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 03 May 2023 22:46:32 GMT
app.js
s0.2mdn.net/sadbundle/5060234458730202781/ Frame D2CF 		49 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5060234458730202781/app.js?@@decache
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5060234458730202781/index.html?e=69&leftOffset=0&topOffset=0&c=XJyifWqi2h&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5060234458730202781/index.html?e=69&leftOffset=0&topOffset=0&c=XJyifWqi2h&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 12:13:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
383587
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8450
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 14:54:33 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 12:13:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 34A4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bn51vSORSZKzXDsSSrAShkYW4BwAAAAA4AeAEAg&bg=!d3SldCDNAAYcDqajPA47ADkAdvg8WoIb8mKXDwoKygVsygmKGRy1zwSfZXJqzvU1LoL2sGIoywgeERUm0G0V5hViLYO9FIm8udQCAAABCFIAAAADaAEHmQM67lwQV3gZtDC1FMNm-pysLtD9iZ0jDYDIdbL8zG9y1boM7KDdTQU2MPuKgdny1NRDgQNjkZpoWP3YQqbgCBDcR_jvhyEV7tlSgg08JBBfd0tHnTxwmGDq1y7KLdy-QGNjoMEj017Cp0Etwk5NHCEDLyFoNj1JRLKMIZPubIUlaqzOHpIXvT-rc8Hyc7L9hs112I1CJhI9nWFQVKAOa967cM4dhfhHHfmN_rvB8IGhlnTCTNtMD_wzzaaP7sXq8hwx9Oiir7i332cgIdpTde_FyrrFsIQkMV59L1QeEQ6PcehAQOLmSmM-thpiUBDSfiz2ejuor21OGK4aZPgZtZK9Y48z7v-zpQ1JsTHsVpeIa_w-qAnsh9bGbrsVNIeRo8De7T96EmqzoxkxJIQF7TDAV0jpGoSUjGR9KRxWwYWTItpWJvbcmflbXdwA2_zIKFeQ3OSardIiQwzA1vXvALs0PrQn26Bvjs6uFQSEyHk4sdo3BtYNdcq6KxzPP4j3dR7qtutO51DcU6fa9UxNhlSgf9JoOU8kLJ3fs93NhNplxTBf4_ZFii_s2Zt48aJMUuy1dGZ5RU2wRMGYJ-XqeCRbKdX8Y14BpU14E5RE0c8qui6DgAxXsDWrwZCgCtALP94-WSNXR5daVXDGFBsl7P4PiXp-q03WTn7DYHuAtr39QTtSchQmhWoZ_zuUctEOQEwPwAO9sEuTBwaq1xl4wKACaOGj4czHpOr7HclCZHUmgJeQ4NK6rNTYaHpl5t-4hGEeIocEdjs1eQSlWHjmhgDPTctz_QkeMJ_r4rTLtbXx5LFkEt_GHTnCRP_No9rvu26taSDXHBB8sRvnTTa_7ABkdBbe8FG5CmfLVAbmGd_QjyVV6B_8ILimp1jd2X5WraMRQYNMBE2wB_fOcjasQ52dc0oC7bxKFDjmkjARVr9sPsJJi0Tz8VyY8WENIvy6yOYQ9FZeQbp39zJSzk4DAzjjBff8Lf5rXDdH4VEIGrtcehR9mfdm8__fdPTJTC0_QExIoU2oCbYjX4U8AVDdjEze9fDMxQl-76UApnP3PoFSvNJsW1SWWrsAQ2ke90yQAMT1O0V0FJf9qpUwTw
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame EFB6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=d1c95d7b-146a-c7c0-569f-71595821d641&tv=%7Bc:bAU9Hd,pingTime:-2,time:136,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:719,beZ:720,mfA:722,cmA:723,inA:724,inZ:727,prA:727,prZ:736,si:741,poA:742,poZ:767,cmZ:767,mfZ:767,loA:799,loZ:802,ltA:854,ltZ:854%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:136,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B129~0%5D,as:%5B129~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tDeKCEr+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C171%7C172%7C18*.1352960-70224255%7C181%7C1821%7C191%7C1921%7C1a1%7C1a2%7C1a31%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4,idMap:18*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:23,sinceFw:112,readyFired:false%7D&br=c
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:841d:db90:f6f3:b6f2 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
passback_160x600.js
static.adsafeprotected.com/ Frame 1A1F
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1352960/70224255/xbbe/creative/adj?p=APEucNWkcZqnkVmkesuUrqsTnH2tUrghoQk1-YLL4wGGgy8azDUzW5Q&d=CokBAKAmf-A8LXt1rvPA1SpOoMu7NOaaJafGn9ykbw6wEvBJ3hY23k4d_sdQCFo...
  • https://static.adsafeprotected.com/passback_160x600.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/passback_160x600.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:2127:8600:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 21:15:12 GMT
x-amz-version-id
8Lk6nwqXh6k6nfZmyjbOHVq75QkTtjZi
content-encoding
gzip
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
264681
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 18 Feb 2022 23:29:36 GMT
server
AmazonS3
etag
W/"e27cc778cdbd4fb2ab2c39d090d5c119"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
RDDrVWld6JTv4thrzaTHdPsgZlMnurrPfPi9TSJ69bWxGmFG_g33hQ==

Redirect headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:32 GMT
server
nginx
x-server-name
app06.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/passback_160x600.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame C386 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:8600:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 01:38:18 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
4828094
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
fev1UG2Mj_D5s6fDhqaXRPy8eSgw114yCjAZu6wN1u8162wWQ4trsA==
dt
dt.adsafeprotected.com/ Frame 1A1F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=fe5a4122-8af7-99d8-eeb7-3ae58fa15d2d&tv=%7Bc:bAU9Im,pingTime:-3,time:68,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:68,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B62~0%5D,as:%5B62~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tDeKCGG+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C171%7C172%7C181%7C1821%7C183%7C19*.1352960-70224255%7C191%7C1921%7C1a1%7C1a2%7C1a31%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4,idMap:19*,rmeas:1,rend:0,renddet:IMG.us,siq:19%7D&br=c
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:841d:db90:f6f3:b6f2 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
nginx
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 1A1F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=fe5a4122-8af7-99d8-eeb7-3ae58fa15d2d&tv=%7Bc:bAU9Ip,pingTime:-6,time:71,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:71,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B65~0%5D,as:%5B65~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tDeKCGG+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C171%7C172%7C181%7C1821%7C183%7C19*.1352960-70224255%7C191%7C1921%7C1a1%7C1a2%7C1a31%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4,idMap:19*,rmeas:1,rend:0,renddet:IMG.us,siq:19%7D&tpiLookup=ao:access-excel.tips*&br=c
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:841d:db90:f6f3:b6f2 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 1A1F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=fe5a4122-8af7-99d8-eeb7-3ae58fa15d2d&tv=%7Bc:bAU9Jd,pingTime:-2,time:121,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:845,beZ:846,mfA:848,cmA:849,inA:849,inZ:852,prA:852,prZ:858,si:863,poA:864,poZ:887,cmZ:887,mfZ:887,loA:915,loZ:918,ltA:965,ltZ:965%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:121,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B115~0%5D,as:%5B115~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tDeKCEr+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C171%7C172%7C18.1352960-70224255%7C181%7C1821%7C183%7C19*.1352960-70224255%7C191%7C1921%7C1a1%7C1a2%7C1a31%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4,idMap:19*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:19,sinceFw:101,readyFired:false%7D&br=c
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:841d:db90:f6f3:b6f2 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
4a.js
static.adsafeprotected.com/ Frame 408C
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1294488/70429366/4.js?adContainerId=brand_safety_SORSZKfwD-Oz9u8PhPSIkAo&cbFunctionName=goog_wrapCb_SORSZKfwD-Oz9u8PhPSIkAo&true_pb=&adsafe_pb=https%3A%2F%2Fst...
  • https://static.adsafeprotected.com/4a.js
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4a.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:2127:8600:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 01 May 2023 19:30:26 GMT
x-amz-version-id
dyoMievXawDBySGtCwqc6J67y9VH.VFz
content-encoding
gzip
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
184568
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 01 May 2023 19:30:22 GMT
server
AmazonS3
etag
W/"589d8955c4906ab1b8e63a2f92d932d3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
2_uT4RVg3FxBoTPin7iVDsKEL5jQXjaoh9_Sj-LAvQfbHnhzz9hkCw==

Redirect headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
nginx
x-server-name
app04.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4a.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 784E 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:8600:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 01:38:18 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
4828095
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
PpLIVuziZQiPrJq9ZeYWcU83K9Vu5Zkp2zLNVz00GU1bA7LGiGqWFA==
4a.js
static.adsafeprotected.com/ Frame 56B6
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1294488/70429355/4.js?adContainerId=brand_safety_SORSZOOgFLfCx_AP8oCP6Ac&cbFunctionName=goog_wrapCb_SORSZOOgFLfCx_AP8oCP6Ac&true_pb=&adsafe_pb=https%3A%2F%2Fst...
  • https://static.adsafeprotected.com/4a.js
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4a.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:2127:8600:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 01 May 2023 19:30:26 GMT
x-amz-version-id
dyoMievXawDBySGtCwqc6J67y9VH.VFz
content-encoding
gzip
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
184568
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Mon, 01 May 2023 19:30:22 GMT
server
AmazonS3
etag
W/"589d8955c4906ab1b8e63a2f92d932d3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
ogB0puuJ4qnvDhkR4sdFL7CisBFhSD4ZCJ_DXCQeNKaGDd4A8eLSGg==

Redirect headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
nginx
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4a.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame CE81 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:8600:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 01:38:18 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
4828095
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
2ocHMipwP2kNhkID1Wgcsmk66Pkf-Hp71f67oj9uJxEIx-gHOujNlw==
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED81 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlYEsSORSZLyOEpW5-gaz0oaoAQAAAAA4AeAEAg&bg=!dHeldyPNAAYcDqajPA47ADkAdvg8WlwhIwed3cLqtlWCPXswJ7vJ3dAL6H8TB5kqkxOXCtp0wL0UZjefCrt5sMbWSGE4nfWbxCACAAABoFIAAAADaAEHmQNBOqNzL1cpYkZqG2G_XZaj_l8JDfhw_7uBU3B7401hIvwb6XwWlVwNjFc2jeBlkpiXjsesmolMSZGWRLKMTd0mGl_W_hKXQnQM2qQF4o4_ZIBbCQJ7BTUjDFtjP4Ouu8Yj_FfCXqAfcXMm-xAo2FgkW5IuCXfeHPdZpM5WSbbgoAKDQEDobk9hzuEDhmaH4hwF8EqLOo4yYy7HHPb28AhK6usycnv0OdBi4JudQ5Mjyw5ahUDKrKUEn_vezctP2ZoakAoTyboHTZ1b8Stk8Dhb5i_uXVsS67bDK8N4J1qvSyQxbT2pdL2kCdClVI1Wjlrfnf1I3jvAQdAYOkwubqHs33qRlwmvy3crowQKUS0mZ6AY8sZYVEgP80GDxrjP9ug1hEwqVU5_yRJerDUlRx3RUI0WyIuPvgmSw_NsA6a-ZShAi5wspIDr6MzNUpIynvIYLBISumvlDCP2SaxDh02ApYYk7H9X6B-Cqi4oATbmkaFzpim6Y3S2Pkvz_GTzmhG77QAz4zX2ALm3h9yFTitka-d1P1bOewtEcZJ8Xjn9cKpqO0hk734kzn1wm54KyOTOGdokqCyIxhq2kDQAa5g9jo4iHXAasqjK_R62HDYiLxr9LzxV0sppvrEl3h6Z8tQYuesxwTJm3I9ry2K7jztElMwQVEIgHqla2pvNnY6tkteyvyaiaICxX89JowO6F-N995-bs6azwhLhneqJHJhE0zsbRuPsvFcc0xq24Y2Jut8bymLrC7iaje8VyTzpjvLxb9V1sZU3mS4W-fCutxeyE_bM67YSpEX7uqK-9yweFCr5-9S2DLmIW3xRJY61JXo2xRLasBebtctY6X8nu-DbyZQwcrn5oOZQVXevHkEeqzcSwJnxS7aflaHBezT9pad3Y9fOyTV3iTi3CGhC4s_N2_jqv7HebiVAmwQ7hy3-V62otlxqZItBi-TjRv7pZQMMcmkYpUAL_4OVTal5R9V2HlDMvPAsun4FrJoTPRSGh18lrsglf2hwVKXdj8DhDiRIj5ovQL-oyrFC_I6WLA-HvdVPrFsB2f5JbIl7I5GtRZM7qxJA5prKhHfCSrdpDM-xeoHloZzZoodhFpSjiDikla8
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 408C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1294488&asId=8c8ff08a-f9ea-0c50-3b1f-1104d13fc2d9&tv=%7Bc:bAU9L4,pingTime:-3,time:114,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:115,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B107~0%5D,as:%5B107~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tDeKCIE+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C191%7C1921%7C193%7C1a*.1294488-70429366%7C1a1%7C1a2%7C1a31%7C1a4%7C1b1%7C1b2%7C1b31%7C1b4,idMap:1a*,rmeas:1,rend:0,renddet:na,siq:23%7D&br=c
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:841d:db90:f6f3:b6f2 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 408C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1294488&asId=8c8ff08a-f9ea-0c50-3b1f-1104d13fc2d9&tv=%7Bc:bAU9L7,pingTime:-6,time:117,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:117,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B109~0%5D,as:%5B109~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tDeKCIE+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C191%7C1921%7C193%7C1a*.1294488-70429366%7C1a1%7C1a2%7C1a31%7C1a4%7C1b1%7C1b2%7C1b31%7C1b4,idMap:1a*,rmeas:1,rend:0,renddet:na,siq:23%7D&tpiLookup=ao:access-excel.tips*&br=c
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:841d:db90:f6f3:b6f2 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 56B6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1294488&asId=e6925260-3999-34c6-452b-7b61138e9534&tv=%7Bc:bAU9Ld,pingTime:-3,time:81,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:81,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B75~0%5D,as:%5B75~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tDeKCIE+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C191%7C1921%7C193%7C1a.1294488-70429366%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1b*.1294488-70429355%7C1b1%7C1b2%7C1b31%7C1b4,idMap:1b*,rmeas:1,rend:0,renddet:na,siq:16%7D&br=c
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:841d:db90:f6f3:b6f2 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 56B6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1294488&asId=e6925260-3999-34c6-452b-7b61138e9534&tv=%7Bc:bAU9Le,pingTime:-6,time:82,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:82,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tDeKCIE+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C183%7C191%7C1921%7C193%7C1a.1294488-70429366%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1b*.1294488-70429355%7C1b1%7C1b2%7C1b31%7C1b4,idMap:1b*,rmeas:1,rend:0,renddet:na,siq:16%7D&tpiLookup=ao:access-excel.tips*&br=c
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:841d:db90:f6f3:b6f2 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
nginx
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
IAS_PassbackAds_160x600.png
static.adsafeprotected.com/ Frame EFB6 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_160x600.png
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:8600:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
Ax9g4_p37qT.TuZCPzwZssuxM41dY1J7
date
Tue, 02 May 2023 23:43:23 GMT
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
82991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
16777
last-modified
Fri, 18 Feb 2022 23:28:48 GMT
server
AmazonS3
etag
"eef84d4a7321b73260b41707db98756f"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
OexaZ465CEp4uWUlc3V5PKwVFspIz7LEl_Pc88PdaeoIFqaE4rXlUA==
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 1CDC 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=481719c7d00b47a1be0a8332f4ffc5ab&vfdur=165&cbust=1683153993167703
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Wed, 03 May 2023 22:46:33 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
05/02/2023 22:46:33
globalpassback_970x250.gif
cdn.besafe.global/ Frame 1CDC 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.besafe.global/globalpassback_970x250.gif
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:7600:8:455e:4a00:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 20:08:10 GMT
via
1.1 2a9856881d192b485d1bf1928e98c7ec.cloudfront.net (CloudFront)
last-modified
Fri, 15 Jul 2022 20:03:13 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
9980
etag
"9bb76ce5aa5d929a4f69f37b75f469f1"
x-amz-meta-sha256
496ed7d3eb868f74065c9c4f435b0d4afee4a9f37bc4934e7fbccffeff98d3cf
content-type
image/gif
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
37581
x-amz-cf-id
OeniIzaiC7ZcCVKm_IEKy8Dj-OJlyr5ccwCrKTVsjieoPFqkEOyBng==
x-amz-meta-s3b-last-modified
20220630T185152Z
dt
dt.adsafeprotected.com/ Frame 408C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1294488&asId=8c8ff08a-f9ea-0c50-3b1f-1104d13fc2d9&tv=%7Bc:bAU9LL,pingTime:-2,time:157,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:294,mdZ:859,beA:957,beZ:958,mfA:960,cmA:962,inA:962,inZ:967,prA:967,prZ:974,si:980,poA:980,poZ:999,cmZ:999,mfZ:999,loA:1073,loZ:1075,ltA:1113,ltZ:1113%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:157,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B149~0%5D,as:%5B149~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tDeKCEr+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C171%7C172%7C18.1352960-70224255%7C181%7C182%7C183%7C19.1352960-70224255%7C191%7C1921%7C193%7C1a*.1294488-70429366%7C1a1%7C1a2%7C1a31%7C1a4%7C1b.1294488-70429355%7C1b1%7C1b2%7C1b31%7C1b4,idMap:1a*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:23,sinceFw:133,readyFired:true%7D&br=c
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:841d:db90:f6f3:b6f2 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
IAS_PassbackAds_160x600.png
static.adsafeprotected.com/ Frame 1A1F 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_160x600.png
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1352960/70224255/xbbe/creative/adj?p=APEucNWkcZqnkVmkesuUrqsTnH2tUrghoQk1-YLL4wGGgy8azDUzW5Q&d=CokBAKAmf-A8LXt1rvPA1SpOoMu7NOaaJafGn9ykbw6wEvBJ3hY23k4d_sdQCForI8ovtLnMpU5ClZAbyKRE1LldC8EawX6erRAirwsyS-N8MYsILpYvVhLXvos5IPrf1QvXajuvHglfmWGOk6sl3cFNJdUOp-3CmqXDsD1ji8Ww9KRrjQ_w60pgIMYSuRQAoCZ_4AdFIpqD4WdUV-Qd6ycmp4-ysz2ZeUqc2J7_x9E7Rmzub326XTWQGpn9dYNcokrCG1KYzbgY_vy91iS1ccCqApy64l2GOEoCNJsLUSva-5hWEZlC7tzCVeCw2o4FvDCnoPs26PhbfTMGxIOQd_voEw5O5MBw6ARm4eUcv1n0hE0PwSI0fPBJAY66nubu7FTNKIMnH0UeE1lJB5IX1aIpYEyadfkvJX8k5vUpVNpzD8SMqftI_GvAuWzt3ZQZ1iId0DsG1CmA2XOltk6MLe2JCvZiyob2t-B2ExczKOtjMvH27kbBSi0cW4tQupVdIfsDdoH_NpGrYD8c1Di-ZNuxJq19b_yYaQpYVG2_gA0howzVr18XsubjA2bxNMNpc-Tul5w9gOqt85jNFUlSCEaHm1GmqTfZobNDNEIkZCjlJt6iKmvLDZVfc2C7T1Rt48LzaQi6d3j-hL4M1HhzV8whqlqo7tgpn9zWtpvcxBH-a1VK7dYxpPFKlSQ0WBqTnyb-8VqfiDrXglf58VkIKZQjvYAlo-XeTgErA7GV_vJrVkdUFYNj9klkm2JS32R5kf7MdnKkugfPEveSUlm4vJMxEcxzGFkYQ-aTZvXhm2nMJluNwgEVF2GTond5mfG1d5cfX63Nhj-kZlBvc4edL5WTrAwOoKbHuzv4EW_OSmB4TQ_oXSZzS0WvSu75Sq-fEOyNIMwQa7JHRytBaLF2jzRu6xpBs0dMLrLOGbB-1bLhj36ylPL4d8P-Ecf3ilFFUYIc6UXpUaIMeFcCrN2uenImS45i5McxBHSEm8Dn08dpIa3_3sj1upRuI6SrGjkeLAasvGCoO-lbD0HwSU8PdN0-iw13Us_Sgymy88b_YAbIORxSDoF7Sp3SQex4n_iEl-9x4gh90QjDvvLO87XhamXQrmTSfBZh64SOuyFLlo6jq21LZRRKWIP0bYuyPO_iP0QfaEUKwsbN0ErAfsJZJ9_016P1VzoL6z8foPmu5sUYZEL0XibkSTWMuU_FFBUfnSj61uJ3YXaGQjVoZhIkw6utLVeSVRD0q7aYzKbmnkLFZm5KAGZg95VnVD66FeaoWAOaNt7Jm-XUQ4wlxbSVJwNuTYyz-C5eAZSYSlJ96vjCrwTdMFBCaVSWHmsxVv5zcnSdqcGH71HjR78M_2zWNTPfOTN99VmzHhfFDi49iKrVnVrpwG6SiKqnRGsw8epe7jQQBZaFYIQVDqqHZgtnjNXi2--_OVf1geBBIcy4HsWc8iIys1oDIDSI5j6Fex2TWBWrOamtqvIA8bN-0HKBt_tamr65T80cbSzEkQdZETlxLZJ0juwOhoE6DZDqn8UsL2kxh2KVfxaztakeYWsLbEcSY-pzvPc7ISYyec6Xy5D8nLpaWutbEyaIiEAIKDUPT9dAlUA9dkdNYclpMeJm3TlFg9esqv4GvoXnpBXo52-6YtR5uDaAc2Un1Y7GQG2U4w77aDwXOblMv2i4r_0_GHV7t3KitrfDKUmVL2mrrUcYp-_o9c6i0PbVHVwwFa57yLN1CF5m0oWaodDOcRWjLm7iy0kxIMqg_eQfFC6a8M7JQsfxtIdtAmz32lXyytSnJ9m5amMDfqndOEMAAImysU2g4FyhvYtuD__ektCYg3cIFYeHuqtWDh90H4UkXAMrHjHMXW0wldcPSyj5O7hxJDup5KaQ6HvQ9ehSGNi1qc56loXX_GNqUqcpuE-O8mTr96dyN2uHokP6ormXejEQli9uSJ3ICZ0BmrkmtXekztjCjtrc7kn6-EbGrxAtZBxDy7IqwYh7wt9d7D_RrSzRdnRMxsbBUrUwdlRW8-95eKvEnMQcFQSlTtVNk_ZbFTv04ff9c68WWB7DbcjvNzR4ObVCtJeIdbA5LxO7djgIkZPT2IXJAdUSfGNrS5DkGnFplETChu0WfubveCAM1r0SE2xpWs6C20WJZrzCZoxP7DCaPjF0UazywVGsfP3DtI6M7rMpfGLiIW9SvgCInZdNMhhESAdGwCT00GZhV1NAT-b2HvgSTLoZrA9SY6bCBBpIJp92177XhmYl-WKI3-ZFkyhk_ZP18ga16xS6rhv90bh-_fqRuDDj0LAHV1_n5FJY7MD6kLZrvD8TbkUflO5GPcYRdJa5aEkI3FP8q1-qPz7SJLncOb2XLPpf3xcNrG9_uaLQKtrbvUIlNARSeht57sJCAZB3yWauWphISlSjxJBtYG2FU0ERW_0AZ3F5nago-JyhkuEIDRe5iV3QsyPJiMHb8fUlsSF7anURFNBIrMDJSdpJ7enPKMAKedBrY-1XM2MdVE8lGLLkhHaeOuAM0M5uDDSeLlELTALT-L9DUhER0zZS1BvJVxlktBJYOQ45sBmlll3IoifXi0SpvaEOE1IgzXvnsvuKsEQ-Atydti_lQf9jWPY1Y5ap-vYv84vUn3BzRwTvMWHwh4sbNZdMPF87hkX8h9rWJTml_2yYNPd7ErjNUJ-TEt38gs5pb1mp6uISpXRKcLV9osjFCxjw8aFyRSM2XgivNZQLD3D5zD_VgAK7YcirGte3NmR6OTpZ0ZraX-EfRB7hzEVe2UW9InsAw53oaR0fwEiPhkjOqp0nvVIy-eNxFGulQqvjbgj4sV5hpzBGyL4wRRSsdGSRHEAsT0N0VeMF0kW4D3Cer3esK3PsLk9zbl0933TccAFWs_o0kSKESJ1RTP12LVPML--V9pz1D98lwBQARMLlFdNzESNtwQ1lqBYY5dwt9BRxk6esrtqqj0vp5QOTp_jbqZcbzie7SEhJx72Y4UpI_5k1py9jP8DHXgXlyYZWlM6BLtr6mtBGepdy4lx8Riq4vthWqtpwgcVn6_QifRF6RNZZwBjDgdfLRSQm8OmJmm6z4Dc6Fq-KQl25_GOgC9nPjlcTFosghII28LlXGWSQUf_NkUx0fYl0ajocU7ojddgu_az34pImdfCBAjv0T3KuNQLPtDlSqDBfG4JntbmpA1xliNZkToi-ro9FlPQgwI1b5uihlSRBev9a9AFajuLdKbkJhGNJXN5oXk_6o0fFYFpi-46TTpH-4sXzCFFtdyMgaMXqW7o0686umrn-44ymDxKA8uuP-VjL-9E4LrCsGOrIdJE-w1OzTPcvyKaZlq8xcB5AJoPgzFckOilvauq_hAeN38-b36jMDsFSvbCPzhQDX2xMzmyPL0vOAXNngafE1UJhfDxpr_uvxY77vplz1T3iHGHs3rVrXmtc2nWHR0GJMCr_RRWmaZSakeQ1deHLld2sQ-tTEJcYQH6wbvdGCqh7RXaLseFpwYYUcdp3aFsITlQf7iT4yItXrgaE20SdevqsK-SrjOdo9n81pvUGGCj8NA58tLItkiHL29zIyze6_yknGQQSy2JQSbWlwYPebBcyjnhX_XoWf7l4_rNtA1sZmof8ELqFQ_vhjbVru50tG8ayE6qwl9jgw5Z7VbRzaPmYH7ZkRXJB5chko9czkD4D9zS45ZNeGkIIBBI8AHKBCIMMx8TfmWwEGwefmLCEB8uVBGhcxTaTxmH8n3wRV3lqSJ4lHpUZN--KUeBNsJ0g_Ur7BSK3riFIGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-6396844742497208&ias_chanId=1&ias_placementId=18513634021&bidurl=https://access-excel.tips/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j2cVvXih8UnCD5ZHDiz9Tb&adsafe_url=https%3A%2F%2Faccess-excel.tips&adsafe_type=y&adsafe_url=https%3A%2F%2Faccess-excel.tips%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:fe5a4122-8af7-99d8-eeb7-3ae58fa15d2d,c:bAU9Hy,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d854c4bd6-vmzwn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tDeKCGG+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C171%7C172%7C181%7C1821%7C183%7C19*.1352960-70224255%7C191%7C1921%7C1a1%7C1a2%7C1a31%7C1a4%7C1b1%7C1b2%7C1b3%7C1b4,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,tt:rjss,et:19,oid:59ab71fd-ea04-11ed-a28d-165d53dff056,v:19.8.407,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:8600:8:48e:53c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

x-amz-version-id
Ax9g4_p37qT.TuZCPzwZssuxM41dY1J7
date
Tue, 02 May 2023 23:43:23 GMT
via
1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
82991
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
16777
last-modified
Fri, 18 Feb 2022 23:28:48 GMT
server
AmazonS3
etag
"eef84d4a7321b73260b41707db98756f"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
UpKp6_5StGODkR0kM44BDS2u6ewudiqW0f7B0s-3qIWLFVDNoiXDIA==
dt
dt.adsafeprotected.com/ Frame 56B6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1294488&asId=e6925260-3999-34c6-452b-7b61138e9534&tv=%7Bc:bAU9LN,pingTime:-2,time:117,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:313,mdZ:838,beA:978,beZ:979,mfA:981,cmA:982,inA:982,inZ:985,prA:985,prZ:990,si:994,poA:994,poZ:1010,cmZ:1010,mfZ:1010,loA:1059,loZ:1061,ltA:1095,ltZ:1095%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:118,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B112~0%5D,as:%5B112~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tDeKCEr+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C171%7C172%7C18.1352960-70224255%7C181%7C182%7C183%7C19.1352960-70224255%7C191%7C1921%7C193%7C1a.1294488-70429366%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1b*.1294488-70429355%7C1b1%7C1b2%7C1b31%7C1b4,idMap:1b*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:16,sinceFw:100,readyFired:true%7D&br=c
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:841d:db90:f6f3:b6f2 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dall.js
go.ezodn.com/hb/ 		660 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/hb/dall.js?cb=195-2-55
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Mar 2023 23:15:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3021966
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2BSUnfNWwCPcTTRxIHIe3X3Ly4iJ8gUQjO5CDDBHJY8ugIurCsQqW5aO%2FbsQ%2FtHt8Z6Ixc3TzpVM%2B12cMaQhX7WC9zvUQmPpWhwVNmJEFt82foSBR9PtwfPiSSFj3zztedsd%2FSM6mkJ%2F6jE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7c1c0a696d059bc8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2877 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
26925
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 15:17:48 GMT
etag
48472445140208031
expires
Thu, 04 May 2023 15:17:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame EFB6 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 831C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
26925
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 15:17:48 GMT
etag
48472445140208031
expires
Thu, 04 May 2023 15:17:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E8A4 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
26925
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 15:17:48 GMT
etag
48472445140208031
expires
Thu, 04 May 2023 15:17:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8643 		0
0
truncated
/ Frame 1CDC 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1A1F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 56B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvHzrj47gpFdqmLUiRpf2N22Ys3gXLtmIG8_Oz4STcaXz-AcaUL_bpaGcQCShjlCeW5pORLgT_n0xDVrRMupuiTPgR_tgGewdY76qYT_P3oB058IOXxJxafxVQIqypI6GN-DtmpHhSj8uH0UYRKnKLfRqzoYI6dxxmwUMY5BCyG5tEKZp59yHpRKBEqhlqjwKXmNMqsU9rp1enth_PNjrSKCkhzP51rRMIKDZ_Vloj13oNd4e3H5hWKv9z73aCHJg762k9sBov1K-94wcFpRW1_zmcyqShxfPPXs_gkHfiXdvw2-gE_KUBrmI8j8hhLw77xiIraDxAKG0S7bt8qNn2K2_1PqlXgWys_xTKtyTk0uKlvOIEnZfMsqwpn8hG-Cgrl2ug81LfmZK0pvo_ZjRywTitm0DEej0C4p67A5xHkfpCQMklliJwF6PO8pWLDS-oZb0qhx-Mtxc54rKHbEPYh1LuJgy78_-zopGhsYqvWmDDJFwm8FmfiTzbwzmthHpwOd4DfNPd8RPXliVRpMAk0d78C37d67t8iibLYdmscB-wBl5O_kE4RzvK5sN77RLuEjc-IJf3ec3f405F_IGX8aNki6NtzLB-Jwi6HThs3YqKFK4G7NcL8nE-jF0oHxOd7M4JMsGuRy-58JI8ogfq7sLHRgQ-fPftfbZgg-RoowoY1ea9_hpOsVHbi9hkAnR0raeNfwTD0SY0dgow5pZ1VoQ0nDcScB6FK0_vTwFiXkLnipoGgo3uDlyHkhLEd6PtB4_PvrU0zWEnfXYcg7A0PDi6pWzDuDV8j4IRD_5T8yChv9DBpmgO6XsFsobOlZWyAi6Jx5gTyQSJtQIFcKLIAkoR1hWGkaFuv0LqmZTXBJW2_3CspY-IjY0_wBFAdzIGCv_plJIFJzo1l8AYERTgpBksM0qg0Ggc_aK4RNnk6Ydl5XQwhCoZ057rEic2h43Qnct2ge5_nDutt6cJLZW5iKqXcME6cURM5tiavdqh9DsPqNw6Y2TfxT_4vUOhtd4p8eD13hCxSzX1ltMHVK5o7S8vCYVHacg2jopY_e6eSpNnsgoLgmtC5ZHo3zgM0QlgQgiABGMNdpgc6x4FdfXp3EyAg4wA_A5TucUS-XIgSzNI6a0BRFWnHRvSyS_2OnnKOezRAPQ8LB-wP4OKds8ArdpoW4MHaDbV2sQWPjI3Hvdu7jIKWHWHWbGp7rZMJID6tS_JRm50GFiVJY4tfjGqj6HJQWljJsk3QQotVwSUfBo-67T5wT-_eNWuf1DwqhDb7katYRO2aS1glpK3bn0_NSffq-3vR_PR6YCBn02ebHoAejcAhe5d2Chk8D-C_t9vyyBHy&sai=AMfl-YRQY6c2uNNWDHQL-zcAWKQ6ZOL8dP8DDcMDfw7zDLq9D7k8ma2jRgjzTYr_5knHWsk6-L7-2EAJZcrTNPy-WSI3rGaS6IIUZRiDdJzwgaLXHTZmvy0Wc-bCGC6FNYw8_Z6A-qHAZDqUM2D-CPhIVv-pG9PZdfWuZdxAvVYsh7-Fsaj_AYyobcCai6m-43fQ1V_0i6v1TQoChtZNsHgJQ3CSoS5_SgeM3UTFzGeqwcjB1Zvwr3JKhf4DCdqB09zFb8IMaBQ&sig=Cg0ArKJSzCvoboJZy2j3EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=877&vt=11&dtpt=643&dett=3&cstd=227&cisv=r20230501.12349&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 03 May 2023 22:46:33 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D2CF 		0
0
view
googleads4.g.doubleclick.net/pcs/ Frame 408C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5Dx_M3pjDqg0U-LMvxTFbluDqVm2fPRyL-_iB_Ha9QTHxx3l2wv85ud2aJ9HWSnG0R48cO-6x5G8LSc5PT_T3_8bZM-g5FwLSYDOJGFQZ6KwH7KpUm8KB_8I22cFcu23vSvc4DlXNt8vUsWbPWzd0WdMiyJ0XVE07qCbiHIFMlEwAA5ofsPxwNjbSKVnztU-KVdSd0zdLRtLxg4jllfti4N3VYA1fwf_HEax515Ha5fexYExvaYy6TkGMHRnwIbQpVALunJoNF27UeA1wMMNm8_wUGwUVp6QPrezzLl_H4imAcxhs8I8XfFmPwdX6u5fLygyNzRj9NS01xT9X2m9x9_u01yxLk3KR_R-SBIF-BWIqHHNjMcTC22Ep-YtlP2sQFO1SIrImUNeBmrRJJCHzTYwLnq5XTrlhyb8XtCiv3w_rFauexLrqEGzX84lBogu_AF1kTEQ3VSo8FJv5bics0W1iwUyOclMRxcVcz8S42bubB2gCmtx0w6Aq2VMsdfbLEvIRRmna2Cy8BOsSTErtXzfsLroZLDvGNatL-q7u3_K13Mj9ATN4RoXdFxKy38qJZavoGRPZ7CltocqDPjuROtvYzIvLWv8GxJazqjZ01ZVMMaXGyhbVNRb4Pw3dS10KMnzz7xQYxTNCNpnqcrsij6HqpyzQMWbIDYz2z0kFe6-k_S1H63sHiIdw8fGa521o1mSwANBAcAERSWs95sk3xyd_5mdh7WvWB0hmwUK79yf2TfD18V1JFb0Mw5JieQTUG8PhwzovDZzAiqYe8Ot-Sgr1kw15NpbnLpWr-Y0Jyi0y0wv9xJMSzvvraU2KFNoVEA8fzqnbUMYhAgN6aBlI_vM9J1ko5c_anJAwQUSLVPrZ52aArS8CsXZkqL_ttSH9f_8d_PEz9Pih4JXbmn8LIXdxN0UGHkWa4WlVmSKoMLFQGSrF-ZgpZqsVsFKbt9f4rI2Je1nKh-p-aogM-zQNNdIMY8fiA9ZhMYQQjGE0yl-I1PxMnVwzv5r-CqK2uDVqedLC4y73reNofQ2MSzbVCkwL8Xktdo8IF2JeNotr1qopt_dH-OfFXOJ75fgP321YKxi3iWFupGZOz5c3zvzT5d_xLhfqP7KWavbQEnqGzjMqGVH6P0xHJLqFi8tHq1UfKbo6H5GdNYSg11GKPcf7AhMhgN_0_W94ja0m4fJF5exVmKhqTcsGutes5b-nnq-sGmubvNn_YR44c3KN9kfwIbtwhXu9liBGoBHjzkJLTsdLABUOun-ol66lcAPQiplSllD7-BQYTmE8G-pbDyFfX3sgA8y4-jhJ8LxQG1VdXgDy-P7IZnRby_C8xRdRbg&sai=AMfl-YQxjbeFIYv2xBNy2uKKbyI7_e8WS5goozOK3nYtQ7uRkuFtkYkCbrm1YvPGjXHhoCrYScs4OT8ej_FtOolQ_TJIulPidAHqdAw2D1EUGzoXcjnLFp3yMaTbnjl2xcRTcnNthejADjBK4e-oKlWLK5JxtHQG6V6lXrQ2OniYTrEOv2qd4Es2H06JylXEBW80sdA5REOhY0133kcLkkzeavB7mAGkFXexcZl-_fjCaN_zGblfJ8vi0_5fNmq262m2mQfhQiY&sig=Cg0ArKJSzIpTIfugkFkqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=932&vt=11&dtpt=679&dett=3&cstd=243&cisv=r20230501.26625&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 03 May 2023 22:46:33 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 408C 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu_kfUjekjswuRuujCabVWDUTc7IMt0k2LTxsJPWwwgo_3Rz1CK9AxQKuZXH2fyoQVXzm95tLHW_eDtuJDDx5QF3_avhQSIAvKdI9Nv1KASFP0duA63jM0Sa2A7WwPx5n0wvqyn54xf_1uZYY2RYY2nKb0fNPX3iPZTBQ&sai=AMfl-YQmXS4pHQfRqx7vpIuXvxdAwYJIPOoHetKbTI6SVCWeaFs7bwezKy8Drlk5UDlkWppGDq2mOE84fRVO42Ppb-NkQdDB3QSMKTqYvXIKIMj5yudmEJmRnhBNqlg-WpE&sig=Cg0ArKJSzPbA7PpTxnyPEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 56B6 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvN7LEGpdoUbuDfelsQilAl6w0GcnrJXIQBDmQkO9vvxyE_-Kro-QhipcAVxqRx_4JmxT-fDl7y8tr0_qwW9ortLyA1fVPZha_qsu-vceyu3DVQCIwDLY_KzWqDJ5kBCp-vLz0TxKTOA9-jJYDDJGZZXuVQ2reb2bAbkA&sai=AMfl-YRjhvcrDS-YnyUgBz7JC-E9Yg-BB0zIeEIATMT3kpG6bVhtGQgl7leIfjDN64eXNdc5eGasmX8EE3QUOaSVFH-2VKW_8ax-v9y_RQIhOpQh8OZktaiiEZNbZnnOBUE&sig=Cg0ArKJSzLtYPipFUIWzEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9533 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BP-qRSORSZN-dFJq-3gPh3qaQDwAAAAA4AeAEAg&bg=!BQalBlLNAAYcDqajPA47ADkAdvg8WlNLxBfQgqDIELUaBP5s6HyB_BeqqQkm56Bs63rAr5wGgUpkVWzUB643xdETGWeh29-QXUsCAAACU1IAAAACaAEHCgAvkc_lWpiGEuUMza-n1ksrKrcEjtgJ7mIEdr5StpGjbG5NctDd1Deo973AxpoiA56ZAxDERovbLorHUebczA9A2CDWn06CmZZUQFnZMAEOPW45q2X5psOD5iA3Tk0Y65CXNwaO9I1URxI8N1tezz1xFIpdXWJyXxWOWRX_iXXZBR0q3b3w81paFw4WFi0P4MHaAj6mOxh-tWl3UlEcgTGZ_6bycwBA4IS4xQNLmESMq_uIOyCIuToU4irHt8OeKyKvYDBMbhaEPzG-idGakIMq5zu8pnizBCK46WK1u87FW15WX8qyNXANF2XT54SW-e-YpKP3HvhvjTb8MOFTe14D8rQ5jFQPIb9y8NLMNp0xDmE7bnH5g448f2tOXI-tlg4MNK9qxPpUflebVqrplUgYqT9469wJa3V6sMOp3H60UA_ymMCEJelRNCKJ9_u7Sa9f0n6QlrDfOOwfyAbxNQFHdGd8SlMFotBm5mGJUYOsG2aPt81n4BWP5B-1aFhWd6tojHNwikPpU8GuzmOoZhZ2JR7UJkW5qaQ5Zb8mExGVgpdDpf8S9zcQLUjNmv-cw9eNH0ZxUKyiuJUqDuCCm8Wu2iv-mdOKYzl9PiRUCqcPdRGIRXVnknGk67FHYtVVZ1r8-qQaNR8D2nsbqg_0HTyCMHl-r-CuuB7RPl2hvAl9_2JksqmgwA1W8MrFdE4jqGVZ3nMZ9K457jQsyyAtmjCvY4NlSYqaunLC0usNPS07V6XH4OwlvBe4EI22G3w530O3pmciSA9Wbql0gnaMwHqwr1iao5lMyhWZ5tGc7WHz-TRacaNw7whgWPU3HweO5QpIETj7EwdZVwmBBPTYXvlHFueReHgKNWjiguPKOnXTc1IFGlxebb2QG2yu5Y3RK1j6ULhlnJXsIeSV6iDiZxpXCpCV6W9W_355_CBb8uihaBlqzfqRL7Q2lK2dLe69Hy1oD2g_taaESOTF8wCosI4QnOi7-KjXfJMNWYuT0a1e8VU8NDpsrpHTDLFDkoRc7itRYmQEnSkS7UoYuPgJThi7ngXmwPIhT75_-PxjEdvRyumOwen5nv8B6YSzssfpLAN_135TMU3SfVfL3nStwc7M4Aqp
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3C0C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BrDumSORSZKfwD-Oz9u8PhPSIkAoAAAAAOAHgBAI&bg=!WFulWw_NAAYcDqajPA47ADkAdvg8Wh03EIkB4-SMSSjNAeM-IpGMWvcquuqvjdjdUVDNljxnhnl4fknbfn-Q4XDzV9dp1GqX7zsCAAACTFIAAAABaAEHmQM3005OuUA91J3TIKTU0ZKpGT5Bo5PenYfXr7YW5as9InEzE06ucf-qdMZhjrjOnDaabXb1xQOh13njiKtoqVt2KHm_ImMSfF87Wotj0-VPh_B0j7JnBznWSY6go9AghiDvbcjhad4-KD0uOX03jnlecF6EVjsRofqufilbBCNW5_LkMKWZmB9UBCg3Xjf8l2gR24aN3xJH7P6jAHUzv9oVc_YIAWbkhTYKX3odNJiFT1IIUjH1aD9Uuk-FIAhuy8V9ynnPQ8pqFbANMPdt8e84LmE9ymL_6BoelPkIzrSO8P21-0EP95_AiGwIhgc8e33OGXuiyEJsTR0Axh-hUBDqp7HoaItzRSo0cv6DCDPIHWO-rNRD74enYVroDAdWMvKCaoTx_3nxG81uBeQyV7UfizVfCZ3rsUEACCUaney1Opui0V0dDUSlc7tfA5Q5b0bQKCC5xqfYPvktks_9ZbKNM2dgo7Jy81M46XFwqT-hmEraIwkeXpndIY1wYMq4abNRKa5I6Q6396XhN4RFNjPy1BFmmtVPNZsxIY8BwAuvHvHfNVc9q8ncTWRRuuZrXC9S9NsnIKk89anbsdo7MOrB7ucY_DiJiYmT4ShoLED20SgFgACVRj6IJJxr-cg1BVHWWs9CTGBoQHKYBM8xcZYNVinhe8285yVInfp9Ts0eIHnAQUFUC5vW3WqvJhcQBq6ZamvwKLTipm6Lo8RWaAlAySpVyH28XqrbHdVIv96pymi8BP5P4Gmlsz4lLx-Hb3pPQ6Qe0xcbFsvUl2RUCx0HIA_yKj6YQyJWcsksQMtQJ68VmwIeQmgTDEmn9lbGlZyV2N1S_UAfSyondtoGnm5R4VRjtgFkAHp2yDNgLjGkziqRzG6r4Fzc341KSQ4iImwzql04100zeBcBUjGtLC93Q3ceH78tj0qWp_NRIaM5Wk5Kw5TmD93262iVHvN7aPHsepqYt0u0DjfQgS5D2ZOwrZS8sYcuOSWj2mRT0k1YVuXw8bw2VIX-OJxVwv-bVKwSDolpPm00ghbgxjIIiTMJe6-B5Uhf8_SWoCwvrkFmWoZBH8eOkoWfYklbRA9ZMw3HDfeIqfxlrA
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 2877 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEK7GFWU3sI4fmlIQKtldY0c&google_cver=1&google_push=ATf1kGMmC3YVUiAT85C_LxQ3eRfRtjUPvJxE7aeDecYz0vQuhrjM18sN9iZTi8CXPU27aWpgtrG9BfBXvy_HbV8nv0KluBgb9_RQ
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
gcm
a.c.appier.net/ Frame 2877 		0
0
pixel
cm.g.doubleclick.net/ Frame 2877
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TYK5MNS2QYqQiKDP_NB75w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TYK5MNS2QYqQiKDP_NB75w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMrDDAIzz9pFKRywvPVYwvw88S3qN6P3ev19QnwhjvmJ6eu2-PYM8utX93ZPoIuaEWU6yiyrt13I6WJQmFHjnGQ6E6o5KCT
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TYK5MNS2QYqQiKDP_NB75w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ATf1kGMrDDAIzz9pFKRywvPVYwvw88S3qN6P3ev19QnwhjvmJ6eu2-PYM8utX93ZPoIuaEWU6yiyrt13I6WJQmFHjnGQ6E6o5KCT
date
Wed, 03 May 2023 22:46:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 2877
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEO6bWtpqFaWV2rololLKgbA&google_cver=1&google_push=ATf1kGP1FNt2spAmche1uM6ZppHr1nEzXLQpXmT4Jilhtq200zUn3xE6Vjn8UPZck3sIL1vKRfd-Jo7sWd-1ri9bkkPARg...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEO6bWtpqFaWV2rololLKgbA&google_cver=1&google_push=ATf1kGP1FNt2spAmche1uM6ZppHr1nEzXLQpXmT4Jilhtq200zUn3xE6Vjn8UPZck3sIL1vKRfd-Jo7sWd-1ri9b...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=n65ZATiZTaKcuecATZZwqg&google_push=ATf1kGP1FNt2spAmche1uM6ZppHr1nEzXLQpXmT4Jilhtq200zUn3xE6Vjn8UPZck3sIL1vKRfd-Jo7sWd-1ri9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=n65ZATiZTaKcuecATZZwqg&google_push=ATf1kGP1FNt2spAmche1uM6ZppHr1nEzXLQpXmT4Jilhtq200zUn3xE6Vjn8UPZck3sIL1vKRfd-Jo7sWd-1ri9bkkPARgtXR2R-
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=n65ZATiZTaKcuecATZZwqg&google_push=ATf1kGP1FNt2spAmche1uM6ZppHr1nEzXLQpXmT4Jilhtq200zUn3xE6Vjn8UPZck3sIL1vKRfd-Jo7sWd-1ri9bkkPARgtXR2R-
access-control-allow-origin
*
date
Wed, 03 May 2023 22:46:33 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 2877
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEB-DQIdRYlMeoCTyF6vmU_E&google_cver=1&google_push=ATf1kGMgKK80v9KTe07R7EzmxKNPGGXsVHhnoSacX4oQ8DRe_S7Un0hUMuhz-UitoWPub3U8tZNPkLUNk6xqz8KIiXEfUSPVSbAA
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUxNzI1NTEyNTg4NzcyMjM5NTU5&google_push=ATf1kGMgKK80v9KTe07R7EzmxKNPGGXsVHhnoSacX4oQ8DRe_S7Un0hUMuhz-Uit...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUxNzI1NTEyNTg4NzcyMjM5NTU5&google_push=ATf1kGMgKK80v9KTe07R7EzmxKNPGGXsVHhnoSacX4oQ8DRe_S7Un0hUMuhz-UitoWPub3U8tZNPkLUNk6xqz8KIiXEfUSPVSbAA
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUxNzI1NTEyNTg4NzcyMjM5NTU5&google_push=ATf1kGMgKK80v9KTe07R7EzmxKNPGGXsVHhnoSacX4oQ8DRe_S7Un0hUMuhz-UitoWPub3U8tZNPkLUNk6xqz8KIiXEfUSPVSbAA
date
Wed, 03 May 2023 22:46:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
cc.adingo.jp/adx/push/ Frame 2877 		0
0
0.gif
id5-sync.com/i/495/ Frame 2877
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEG12Xl6ebD_IPH8R8N5_vtU&google_cver=1&google_push=ATf1kGPv4tGfcG_4Ieu_yEpkCkZ9JkV_ngxt5R5wsKLg2IQwYEF8bZ5XBi5nFpfwZMkH78sjALQatLQRXTUljtJl82d1tKmgo78vWw
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGPv4tGfcG_4Ieu_yEpkCkZ9JkV_ngxt5R5wsKLg2IQw...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGPv4tGfcG_4Ieu_yEpkCkZ9JkV_ngxt5R5wsKLg2IQwYEF8bZ5XBi5nFpfwZMkH78sjALQatLQRXTUljtJl82d1tKmgo78vWw
Protocol
HTTP/1.1
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 03 May 2023 22:46:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

date
Wed, 03 May 2023 22:46:33 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DATf1kGPv4tGfcG_4Ieu_yEpkCkZ9JkV_ngxt5R5wsKLg2IQwYEF8bZ5XBi5nFpfwZMkH78sjALQatLQRXTUljtJl82d1tKmgo78vWw
x-download-options
noopen
vary
Accept
content-length
273
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame 2877 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LOY-WX6b0n_t7Ylf7TGzC8HbC3mdqTa_Mgf_W36DsgMDa42AEzK5wPzk4GiI8B-nEDRPYv6w
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 831C
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEFR6w8rOGMex8uL1sGJBVkk&google_cver=1&google_push=ATf1kGNy9FAUaDYAWd67QEQ4dd9BKmmVXtVIoCJjbUabgVtQHX4b2AYIrd0ncoJ1SAy9dTQzppm4z...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGNy9FAUaDYAWd67QEQ4dd9BKmmVXtVIoCJjbUabgVtQHX4b2AYIrd0ncoJ1SAy9dTQzppm4zB71qrE6vzmi5-KG7OwUwMmc2Q
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGNy9FAUaDYAWd67QEQ4dd9BKmmVXtVIoCJjbUabgVtQHX4b2AYIrd0ncoJ1SAy9dTQzppm4zB71qrE6vzmi5-KG7OwUwMmc2Q
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 03 May 2023 22:46:33 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 87504DDB4ECF4E05BA0CAB8609E903CC Ref B: FRAEDGE1705 Ref C: 2023-05-03T22:46:33Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ATf1kGNy9FAUaDYAWd67QEQ4dd9BKmmVXtVIoCJjbUabgVtQHX4b2AYIrd0ncoJ1SAy9dTQzppm4zB71qrE6vzmi5-KG7OwUwMmc2Q
x-li-proto
http/2
content-length
0
x-li-uuid
AAX60dPi3weEtESSSqMm9Q==
pixel
cm.g.doubleclick.net/ Frame 831C
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEC4GMZz2X8Wcg9FJmo4b-dQ&google_cver=1&google_push=ATf1kGP1rEez45_a0zXnZkxrOZIZ3jbnmeOEXTzjGWF_5iCA1If4JAQX6ULtqMxmBUTtn7Gwrjgub8DD7rH...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGP1rEez45_a0zXnZkxrOZIZ3jbnmeOEXTzjGWF_5iCA1If4JAQX6ULtqMxmBUTtn7Gwrjgub8DD7rHinSqI1JGQcHHlAVYj_w
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGP1rEez45_a0zXnZkxrOZIZ3jbnmeOEXTzjGWF_5iCA1If4JAQX6ULtqMxmBUTtn7Gwrjgub8DD7rHinSqI1JGQcHHlAVYj_w
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ATf1kGP1rEez45_a0zXnZkxrOZIZ3jbnmeOEXTzjGWF_5iCA1If4JAQX6ULtqMxmBUTtn7Gwrjgub8DD7rHinSqI1JGQcHHlAVYj_w
Date
Wed, 03 May 2023 22:46:33 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame 831C
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEAHF_LZuWQfvRiEw8BsM60k&google_cver=1&google_push=ATf1kGNxbuv0JOT_A9QzrZixVcYG9Z-XUq0cS82VYNiquRbSIxvpJV_8heMqYgUgnSn8PsR8E7L-9pdgCcUveHs5...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNxbuv0JOT_A9QzrZixVcYG9Z-XUq0cS82VYNiquRbSIxvpJV_8heMqYgUgnSn8PsR8E7L-9pdgCcUveHs5cZIYTY2XXPJoNg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNxbuv0JOT_A9QzrZixVcYG9Z-XUq0cS82VYNiquRbSIxvpJV_8heMqYgUgnSn8PsR8E7L-9pdgCcUveHs5cZIYTY2XXPJoNg
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 03 May 2023 22:46:33 GMT
via
1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ATf1kGNxbuv0JOT_A9QzrZixVcYG9Z-XUq0cS82VYNiquRbSIxvpJV_8heMqYgUgnSn8PsR8E7L-9pdgCcUveHs5cZIYTY2XXPJoNg
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
UA4vmwE9GjIyrOhRWal9dQygfoiOzjE1MpiA_by8j6oKxzOeRoTerg==
pixel
cm.g.doubleclick.net/ Frame 831C
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEK5tKrSXQkeDTKoFhtfJltA&google_cver=1&google_push=ATf1kGMqv_Huv2OlIAGeC1nFg0z2aVTCStM8u_49AIfPfRcnjNNiaittFwfYJtcm2_STBtnp9UAAigSzFo1ssqwBw_w5JzmpE...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI2MTU1NTkyODI4MDcyOTAwMFYxMA%3d%3d&mn_hm=MzI2MTU1NTkyODI4MDcyOTAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGMqv_Huv2OlIAGeC1nFg0z2aVT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI2MTU1NTkyODI4MDcyOTAwMFYxMA%3d%3d&mn_hm=MzI2MTU1NTkyODI4MDcyOTAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGMqv_Huv2OlIAGeC1nFg0z2aVTCStM8u_49AIfPfRcnjNNiaittFwfYJtcm2_STBtnp9UAAigSzFo1ssqwBw_w5JzmpERd9_w&gdpr=&gdpr_consent=
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 03 May 2023 22:46:33 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzI2MTU1NTkyODI4MDcyOTAwMFYxMA%3d%3d&mn_hm=MzI2MTU1NTkyODI4MDcyOTAwMFYxMA%3d%3d&google_sc=1&google_push=ATf1kGMqv_Huv2OlIAGeC1nFg0z2aVTCStM8u_49AIfPfRcnjNNiaittFwfYJtcm2_STBtnp9UAAigSzFo1ssqwBw_w5JzmpERd9_w&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Wed, 03 May 2023 22:46:33 GMT
sync_before
tg.socdm.com/rtb/ Frame 831C 		0
0
sync
rtb2-useast.e-volution.ai/ Frame 831C 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEO_9NLdE6WmRb66kI4jRTP8&google_cver=1&google_push=ATf1kGOAZPzqPQkzpNANaW3tQVJ2HugL5Fyj9Ttq-XzIKw6DcRu2tBd8PJ1rSwCu7_5rXXS6w2dxEf9pLsOyCeLZFTC0TeRZUnnl_xQ
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 May 2023 22:46:33 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
report
sync.teads.tv/um/ Frame 831C
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMR0ZKTeVus198gOlDRltgc&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGPm9dMbgT7XNp0mY4XNibbvVpjxZU_at_8ze4kH4MIeqgLGrEbkwHA8DGmDWIZdplvms0Mc-7HpK4_PQbPY69n5D2t3qDHZZQ
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol
H2
Server
104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-102-35-84.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

expires
Wed, 03 May 2023 22:46:33 GMT
pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 831C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ix6l4bVpAAOksuM3vMyZgUyRybaAqNLKdhuCTqsPjP05-jD0LeEdqq8FC2ycoLbLGcjk_WXvU
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame E8A4 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHkrr2-1BtBB4m6eSKds8VA&google_cver=1&google_push=ATf1kGN7BHSwNSGNckRZlxVFlNJOs7GkPWY4E0yIL1qO8a2HcG8DPNhjhj7o-3igAEdVMUJrt1zaj2dbk6-cAuRQxjxyj31cSWSi
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame E8A4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEK7GFWU3sI4fmlIQKtldY0c&google_cver=1&google_push=ATf1kGMB0SDVYrA3-9P9p3tG0TpwAbqhf7izlogNhN7hqu9FIIrGaxGn8HDayYI7fclcFtk-VWakGTGGLiy6R1kHe0J6_hls9ETr
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame E8A4
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEMqwYuAD_513kEytrSYmPhA&google_cver=1&google_push=ATf1kGPrLJYcRkNFbcnUJlB2dYYLoPE7-VNPsw2paKQmDUj17PGR8m7p57j5dtj2Wxe6cSBxBD0ti0oqB8HAozjmeTgSb_LsBFE
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODc4NzY1OTYzMzlGQzRCRA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODc4NzY1OTYzMzlGQzRCRA==
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODc4NzY1OTYzMzlGQzRCRA==
date
Wed, 03 May 2023 22:46:33 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
us
sync.go.sonobi.com/ Frame E8A4 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGO4C3JB9PQqDyfDIniZTQggUBKmkeXb_T-vT0y0f7L-7I3ZGU_sLlx_RynPPLN1ueGRMCl3Rzu3j4vkLnR328fGui-YDybo%26google_hm%3D%5BUID%5D&google_gid=CAESEIoQRLCZZofREIy9a1ag7zc&google_cver=1
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.75 Los Angeles, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 May 2023 22:46:33 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-83
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E8A4
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEB-DQIdRYlMeoCTyF6vmU_E&google_cver=1&google_push=ATf1kGNXQ8s4k5tzH4ef8xlpZI8Ec4ZGZtyqj97ndzFahOaGV8IUQ4AmorjyX8VOgB8G0Ril91eYIPDqDjg7sgjKEiKNGHZi62YG
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUxNzI1NTEyNTg4NzcyMjM5NTU5&google_push=ATf1kGNXQ8s4k5tzH4ef8xlpZI8Ec4ZGZtyqj97ndzFahOaGV8IUQ4AmorjyX8VO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUxNzI1NTEyNTg4NzcyMjM5NTU5&google_push=ATf1kGNXQ8s4k5tzH4ef8xlpZI8Ec4ZGZtyqj97ndzFahOaGV8IUQ4AmorjyX8VOgB8G0Ril91eYIPDqDjg7sgjKEiKNGHZi62YG
Protocol
H3
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDUxNzI1NTEyNTg4NzcyMjM5NTU5&google_push=ATf1kGNXQ8s4k5tzH4ef8xlpZI8Ec4ZGZtyqj97ndzFahOaGV8IUQ4AmorjyX8VOgB8G0Ril91eYIPDqDjg7sgjKEiKNGHZi62YG
date
Wed, 03 May 2023 22:46:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame E8A4 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAbtj84MA9Fiex6CMXK4n8g&google_cver=1&google_push=ATf1kGMhcsmJmioJqIi1YTdAUCmda0xi9gpcOnIEVnn5qYXTDvhgjym0HQqBN13DI0EEw5lls4m4ERzJxh86wJLD3wrPRjc_qxGH
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.151 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:33 GMT
content-length
0
/
cc.adingo.jp/adx/push/ Frame E8A4 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame E8A4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ihs5ea1KqKYBZ1nFSLVu3zj32k3XFG__IFKIZmGQgdCvXEHyI6n5v44sGu3RIiPN8CVQ4c
Requested by
Host: 66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
URL: https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
localstore.js
script.4dex.io/ 		483 B
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-55
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Wed, 03 May 2023 22:46:33 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
185812
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=joCZJmp%2FAA9zpAL1hRKnk1bmMpUnpgj8JRE7yJCrXoxoneN5MzA88194%2FB5Z4DZ4GW82Dp2Dgv6Ae5zREjBilwJ%2F4PtgE3wYhXpBIkOyRyzdSwOkpfWb1DNRpMRRoa8vASZrRiosvenchI%2Bd"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7c1c0a6b8c64bb9d-FRA
fastlane.json
fastlane.rubiconproject.com/a/api/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=9&rp_schain=1.0,1!ezoic.ai,ddb65775fd47b0a80d7d93e5f1900884,1,,,access-excel.tips&eid_audigent.com=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y%5E1&eid_quantcast.com=P0-1934290940-1683153988108%5E1&eid_pubcid.org=58151e3c-0f31-4d9f-9f49-a8e27a8d3e7f%5E1&rf=https%3A%2F%2Faccess-excel.tips%2F&tg_i.domain=access-excel.tips&tg_i.page=https%3A%2F%2Faccess-excel.tips%2F&tk_flint=pbjs_lite_v7.42.0&x_source.tid=e0ce9f05-7244-49be-b568-87095c7e411b&l_pb_bid_id=29cd210b772147&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7084410564635442
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-55
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://access-excel.tips
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=9&rp_schain=1.0,1!ezoic.ai,ddb65775fd47b0a80d7d93e5f1900884,1,,,access-excel.tips&eid_audigent.com=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y%5E1&eid_quantcast.com=P0-1934290940-1683153988108%5E1&eid_pubcid.org=58151e3c-0f31-4d9f-9f49-a8e27a8d3e7f%5E1&rf=https%3A%2F%2Faccess-excel.tips%2F&tg_i.domain=access-excel.tips&tg_i.page=https%3A%2F%2Faccess-excel.tips%2F&tk_flint=pbjs_lite_v7.42.0&x_source.tid=e3054917-19de-49f0-807d-fdbb799fc084&l_pb_bid_id=37887e83ab8c03&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6893556879441389
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-55
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://access-excel.tips
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=2&rp_schain=1.0,1!ezoic.ai,ddb65775fd47b0a80d7d93e5f1900884,1,,,access-excel.tips&eid_audigent.com=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y%5E1&eid_quantcast.com=P0-1934290940-1683153988108%5E1&eid_pubcid.org=58151e3c-0f31-4d9f-9f49-a8e27a8d3e7f%5E1&rf=https%3A%2F%2Faccess-excel.tips%2F&tg_i.domain=access-excel.tips&tg_i.page=https%3A%2F%2Faccess-excel.tips%2F&tk_flint=pbjs_lite_v7.42.0&x_source.tid=e3f5efbf-c4ce-46ff-beb3-69fe169427ea&l_pb_bid_id=47aa8a3de1d1b7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7977615339330184
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-55
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://access-excel.tips
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,ddb65775fd47b0a80d7d93e5f1900884,1,,,access-excel.tips&eid_audigent.com=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y%5E1&eid_quantcast.com=P0-1934290940-1683153988108%5E1&eid_pubcid.org=58151e3c-0f31-4d9f-9f49-a8e27a8d3e7f%5E1&rf=https%3A%2F%2Faccess-excel.tips%2F&tg_i.domain=access-excel.tips&tg_i.page=https%3A%2F%2Faccess-excel.tips%2F&tk_flint=pbjs_lite_v7.42.0&x_source.tid=4271c1a7-d319-4425-9e92-9f2a74d821aa&l_pb_bid_id=529ccfded65203&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6794838689695366
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-55
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://access-excel.tips
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,ddb65775fd47b0a80d7d93e5f1900884,1,,,access-excel.tips&eid_audigent.com=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y%5E1&eid_quantcast.com=P0-1934290940-1683153988108%5E1&eid_pubcid.org=58151e3c-0f31-4d9f-9f49-a8e27a8d3e7f%5E1&rf=https%3A%2F%2Faccess-excel.tips%2F&tg_i.domain=access-excel.tips&tg_i.page=https%3A%2F%2Faccess-excel.tips%2F&tk_flint=pbjs_lite_v7.42.0&x_source.tid=577151a5-2db3-4dc5-91a5-d0746d7d7162&l_pb_bid_id=6ff54175860c1a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.49979175544800647
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-55
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://access-excel.tips
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=57&rp_schain=1.0,1!ezoic.ai,ddb65775fd47b0a80d7d93e5f1900884,1,,,access-excel.tips&eid_audigent.com=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y%5E1&eid_quantcast.com=P0-1934290940-1683153988108%5E1&eid_pubcid.org=58151e3c-0f31-4d9f-9f49-a8e27a8d3e7f%5E1&rf=https%3A%2F%2Faccess-excel.tips%2F&tg_i.domain=access-excel.tips&tg_i.page=https%3A%2F%2Faccess-excel.tips%2F&tk_flint=pbjs_lite_v7.42.0&x_source.tid=89d8da98-9931-4231-8a0d-3d7e2b2bc83f&l_pb_bid_id=7f600c2413087&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9646791391817457
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-55
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 -, , ASN (),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://access-excel.tips
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid-request
onetag-sys.com/ 		15 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://access-excel.tips
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
cdb
bidder.criteo.com/ 		18 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.42.0&cb=12947698311&lsavail=1&bundle=eklgw193UDNxQ3BPdTNna25vJTJCRkZoblBja2NlSXc2OTJma1NCNFRvZjJ3R1lCU25ocmNkNm1JNDNjNjh2VnMza00zOGI5aE81R0RwUHRFdUpMcElJQzhiVnNOZ1BLcUlFRE1ENzBOVVc3d25UZXUlMkZ0V1czdlF1M3UlMkJkRDVFM05MUDRBakkzMUtvRDNuWnNsSU0yZlQ0TFpBdWNaNk50ZTVJNGs3ckxUMk03MkU5MWMlM0Q
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a -, , ASN (),
Reverse DNS
Software
Finatra /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 May 2023 22:46:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://access-excel.tips
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Faccess-excel.tips%2F&PageUrl=https%3A%2F%2Faccess-excel.tips%2F&PageReferrer=https%3A%2F%2Faccess-excel.tips%2F&CanonicalUrl=https%3A%2F%2Faccess-excel.tips%2F
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 -, , ASN (),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://access-excel.tips
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
14
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
1070
expires
0
bidRequest
c2shb.ssp.yahoo.com/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9691b20174742046e221125d9d01b3&cmd=bid&eidaudigent.com=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y&eidquantcast.com=P0-1934290940-1683153988108&eidpubcid.org=58151e3c-0f31-4d9f-9f49-a8e27a8d3e7f&secure=1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-55
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 May 2023 22:46:33 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://access-excel.tips
access-control-allow-credentials
true
content-length
2019
bidRequest
c2shb.ssp.yahoo.com/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9691b20174742046e221125d9d01b3&cmd=bid&eidaudigent.com=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y&eidquantcast.com=P0-1934290940-1683153988108&eidpubcid.org=58151e3c-0f31-4d9f-9f49-a8e27a8d3e7f&secure=1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-55
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 May 2023 22:46:33 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://access-excel.tips
access-control-allow-credentials
true
content-length
2022
bidRequest
c2shb.ssp.yahoo.com/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9699b701747420431021125b3b0010&cmd=bid&eidaudigent.com=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y&eidquantcast.com=P0-1934290940-1683153988108&eidpubcid.org=58151e3c-0f31-4d9f-9f49-a8e27a8d3e7f&secure=1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-55
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 May 2023 22:46:33 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://access-excel.tips
access-control-allow-credentials
true
content-length
2027
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9691b20174742046e2211258fd01b2&cmd=bid&eidaudigent.com=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y&eidquantcast.com=P0-1934290940-1683153988108&eidpubcid.org=58151e3c-0f31-4d9f-9f49-a8e27a8d3e7f&secure=1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-55
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 May 2023 22:46:33 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://access-excel.tips
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9691b20174742046e2211258fd01b2&cmd=bid&eidaudigent.com=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y&eidquantcast.com=P0-1934290940-1683153988108&eidpubcid.org=58151e3c-0f31-4d9f-9f49-a8e27a8d3e7f&secure=1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-55
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 May 2023 22:46:33 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://access-excel.tips
access-control-allow-credentials
true
content-length
80
prebid
prebid.media.net/rtb/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUBCB617
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://access-excel.tips
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Wed, 03 May 2023 22:46:33 GMT
translator
hbopenbid.pubmatic.com/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-55
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://access-excel.tips
date
Wed, 03 May 2023 22:46:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		54 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-2-55
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://access-excel.tips/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 03 May 2023 22:46:33 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.23; 217.114.218.23; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3066277d-2d81-4b12-9502-6bf15c64934c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://access-excel.tips
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ Frame EFB6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=d1c95d7b-146a-c7c0-569f-71595821d641&tv=%7Bc:bAU9RF,pingTime:0,time:784,type:pf,im:%7Bpci:%7Btdr:554%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:21%7D,%7Bpiv:100,vs:i,r:,t:784%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:784,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B777~0%5D,as:%5B777~160.600%5D%7D%7D,%7Bsl:i,t:784,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:444,fm:tDeKCEr+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C171%7C172%7C18*.1352960-70224255%7C181%7C1821%7C19.1352960-70224255%7C191%7C1921%7C1a.1294488-70429366%7C1a1%7C1a2%7C1a31%7C1a4%7C1b.1294488-70429355%7C1b1%7C1b2%7C1b3%7C1b4,idMap:18*,rmeas:1,rend:1,renddet:IMG.qs,siq:23,sis:405%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:841d:db90:f6f3:b6f2 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 408C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVSAholA9pfW3Xn8S9ZgGn4wItIIM8USKGGIysGzVmH3tY3VPmuR7N1k2G5SYpPF50-39nWPEQMS6SzWt2sp_mZ8QEoMZzlxigy964-8kH6_FjR2iuyAbnqWdlQQ0pxH3jNQgoBQ&sai=AMfl-YQ-ZsmF_0QKlKqT5ct7ZYx7wRxE2QXeQDlnzGJPTrD6mmjJVU551goOyhbQQC1vZxr0Wv1Kuy6aM3cwJKyUeOUExuUn9BPUEW2XcnrCzbfwYqyv0iLgSEa3Ifw8&sig=Cg0ArKJSzMn1Oy4RUyJjEAE&cid=CAQSPABygQiDl_1t6OIrkcoEW-O2giOsuG4sQmpIhx3BEOPdy-lMUw_he2UJJb-WheqmMgcNizT5ZvWsEuO3wBgB&id=lidar2&mcvt=1118&p=1110,436,1200,1164&mtos=1118,1118,1118,1118,1118&tos=1118,0,0,0,0&v=20230503&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2015605214&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683153992060&rpt=356&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 1A1F 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=fe5a4122-8af7-99d8-eeb7-3ae58fa15d2d&tv=%7Bc:bAU9RI,pingTime:0,time:648,type:pf,im:%7Bpci:%7Btdr:572%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:18%7D,%7Bpiv:100,vs:i,r:,t:648%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:648,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B642~0%5D,as:%5B642~160.600%5D%7D%7D,%7Bsl:i,t:648,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:401,fm:tDeKCEr+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C171%7C172%7C18.1352960-70224255%7C181%7C1821%7C183%7C19*.1352960-70224255%7C191%7C1921%7C1a.1294488-70429366%7C1a1%7C1a2%7C1a31%7C1a4%7C1b.1294488-70429355%7C1b1%7C1b2%7C1b3%7C1b4,idMap:19*,rmeas:1,rend:1,renddet:IMG.qs,siq:19,sis:281%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:841d:db90:f6f3:b6f2 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
army.gif
access-excel.tips/porpoiseant/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODUzMTIwNjg0OTQ4Njg2NiIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtYm94LTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils5NzAsMjUwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODUzMTIwNjg0OTQ4Njg2NiIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtYm94LTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODUzMTIwNjg0OTQ4Njg2NiIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtYm94LTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:33 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:33 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 56B6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssATRISqqKcSGpAwmVRgchje7IR8hzKMTXNP5LgbJ9MQaOK92io4TdCKlIBKgtsDUhZrra-vftaUdeKM1TsD0PRpEY6Nwq35K6meUrGK6theSA8tvirvwNy30rzNgRSkm25R4GayA&sai=AMfl-YQSG0-ZR75XoyrsLxW8f9FTAbyhSwva3V-5jDSwxK2Pr_IAxP7hQP5K8vpKmZA4IwbeM7dHr30B6wRAjjN5qm4_EEc67OizZQDpnDJ6PVISYp_xpPhc3CxdswPe&sig=Cg0ArKJSzDMuBgbXNiQGEAE&cid=CAQSPABygQiDCmr9rDPITPuqWuEzuttWBZpwhK3SK3mDn8AEY5ldMMCCszwtdw0rYqeJ55DmbpmSCU5M2hec2xgB&id=lidar2&mcvt=1067&p=732,1046,982,1346&mtos=1067,1067,1067,1067,1067&tos=1067,0,0,0,0&v=20230503&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1714290205&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683153992081&rpt=418&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTg2OTkwMzg5MTQzMzA1NSIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtZWRnZS0yLTAiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJhZF9wb3NpdGlvbiI6MTk3NiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMTYwLDYwMF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE4Njk5MDM4OTE0MzMwNTUiLCJkb21haW5faWQiOiI5ODA2OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFjY2Vzc19leGNlbF90aXBzLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY4MzE1Mzk4NywiYWRfcG9zaXRpb24iOjE5NzYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODY5OTAzODkxNDMzMDU1IiwiZG9tYWluX2lkIjoiOTgwNjgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hY2Nlc3NfZXhjZWxfdGlwcy1lZGdlLTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjoxOTc2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:34 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:34 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTUyMzA3MzMyMzQzMzA3NSIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJhZF9wb3NpdGlvbiI6MTk3NSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTE3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMTYwLDYwMF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU1MjMwNzMzMjM0MzMwNzUiLCJkb21haW5faWQiOiI5ODA2OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFjY2Vzc19leGNlbF90aXBzLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4MzE1Mzk4NywiYWRfcG9zaXRpb24iOjE5NzUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1NTIzMDczMzIzNDMzMDc1IiwiZG9tYWluX2lkIjoiOTgwNjgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hY2Nlc3NfZXhjZWxfdGlwcy1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:33 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:33 GMT
dt
dt.adsafeprotected.com/ Frame EFB6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=d1c95d7b-146a-c7c0-569f-71595821d641&tv=%7Bc:bAU9SB,pingTime:-10,time:842,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi42MyBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1683153993597%7C%7C4e334cbfba3cad3a092d92e7e7b12b57%7C%7C1a341f7ffaad5ea94f399b4eae605ec3%7C%7Cfa0f3b2ce5322504900f84676d910f0b%7C%7Cb5b6f463ff2b6d16ee0f20380d9d5844%7C%7Cd7f3a0c6cabd6577bf7b4ff629751a42%7C%7C80f896eff44691941784376642817c46%7C%7C9de69e88e4588ef70c54baa6d5ddf1af%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:841d:db90:f6f3:b6f2 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDA4OTYzMTcyMzQ1Mjk4MCIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils3MjgsOTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0MDg5NjMxNzIzNDUyOTgwIiwiZG9tYWluX2lkIjoiOTgwNjgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hY2Nlc3NfZXhjZWxfdGlwcy1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY4MzE1Mzk4NywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0MDg5NjMxNzIzNDUyOTgwIiwiZG9tYWluX2lkIjoiOTgwNjgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hY2Nlc3NfZXhjZWxfdGlwcy1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY4MzE1Mzk4NywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIzMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:33 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:33 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODM5NTU0Nzc3MTQzMTQwNiIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtbGFyZ2UtbGVhZGVyYm9hcmQtMS0wIiwidF9lcG9jaCI6MTY4MzE1Mzk4NywiYWRfcG9zaXRpb24iOjExMTEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU4NSwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4Mzk1NTQ3NzcxNDMxNDA2IiwiZG9tYWluX2lkIjoiOTgwNjgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hY2Nlc3NfZXhjZWxfdGlwcy1sYXJnZS1sZWFkZXJib2FyZC0xLTAiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJhZF9wb3NpdGlvbiI6MTExMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjgzOTU1NDc3NzE0MzE0MDYiLCJkb21haW5faWQiOiI5ODA2OCIsInVuaXQiOiJkaXYtZ3B0LWFkLWFjY2Vzc19leGNlbF90aXBzLWxhcmdlLWxlYWRlcmJvYXJkLTEtMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjoxMTExLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1ODUsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMTE4In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:32 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:32 GMT
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date
Wed, 03 May 2023 22:46:33 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
135246
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98RMdamRXlMixqq7gD7zeJVkN1EmVM4GVaai8GkQ16EdeP8m4UwNz2lPYX9NAtZswqm%2FP5%2Fs8cH7bgrPsqh1Akv90ykFO%2FTHNZrfNkTL0k2JkVOx7ttwpm6fsW0RHzBX2N01bVvTwotRLlf7"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7c1c0a6c8f721e14-FRA
dt
dt.adsafeprotected.com/ Frame 408C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1294488&asId=8c8ff08a-f9ea-0c50-3b1f-1104d13fc2d9&tv=%7Bc:bAU9Tb,pingTime:-10,time:617,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi42MyBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1683153993597%7C%7C4e334cbfba3cad3a092d92e7e7b12b57%7C%7C1a341f7ffaad5ea94f399b4eae605ec3%7C%7Cfa0f3b2ce5322504900f84676d910f0b%7C%7Cb5b6f463ff2b6d16ee0f20380d9d5844%7C%7Cd7f3a0c6cabd6577bf7b4ff629751a42%7C%7C80f896eff44691941784376642817c46%7C%7C9de69e88e4588ef70c54baa6d5ddf1af%7C%7C1663701684,im:%7Bpci:%7Btdr:260%7D,imprf:%7Bttecl:984,ecd:140,tsecr:157%7D%7D,sca:%7Bspg:d1c95d7b-146a-c7c0-569f-71595821d641%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:841d:db90:f6f3:b6f2 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame C1EA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BE7tlSORSZOOgFLfCx_AP8oCP6AcAAAAAOAHgBAI&bg=!s7ClsOTNAAYcDqajPA47ADkAdvg8WoboUlNAPbO6A0t8Yb11VuW1iDwVssd7aKulQZ6ajffS4bRepi9PQNNkh16RtvbeIcQFT6ECAAACWVIAAAACaAEHmQMrcxNd84yas2Zr0icsFzTQjCneSnNKcdaq0pOeLle42tq9OWgfB7wQ8kFp4FOgTdEfy-cwbl12OWQ1ET9BsUFK7mYntHCajWFO4CFxojxeNJYP86moZTztAcO2NPdPsE397EaNwihFoWBAR1kiNg6F0r4mF5Tl9QSCeL2CNjvaWz1jDuwjIHVpVQejNn4GMhS3DgLAMmGX8VITxZ1Ezlp9-0kqNOv33j8GNHd_bRvKHDbUc32nmvRo3w9SjwillLUvJAQuGuCTxDNSWIGSy1-cpPJtMKB_EEfVe6XSiYNXoy9NvS6fSPSAnZ6CbvoTIY_O-uFcj60fD30rqGxEyMlm4jjSQwPcJiqOrM3BmflbbfgFEmEg0kMbxEX0o8buh36UJviEqzjbKD4dqvWTa0V6qt-ZOWb79Yh-ZmMik1QRV0CuExAno7DDmdVAUZeks3YagkecGwjylHmQhydHkwPkQx2iRWVpulPbl30PKvR5X4UF90gA4rLVCE-ygZBoZ2ZfB2IdXnHpaLvqEfXOHZQqnoNCUaBAlZBDGCpHKqBIFtMarM0d1iZHlXgaPbo1KxBPWic90UhkXdiZAZ-v5y-6okujnObnKYgmONdAbhaRodxXs8z-1uuXxLOAsQ17_XkSOIXQzJ9cLf6UrWqCuO7XesZhxqUPSlfPjlM7lyJbBRJ1F-Uyy0RSpwQu6i8yc6HIJkxYSxBz28u6_HRSkDBO_rTbmzk3HputBxBnhIDGVKKu1nvxn5aIokZPgmi-ARmnLJGOjat494ycvTGs7GjBEYwZ2WofB2WuZyrtLTJASQqMSa1PLGXTWmJOhI8HGvWERqBFtk3nBHleEgASOW5KMXlNXC2lRJeHQd4VMXlCScSaKF-BumqZeQ1qbUbiAte55Ktsa7a4TqBzdDxDVVcpv_DnoA2D8OD8EWPfd0F_3YAMQpC4oKo-823oI3FvhoWEmvzJNxNjaeZtKUzItvioGBerJ-HtWz96X3c89m_ns5RjGSA0m9cQMj1seHLxQK-vib56AN1ITEwG5xh6arLCfkYUiAdUb9Doxi3S9E4P0wpfYu72__Bou5cb4Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 56B6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1294488&asId=e6925260-3999-34c6-452b-7b61138e9534&tv=%7Bc:bAU9Tl,time:585,type:e,im:%7Bpci:%7Btdr:206%7D,imprf:%7Bttecl:952,ecd:121,tsecr:150%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:585,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B579~0%5D,as:%5B579~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:434,fm:tDeKCEr+11%7C12%7C1311%7C1312%7C1313%7C14%7C15%7C16%7C171%7C172%7C18.1352960-70224255%7C181%7C182%7C183%7C19.1352960-70224255%7C191%7C1921%7C193%7C1a.1294488-70429366%7C1a1%7C1a2%7C1a31%7C1a4%7C1a5%7C1b*.1294488-70429355%7C1b1%7C1b2%7C1b31%7C1b4,idMap:1b*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:16,sis:288%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:841d:db90:f6f3:b6f2 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 22:46:33 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
bluemonkey.gif
access-excel.tips/detroitchicago/ 		43 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/detroitchicago/bluemonkey.gif?e=eyJhZHZlcnRpc2VyX2RvbWFpbnMiOiJmaW5ubGluZXMuZGUiLCJmcm9tX2NhY2hlIjowLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImF1Y3Rpb25faWQiOiJkYmEzZjc4Ny0xODlmLTQ2MmQtOTMxNS0xYzAzMTU1MmJlZjUiLCJhZF91bml0X2NvZGUiOiJkaXYtZ3B0LWFkLWFjY2Vzc19leGNlbF90aXBzLWVkZ2UtMS0wIiwiYWRhcHRlcl9jb2RlIjoib25lbW9iaWxlIiwib3JpZ2luYWxfY3BtIjowLjAxMTk3OCwiY3BtIjowLjAxMTk3OCwiYWRqdXN0bWVudCI6MSwibWVkaWFfdHlwZSI6ImRpc3BsYXkiLCJ0aW1lX3RvX3Jlc3BvbmQiOjE4NSwicmVzcG9uc2Vfc2l6ZSI6IjE2MHg2MDAiLCJyZXF1ZXN0X3NpemUiOiIxNjB4NjAwIiwiZG9tYWluX2lkIjo5ODA2OCwiZm9ybV9mYWN0b3JfaWQiOjEsInBvc2l0aW9uX3R5cGUiOjM4LCJzdGF0X3NvdXJjZV9pZCI6MTEyOTMsInJlZnJlc2hfY291bnQiOjAsInNvdXJjZSI6ImNsaWVudCIsImFiX3Rlc3RfaWQiOiJtb2Q1MSJ9
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/kenai.js?gcb=2&cb=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:33 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://access-excel.tips
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers
Content-Type
content-length
49
expires
Tue, 02 May 2023 22:46:33 GMT
bluemonkey.gif
access-excel.tips/detroitchicago/ 		43 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/detroitchicago/bluemonkey.gif?e=eyJhZHZlcnRpc2VyX2RvbWFpbnMiOiJmaW5ubGluZXMuZGUiLCJmcm9tX2NhY2hlIjowLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImF1Y3Rpb25faWQiOiJkYmEzZjc4Ny0xODlmLTQ2MmQtOTMxNS0xYzAzMTU1MmJlZjUiLCJhZF91bml0X2NvZGUiOiJkaXYtZ3B0LWFkLWFjY2Vzc19leGNlbF90aXBzLW1lZHJlY3RhbmdsZS0yLTAiLCJhZGFwdGVyX2NvZGUiOiJvbmVtb2JpbGUiLCJvcmlnaW5hbF9jcG0iOjAuMDIyNTA1LCJjcG0iOjAuMDIyNTA1LCJhZGp1c3RtZW50IjoxLCJtZWRpYV90eXBlIjoiZGlzcGxheSIsInRpbWVfdG9fcmVzcG9uZCI6MTkzLCJyZXNwb25zZV9zaXplIjoiNzI4eDkwIiwicmVxdWVzdF9zaXplIjoiNzI4eDkwIiwiZG9tYWluX2lkIjo5ODA2OCwiZm9ybV9mYWN0b3JfaWQiOjEsInBvc2l0aW9uX3R5cGUiOjUsInN0YXRfc291cmNlX2lkIjoxMTI5MywicmVmcmVzaF9jb3VudCI6MCwic291cmNlIjoiY2xpZW50IiwiYWJfdGVzdF9pZCI6Im1vZDUxIn0=
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/kenai.js?gcb=2&cb=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:33 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://access-excel.tips
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers
Content-Type
content-length
49
expires
Tue, 02 May 2023 22:46:33 GMT
army.gif
access-excel.tips/porpoiseant/ 		0
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODUzMTIwNjg0OTQ4Njg2NiIsImRvbWFpbl9pZCI6Ijk4MDY4IiwidW5pdCI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtYm94LTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjoxMTA3LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIzIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4Mzk1NTQ3NzcxNDMxNDA2IiwiZG9tYWluX2lkIjoiOTgwNjgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hY2Nlc3NfZXhjZWxfdGlwcy1sYXJnZS1sZWFkZXJib2FyZC0xLTAiLCJ0X2Vwb2NoIjoxNjgzMTUzOTg3LCJhZF9wb3NpdGlvbiI6MTExMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTg1LCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMTEwIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxODY5OTAzODkxNDMzMDU1IiwiZG9tYWluX2lkIjoiOTgwNjgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hY2Nlc3NfZXhjZWxfdGlwcy1lZGdlLTItMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjoxOTc2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiI1In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1NTIzMDczMzIzNDMzMDc1IiwiZG9tYWluX2lkIjoiOTgwNjgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hY2Nlc3NfZXhjZWxfdGlwcy1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODMxNTM5ODcsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6Ijg0MGY3YmFkLTI4YjMtNDRjYS02ZDMxLTYwODM0M2MyZGU4MCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MTcsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiI1In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0MDg5NjMxNzIzNDUyOTgwIiwiZG9tYWluX2lkIjoiOTgwNjgiLCJ1bml0IjoiZGl2LWdwdC1hZC1hY2Nlc3NfZXhjZWxfdGlwcy1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY4MzE1Mzk4NywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjI3MSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/cmbv2.js?gcb=195-2&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y25-3y33-4y5d-2&cmbcb=137&sj=x04x02x06x07x1dx0bx0dx17x1bx20x25x33x5d&abt=AdInsertStatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

access-control-allow-origin
https://access-excel.tips
x-middleton-display
ezp_sol
date
Wed, 03 May 2023 22:46:33 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Tue, 02 May 2023 22:46:33 GMT
bluemonkey.gif
access-excel.tips/detroitchicago/ 		43 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/detroitchicago/bluemonkey.gif?e=eyJhZHZlcnRpc2VyX2RvbWFpbnMiOm51bGwsImZyb21fY2FjaGUiOjAsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiYXVjdGlvbl9pZCI6ImRiYTNmNzg3LTE4OWYtNDYyZC05MzE1LTFjMDMxNTUyYmVmNSIsImFkX3VuaXRfY29kZSI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtbGFyZ2UtbGVhZGVyYm9hcmQtMS0wIiwiYWRhcHRlcl9jb2RlIjoib2Z0bWVkaWEiLCJvcmlnaW5hbF9jcG0iOjAuNDg5NTk4LCJjcG0iOjAuNDg5NTk4LCJhZGp1c3RtZW50IjoxLCJtZWRpYV90eXBlIjoiZGlzcGxheSIsInRpbWVfdG9fcmVzcG9uZCI6MjM5LCJyZXNwb25zZV9zaXplIjoiMzAweDI1MCIsInJlcXVlc3Rfc2l6ZSI6IjMwMHgyNTAiLCJkb21haW5faWQiOjk4MDY4LCJmb3JtX2ZhY3Rvcl9pZCI6MSwicG9zaXRpb25fdHlwZSI6MzUsInN0YXRfc291cmNlX2lkIjoxMDA4MSwicmVmcmVzaF9jb3VudCI6MCwic291cmNlIjoiY2xpZW50IiwiYWJfdGVzdF9pZCI6Im1vZDUxIn0=
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/kenai.js?gcb=2&cb=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:33 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://access-excel.tips
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers
Content-Type
content-length
49
expires
Tue, 02 May 2023 22:46:33 GMT
bluemonkey.gif
access-excel.tips/detroitchicago/ 		43 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/detroitchicago/bluemonkey.gif?e=eyJhZHZlcnRpc2VyX2RvbWFpbnMiOm51bGwsImZyb21fY2FjaGUiOjAsInBhZ2V2aWV3X2lkIjoiODQwZjdiYWQtMjhiMy00NGNhLTZkMzEtNjA4MzQzYzJkZTgwIiwiYXVjdGlvbl9pZCI6ImRiYTNmNzg3LTE4OWYtNDYyZC05MzE1LTFjMDMxNTUyYmVmNSIsImFkX3VuaXRfY29kZSI6ImRpdi1ncHQtYWQtYWNjZXNzX2V4Y2VsX3RpcHMtYm94LTItMCIsImFkYXB0ZXJfY29kZSI6Im9mdG1lZGlhIiwib3JpZ2luYWxfY3BtIjowLjAzMTUsImNwbSI6MC4wMzE1LCJhZGp1c3RtZW50IjoxLCJtZWRpYV90eXBlIjoiZGlzcGxheSIsInRpbWVfdG9fcmVzcG9uZCI6MjQwLCJyZXNwb25zZV9zaXplIjoiOTcweDI1MCIsInJlcXVlc3Rfc2l6ZSI6Ijk3MHgyNTAiLCJkb21haW5faWQiOjk4MDY4LCJmb3JtX2ZhY3Rvcl9pZCI6MSwicG9zaXRpb25fdHlwZSI6MSwic3RhdF9zb3VyY2VfaWQiOjEwMDgxLCJyZWZyZXNoX2NvdW50IjowLCJzb3VyY2UiOiJjbGllbnQiLCJhYl90ZXN0X2lkIjoibW9kNTEifQ==
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/kenai.js?gcb=2&cb=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:33 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://access-excel.tips
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers
Content-Type
content-length
49
expires
Tue, 02 May 2023 22:46:33 GMT
bluemonkey.gif
access-excel.tips/detroitchicago/ 		43 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/detroitchicago/bluemonkey.gif?e=eyJhZHZlcnRpc2VyX2RvbWFpbnMiOiJqb3luLmRlIiwiZnJvbV9jYWNoZSI6MCwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJhdWN0aW9uX2lkIjoiZGJhM2Y3ODctMTg5Zi00NjJkLTkzMTUtMWMwMzE1NTJiZWY1IiwiYWRfdW5pdF9jb2RlIjoiZGl2LWdwdC1hZC1hY2Nlc3NfZXhjZWxfdGlwcy1ib3gtMi0wIiwiYWRhcHRlcl9jb2RlIjoicnViaWNvbiIsIm9yaWdpbmFsX2NwbSI6MC4wNCwiY3BtIjowLjA0LCJhZGp1c3RtZW50IjoxLCJtZWRpYV90eXBlIjoiZGlzcGxheSIsInRpbWVfdG9fcmVzcG9uZCI6Mjg4LCJyZXNwb25zZV9zaXplIjoiOTcweDI1MCIsInJlcXVlc3Rfc2l6ZSI6Ijk3MHgyNTAiLCJkb21haW5faWQiOjk4MDY4LCJmb3JtX2ZhY3Rvcl9pZCI6MSwicG9zaXRpb25fdHlwZSI6MSwic3RhdF9zb3VyY2VfaWQiOjEwMDYzLCJyZWZyZXNoX2NvdW50IjowLCJzb3VyY2UiOiJjbGllbnQiLCJhYl90ZXN0X2lkIjoibW9kNTEifQ==
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/kenai.js?gcb=2&cb=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:33 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://access-excel.tips
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers
Content-Type
content-length
49
expires
Tue, 02 May 2023 22:46:33 GMT
bluemonkey.gif
access-excel.tips/detroitchicago/ 		43 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://access-excel.tips/detroitchicago/bluemonkey.gif?e=eyJhZHZlcnRpc2VyX2RvbWFpbnMiOiJqb3luLmRlIiwiZnJvbV9jYWNoZSI6MCwicGFnZXZpZXdfaWQiOiI4NDBmN2JhZC0yOGIzLTQ0Y2EtNmQzMS02MDgzNDNjMmRlODAiLCJhdWN0aW9uX2lkIjoiZGJhM2Y3ODctMTg5Zi00NjJkLTkzMTUtMWMwMzE1NTJiZWY1IiwiYWRfdW5pdF9jb2RlIjoiZGl2LWdwdC1hZC1hY2Nlc3NfZXhjZWxfdGlwcy1tZWRyZWN0YW5nbGUtMi0wIiwiYWRhcHRlcl9jb2RlIjoicnViaWNvbiIsIm9yaWdpbmFsX2NwbSI6MC4wMjg1MzQsImNwbSI6MC4wMjg1MzQsImFkanVzdG1lbnQiOjEsIm1lZGlhX3R5cGUiOiJkaXNwbGF5IiwidGltZV90b19yZXNwb25kIjozMjUsInJlc3BvbnNlX3NpemUiOiI3Mjh4OTAiLCJyZXF1ZXN0X3NpemUiOiI3Mjh4OTAiLCJkb21haW5faWQiOjk4MDY4LCJmb3JtX2ZhY3Rvcl9pZCI6MSwicG9zaXRpb25fdHlwZSI6NSwic3RhdF9zb3VyY2VfaWQiOjEwMDYzLCJyZWZyZXNoX2NvdW50IjowLCJzb3VyY2UiOiJjbGllbnQiLCJhYl90ZXN0X2lkIjoibW9kNTEifQ==
Requested by
Host: access-excel.tips
URL: https://access-excel.tips/detroitchicago/kenai.js?gcb=2&cb=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:776:a63e:931e:6ac2:944b:f27e Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://access-excel.tips/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Wed, 03 May 2023 22:46:33 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://access-excel.tips
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers
Content-Type
content-length
49
expires
Tue, 02 May 2023 22:46:33 GMT
dt
dt.adsafeprotected.com/ Frame 1A1F 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Domain
a.c.appier.net
URL
https://a.c.appier.net/gcm?google_gid=CAESEGn9ESGEqynpAQ_XAYsvWYo&google_cver=1&google_push=ATf1kGOV6tC3yTGT5FounvSenqsWV9TkrmXxuSUnfd_Dygy3xtYHO1a7_N3acd8QcB6-SD8ntjY-kYiUMpvJOsOO2KM8eT7H7hU
Domain
cc.adingo.jp
URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEFWWu8Wl1ixz7dqgTzjxzrg&google_cver=1&google_push=ATf1kGMNchXOfSMKKVI_v_tqxerqYHCMuneG8QYhjqcNsA6iuQqHoUF0ZWCU--3jOMGTch7eND-dnEv-QiqGGfqqHc6T9_Tfm2Md
Domain
tg.socdm.com
URL
https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEF2oGs4uX_lTXsMzRhT92fo&google_cver=1&google_push=ATf1kGNmUDNyiK1ELlK_oIwXD9nOKRl9Zs3AqujZwWQGXtHfXPiQVviCzumJf2nXPNuwBHa7k3JoviPd9PaH-KyL6v2eiP0NVAGTJg
Domain
cc.adingo.jp
URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEFWWu8Wl1ixz7dqgTzjxzrg&google_cver=1&google_push=ATf1kGNiObKvh8WY5DMjuzw4ZXBKvhtkAYmQGC_H2Ddx7U5CspDxv-TdgSN_A198wXmAyuDAWY0Zaf5beA7v0OKFBlFauoFvgeyl
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=fe5a4122-8af7-99d8-eeb7-3ae58fa15d2d&tv=%7Bc:bAU9Ze,pingTime:-10,time:1114,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi42MyBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1683153993597%7C%7C4e334cbfba3cad3a092d92e7e7b12b57%7C%7C1a341f7ffaad5ea94f399b4eae605ec3%7C%7Cfa0f3b2ce5322504900f84676d910f0b%7C%7Cb5b6f463ff2b6d16ee0f20380d9d5844%7C%7Cd7f3a0c6cabd6577bf7b4ff629751a42%7C%7C80f896eff44691941784376642817c46%7C%7C9de69e88e4588ef70c54baa6d5ddf1af%7C%7C1663701684,sca:%7Bspg:d1c95d7b-146a-c7c0-569f-71595821d641%7D%7D

Verdicts & Comments Add Verdict or Comment

396 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 boolean| credentialless object| __ez boolean| ezoicTestActive object| _ezaq object| _ezim_d object| _ezat function| dynamicAddScript object| xhr string| d boolean| ezAutoAdsSetup object| google_reactive_ads_global_state object| _wpemojiSettings undefined| $ function| jQuery string| ezouid string| ezoTemplate string| ezoFormfactor object| ezo_elements_to_check string| soc_app_id number| did string| ezdomain number| ezoicSearchable function| create_ezolpl function| attach_ezolpl string| _audins_dom number| _audins_did object| accesspresslite_loc_script object| _trfd string| ezoScriptHost object| IL11ILILIIlLLLILILLLLIILLLIIL11111LLILiiLIliLlILlLiiLLIiILL function| ezoSyncToDfp function| ezoGetDFPSlot number| ezobv object| ezomash boolean| ezowwinit function| ezbanger function| ezvt function| ezvb function| ezsr function| ezosethbbid function| ezosetowbids function| ezosethbbids function| ezGetSlotViewedTime function| formatBid function| fetchezoibfh object| ezoibfh number| ezoibfhHF function| adjustHbValues function| ezasBuild function| ezorefgsl function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString object| ezux object| metricNameMap function| ezlogVital function| __ezDotData object| _ezfd object| riveted number| ez_tos_track_count number| ez_last_activity_count function| EzoIvent function| _findOverlappingQuietPeriods function| _findNetworkQuietPeriods function| ezoFetchConst function| ezorqs function| ezorqe function| ezocfol function| ezogetrqbykey object| webVitals object| _qevents object| twemoji object| wp function| onmessagefunc function| SetSlotTargeting object| ezoic_mash object| ezmt object| ezua object| ezuxgoals object| ezdent object| ezDenty object| ct function| newEzVignette function| quantserve function| __qc object| ezt object| _qoptions boolean| _tcclPageReqFired object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| _trfq object| tccl function| __ez_vig_close_wrapper function| __ez_addAllListeners number| indexKey undefined| __ez_dims object| __ezaps object| __ezapsVideo object| ezS string| __sellerid string| __schain_domain string| __ez_nid object| ezasVars boolean| __ezasAggressive object| __banger_pmp_deals object| ez_ad_units object| ezslots object| ezrpos object| ezsrqt boolean| __ez_fad_haspo boolean| __ez_fad_hascp object| __ez_fad_po boolean| __ez_fad_floatshowd function| __ez_fad_csnt function| __ez_fad_rdy function| __ez_fad_position function| __ez_fad_display function| ezSetTargetingFromMap function| ezSetSlotTargeting function| ezGetSlotById function| __ez_close_anchor object| ezaxmns object| ezaucmns object| __ez_fad_floating boolean| __ez_fad_gptd boolean| __ez_fad_ezpbinitd number| __ez_fad_pbt function| __ez_fad_gpt function| __ez_fad_pb function| __ez_init_slot boolean| ezAardvarkDetected function| ezDetectAardvark function| __ez_fad_ezpbinit object| ezOneTag object| ezCriteo object| ezAYL object| ezMedianet function| ezjsps object| epbjs boolean| __enableAnalytics object| __s2sbidders object| __s2sinstreambidders object| __allBidders string| ez__id5pd string| ez__uIdHash string| ez__sspDomain function| __ez_tkn_evnt function| getCookie string| htmlStr object| range object| anchor object| fragment number| __ezWillLoadCnx string| __ezapid object| ezslots_raw object| __advertiserRule function| ezasvEvent function| ezaslEvent function| ezoAdBackFill object| ezoSTPixels function| ezoSTPixelAdd function| ezoGetSlotById function| ezoGetSlotNum function| ezoSTPixelFire boolean| ezhbopt boolean| ezpbCache object| _ebcids boolean| isEZABL number| ezmadspc boolean| ezoViewCheck boolean| ezDisableInitialLoad object| googletag function| ezogetbrkey boolean| ezoll string| ezoadxnc string| ezoadhb number| __cnxiid string| __cnxau boolean| __ez_edge_a number| __ez_edge_mw string| __ez_edge_v string| __ez_edge_h number| __ez_edge_m boolean| ezFinishedStatic number| ezodomstart number| ezoIint string| schain_domain string| dom function| getAmazonSlotById function| ezapsFetchBids function| setA9VideoBids function| setA9DisplayBids object| apstag object| amznVideoResponse function| ezoChar function| ezoCharSize function| PrebidImpressionController function| PrebidImpression function| __ez_get_footer_height function| __ez_set_outstream_floor function| __ez_auto_adjust_outstream_float function| __ez_outstream_player_tracking function| pixelData function| __ez_outstream_float_destroy function| stickyFix object| regeneratorRuntime object| ezoptbid function| getSlotForhb function| epbjsRequestAdUnits function| epbjsRefreshSlot function| setAuctionActive function| setAuctionFinished function| isValid256Hash function| sidebarWall function| __ez_close_rail function| __ez_handle_rail_loaded object| __ezsbwcmd object| ggeac object| google_tag_data object| google_js_reporting_queue boolean| apstagLOADED object| apscustom object| _aps undefined| google_measure_js_timing object| ezslot_interstitial number| i3 object| ezslot_5 object| ezslot_4 object| ezslot_0 object| ezslot_1 object| ezslot_2 object| googleToken object| googleIMState function| processGoogleToken function| ha number| google_unique_id object| gaGlobal function| setImmediate function| clearImmediate object| ID5 object| hadron boolean| __halo_loaded__ object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt boolean| __bt_already_invoked object| perf_vals number| bid_val number| bid_decrease_amount object| GoogleGcLKhOms object| au object| google_image_requests number| ezouspvv object| parts object| ox_esp object| pbjs function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| __uid2SecureSignalProvider object| __uid2 object| signal_decrypted object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_135 object| Criteo object| Criteo_identitytag_135 function| cnx object| slots string| slot object| cnx_usr_storage object| buttonElem object| e

53 Cookies

Domain/Path Name / Value
.access-excel.tips/ Name: ezoadgid_98068
Value: -1
.access-excel.tips/ Name: ezoref_98068
Value:
.access-excel.tips/ Name: ezosuibasgeneris-1
Value: e0257921-338d-4032-6e89-bbc11f1592a9
.access-excel.tips/ Name: ezoab_98068
Value: mod51
.access-excel.tips/ Name: active_template::98068
Value: pub_site.1683153987
.access-excel.tips/ Name: ezovid_98068
Value: 1401658028
.access-excel.tips/ Name: lp_98068
Value: https://access-excel.tips/
.access-excel.tips/ Name: ezovuuidtime_98068
Value: 1683153987
.access-excel.tips/ Name: ezovuuid_98068
Value: 17b96995-1daa-481d-49c4-c8745f293a49
.access-excel.tips/ Name: ezopvc_98068
Value: 1
.access-excel.tips/ Name: ezepvv
Value: 0
.access-excel.tips/ Name: _tccl_visitor
Value: 54f35fa0-96d2-5b78-b4ef-0ff0a839b182
.access-excel.tips/ Name: _tccl_visit
Value: 54f35fa0-96d2-5b78-b4ef-0ff0a839b182
access-excel.tips/ Name: ezds
Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
access-excel.tips/ Name: ezohw
Value: w%3D1600%2Ch%3D1200
.quantserve.com/ Name: mc
Value: 6452e444-3db67-4e07e-6a167
.access-excel.tips/ Name: __qca
Value: P0-1934290940-1683153988108
access-excel.tips/ Name: ezux_lpl_98068
Value: 1683153988746|840f7bad-28b3-44ca-6d31-608343c2de80|false
.access-excel.tips/ Name: __gads
Value: ID=da08e8c63f9caaf4:T=1683153988:S=ALNI_Mb-YCnrSe30cD2R4PpyZE-5lmBp4g
.access-excel.tips/ Name: __gpi
Value: UID=00000bf5290f494f:T=1683153988:RT=1683153988:S=ALNI_MYjM2P41Zb1uK3-9sH1b_vIeUoiKg
.doubleclick.net/ Name: IDE
Value: AHWqTUk6A4oVPfPUK9nivVeJxbiQ5rz61WBzRlrq53657JskV1kMDJZE8WCUUAfunME
access-excel.tips/ Name: ezouspvh
Value: 160
.blismedia.com/ Name: b
Value: 6452E446BAA44C25ADBB3253BLIS
.adnxs.com/ Name: uuid2
Value: 455785887528178246
.doubleclick.net/ Name: DSID
Value: NO_DATA
.criteo.com/ Name: uid
Value: c212ae2c-fdb5-4b4c-8064-37d2c95d1ec2
.casalemedia.com/ Name: CMID
Value: ZFLkRsoLeJgLk4lPdSyTVQAA
.casalemedia.com/ Name: CMPS
Value: 2203
.casalemedia.com/ Name: CMPRO
Value: 2203
.openx.net/ Name: i
Value: 2790bfce-1700-4b61-8616-2cd8e5d3013f|1683153990
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZFLkRgAHc3NMjABa
.access-excel.tips/ Name: cto_bundle
Value: eklgw193UDNxQ3BPdTNna25vJTJCRkZoblBja2NlSXc2OTJma1NCNFRvZjJ3R1lCU25ocmNkNm1JNDNjNjh2VnMza00zOGI5aE81R0RwUHRFdUpMcElJQzhiVnNOZ1BLcUlFRE1ENzBOVVc3d25UZXUlMkZ0V1czdlF1M3UlMkJkRDVFM05MUDRBakkzMUtvRDNuWnNsSU0yZlQ0TFpBdWNaNk50ZTVJNGs3ckxUMk03MkU5MWMlM0Q
.tribalfusion.com/ Name: ANON_ID
Value: afnseFmge06ousnA7fvZbiTxbbZcu7VYs2bj8FOQZaH8K7KjaQfwZa0trExauL6h87Yg1YZa5BYRZaxdyNEH6nT9CR
access-excel.tips/ Name: ezouspvv
Value: 500
access-excel.tips/ Name: ezouspva
Value: 6
.yahoo.com/ Name: A3
Value: d=AQABBEjkUmQCEAAHA_XCKCGxR5vOlkFUmbcFEgEBAQE1VGRcZOAXyiMA_eMAAA&S=AQAAAj4ZvM1kBkKnXCRJSy_ZPmM
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yl~2bfy
.spotxchange.com/ Name: audience
Value: 59afdb13-ea04-11ed-8fc3-1d21b9eb0106
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$Gnv3!1!]tbPl1M>e)ZlrFUfJ+tGXxp?<aE/=I*7T5?NPQWD$1x^^E9x/_K??4ZahY33If)y3KL9D3I?*f6$24l
.quantserve.com/ Name: d
Value: EEMBCQHzKIEA
.ads.stickyadstv.com/ Name: UID
Value: fa859417b7293f63decfc635fa743
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEOtgqiwCMYVMqFJp_OoMs34
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
match.sharethrough.com/ Name: AWSALBCORS
Value: 43DIjDUyhSophSb0hYD0+wxYE6YqJ3oXUsixUidMSIsimOi+63BeuU4NZT1aZhdEiz3mlkfO7PQTtdr7VHU7YniHNNZGQvLhY4K7SPj+ImBJ4bj8AAeTRY12wjqs
.media.net/ Name: visitor-id
Value: 3261555928280729000V10
.media.net/ Name: data-g
Value: CAESEK5tKrSXQkeDTKoFhtfJltA~~3
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 4D82B930-D4B6-418A-9088-A0CFFCD07BE7
.3lift.com/ Name: tluid
Value: 451725512588772239559
.w55c.net/ Name: wfivefivec
Value: IOnq6Dp61PUlf25
.turn.com/ Name: uid
Value: 7171115837273266285
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: matchgoogle
Value: 5
.adform.net/ Name: uid
Value: 5532380535111879221

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

66236bc1ce0d1696cc029fec4f7be8a2.safeframe.googlesyndication.com
a.ad.gt
a.c.appier.net
a.tribalfusion.com
aax.amazon-adsystem.com
access-excel.tips
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
api.btloader.com
basher.ezodn.com
bcp.crwdcntrl.net
bidder.criteo.com
btloader.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
capi.connatix.com
cc.adingo.jp
cd.connatix.com
cdn-0.access-excel.tips
cdn.besafe.global
cdn.doubleverify.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cds.connatix.com
cm.g.doubleclick.net
cms.quantserve.com
cs.media.net
dsp.adkernel.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
esp.rtbhouse.com
events.api.secureserver.net
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
g.ezodn.com
go.ezodn.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
im.bluevoox.com
image6.pubmatic.com
img1.wsimg.com
img6.wsimg.com
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.sharethrough.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pixel.quantserve.com
pl.connatix.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
px.ads.linkedin.com
r.turn.com
rtb-csync.smartadserver.com
rtb0.doubleverify.com
rtb2-useast.e-volution.ai
rtbc-eu3.doubleverify.com
rules.quantcount.com
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
sync-tm.everesttech.net
sync.go.sonobi.com
sync.inmobi.com
sync.search.spotxchange.com
sync.teads.tv
tags.crwdcntrl.net
tg.socdm.com
tpc.googlesyndication.com
tr.blismedia.com
ups.analytics.yahoo.com
us-u.openx.net
www.google.com
www.googletagservices.com
www.gstatic.com
a.c.appier.net
cc.adingo.jp
dt.adsafeprotected.com
pagead2.googlesyndication.com
tg.socdm.com
104.102.35.84
104.18.33.52
108.138.4.150
130.211.23.194
141.95.98.64
142.250.186.162
151.101.2.49
162.19.138.116
164.92.213.94
172.217.18.6
174.137.133.49
178.250.7.13
18.213.43.223
185.255.84.150
185.64.189.112
185.64.189.115
185.80.39.216
185.83.142.19
185.86.138.151
185.86.138.153
185.89.210.122
185.94.180.125
2.19.228.18
2.23.209.59
20.127.253.7
2001:678:cb4:bbbb::11
216.58.212.162
2600:1f18:1aca:4280:841d:db90:f6f3:b6f2
2600:9000:211e:c600:1b:5138:8a40:93a1
2600:9000:2127:3800:a:e047:752:b361
2600:9000:2127:7600:8:455e:4a00:93a1
2600:9000:2127:8600:8:48e:53c0:93a1
2600:9000:2127:d600:6:44e3:f8c0:93a1
2602:803:c003:200::31
2606:4700:10::6816:34ad
2606:4700:10::ac43:17ea
2606:4700:10::ac43:266a
2606:4700:20::681a:246
2606:4700:20::681a:78b
2606:4700:20::681a:9a9
2606:4700:3034::6815:3efe
2606:4700::6812:18ad
2606:4700:e2::ac40:8817
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2003
2a02:2638:d::2
2a02:2638:d::a
2a02:2638:d::d
2a02:26f0:480:d::210:f15c
2a02:26f0:6c00::210:ba29
2a04:4e42:400::485
2a05:d014:776:a63e:931e:6ac2:944b:f27e
2a05:d018:d29:3602:99b7:871:83ab:7df8
3.120.88.196
3.214.165.89
3.71.149.231
3.71.167.37
34.102.146.192
34.107.148.139
34.120.135.53
34.149.12.213
34.96.105.8
34.96.70.87
35.190.39.111
35.244.159.8
35.71.131.137
37.157.3.30
51.89.9.252
52.28.203.152
52.45.175.185
54.171.94.43
54.77.31.84
63.35.200.177
65.9.90.93
65.9.95.19
72.34.250.75
76.223.111.18
95.101.54.106
00d6272f8ba086bd63eed498e6a916b8d9eb0f51920af223b1596e0b72c9a4a3
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0761599a569a3a6c03de9e05afc2cf135fb6581abb26c89b3615f46988b31fad
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f396ecfb59904a14aec072dce52ce3b3a2c02eb71051ec2866efeee2a5af9d9
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
14c77f954be37da1e7fba8efd1279e7ece7e384d33b8375d6e6a1ce013daaf47
15df1b0ab8ee96279cc5489eff36c012b0f2410e4b84bc50a507ea6de4e9ae34
15f0626dd31e3e991a1c21d6304f2e370b92b3c91650de3d7ed8a38f1159a457
1603064e2edd4b76a3a5a0e970b1b756000cfe0937c320cb6f223a08b43df0b2
1700f631683ba382d2a19b17f569345b000a8d57d28c9f3e4d781680b1934541
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a1d673f19348a1a820ae58996ce0a925fe7be63497acc1a9281570c5df36677
1b347d4a77daadabac6840d7a1039768915f5ad2901dbba49dd47a3c9e1a1f64
1ba60d8f499edc2e87cd8e35a055d6b7c799e3e289e762f7a9e92820ae73483d
1c9e1c60aca6663fd0a14c5848ad462e5cd1f335c51a1481c7e048d44e53c849
270d68c001d05e764b3ccd047bedf93a8376bfd08b44124a67b9fa31e335cea8
282b1607a57a6bef203e6016dc849f5162dd0ceae9d12296d476344afefffe41
29c906279c72c25bbf711129a63996f8ed88db0bd356d02b63003a63230b5a9a
2b103186d7fa99d76259fbbf4b8c051e3ceea2e2e4becdf98702c7144cfcf972
2b104db680a9d1df48409a24d2f18c31e2867e67e921c44b00c72b22d9762bb8
2ea07afd59f660225e82c177586447bf9960c48e6b1beb9b810e27a0be16ed9a
2f391f2211e28cf51e3f5bec98fa36fac8ac730d7bc92e74f54b70c7c2e7e2d1
30abb28535851883781b58a89380f184f31c31e9b1e4225f0e5e74607be8710d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
320498366bc4c922b783035be4d2b6ad2ddcfe4addb4bff84d93b986885209fb
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3c480938fc64cfe54a50f42ef4a9cadd24164b630bb7bd2a7df637f293ae883c
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3cd1e9d6f8dca41c14d1138d662c1bfbf1872c005eac9a758f08c84306e00d13
3f08a8dd064fa5c581845dc9bd3525527a147274517072d6d2a0309aa2a788b1
400fabe35a47597142482001174f415493a18dc7e1d35f2f66385013b7dd1e02
41f1a42982e6e64717dfbb11cf457a653ffc7771c2dddeff322744f1e423d385
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45224c71922dcb5c75c1c474d1892c5c5d056d0411011b3149d06f58921c180e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f25a5c5835eaef2f9e2e45b25e786b0fd3bd91922f371062b890e72d5951d79
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5056cb86194f57a3835df3c02abe87b797767dc731818988204322107a838afa
53969f483145868026ca920ea750bf2f3810c78913539542c3b5d91482a5c88f
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d83771d9e9956c74c47262c95a54dd94503da04577d05d4dc86535a1fdf988
597830acea0420d0c95ceae70e1db6fcfb1d35d259922ff472b1b6fb083e193f
59dec2944a255e7af6c299907b54df8fa8505437a95c203c6c5e2544e96c78e8
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d4423b610c2f56bb9c53fc192568ef1e834444494d32b0e3c7593e619af1732
5d4b71b5e9abfe59b7e45bc6544cd1f1e2e76f488bda9c289e8938a5214de4f5
5e640ab8eefc7f2713860454ace4faa1ff3b0f729b400bf35c83905a55995214
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65d5a38897c53d15e8b4528a0a2c8de15ceda4cc2ad3d4e978fb1439efd0e00c
66584c7b347eedd764c4bc54ecea9f717f48218e698955328b5e8b489ac478e4
66c4f0662838fae5bcf679c56ad0d64e8f473129c71128f167301be3e89a4feb
6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb
6a05fd778788694eafc2895ea32bd84af17af28738d7d323b8931c529cfcbdf3
6bc838937d8d1c3926393d9dbfcffbea2884e932f63d7d084009781adcf5f1d7
6c9a76561053c056b66454cf299aa65fe5e3f5f924355ed296bce36c8b59df34
6d24aa6c759bf985377cb6d8da10653aab877022d6e6462f546e86bae4ae41e2
6d4d7169daabc676334f89544fef9f89cda2616e5d87c47630fb052f3cff2a35
7141471cf38c1e5f68499d03fc12899c1d4f91358d533881a7c5e8ddf10a5ad5
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
7310c44f614d2e5bf715e47504daf9ed198eacc46fb29894c51e1b84d3e1fa36
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66
7a0658aac5009b0bcad254c3f9671df8d4b741ea6023e6ac63ee869882aacae4
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7dc65aa448ec9880d46e658d8ad71dbd11dd61c230f1f8c59d0d2ba4eac5e8a2
7f0c0d27541ace81b026bdc1a808f40a18ebdf58429a39a67e3e582fc405b094
831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a
87fbb001417bc8f6876e28fd1917967e777320c1639206d33ac27679f031bd21
88ce7fcfdcbdbd2719f7d593c881146231102807eab18457f9c50a56313e8075
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa37b1b49143f1f0f5946a34c832d5a7c1da1e2be2a8f629322c66b13f191c9
8ec56ad8988ac31bf71dc6d93e092dc78887cde29f97c995868a0af0a1b2e6b7
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
921be058bc587aa88c0a8db6aeaedc83e4fcbe5ed1d58c70be57180908b53f51
9684046606d9393d0e27e78e67b4a2273ecad707fc698927159b14dd01e77a01
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b0c7b1b5fbdfeaa58f197d39cf9ae0e988a3d89247a8d5353005ae11a0dd5c0
9b683a89798bdc87420a8e9cd5664d90bdb049621538e532e335e09231a7ecd8
9bc19ce27e7fe54728be0d4489cf683005fd6f522bbf6391a681d7d2d8d3f190
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a17d46c6ecc1556ff15b57901af8fb3109518674c83e76d88a9dcc5c7829b053
a31990ef6cf4768ef7213f0c3d0a073206803e39befcb12c2e4cc7346b5c0c8d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
ae841a4a3bb319a2e451052fcc1d73effa1be95246549a10ba81ec32a4cd5fbf
af76889a9268bbb8d76a7aa984f27064f2306128f1223c2de6c17a74c1e8784c
b05eb97ac487a8f24efa51c3b0d771b088a89d2dad2dd3d82ee3e67da074a332
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6911575fd9309ff120818aa7e64852817c61d6513b33a9c1ed60b6a9dbc3ed8
b8832731666cf4f12ff3b33d347fcebcd188e66de3bde425b0415161dd09fe32
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bef08583420100c979a6b7700b11c480430fe0751a13cd521dd0b22734d2d14e
c044a3c9cdb186fb83cea1eeb7cf8ee76e0e084835c45cead97e96c855f8d857
c047292542cf2fa6591f9871dea0876108eb83f91ec8d831c17a96f486ad7bf2
c27c396b7f4c1ff33d934d2c66f082c7f81193203971648a114f862c9143c234
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
ca7d371523a7bfaa5afc0bdc68f5aa879390e5fb2cf9e778ebcb6f6a44597b4b
ca9c650159c0a01216545024f283fd56f9bc6017bf575ae16f1787904c8398de
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9f9bdbb9d3fd97e6ffe2d35092e991d7dde82642e0d919f95d4aca3bb7b987
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b
d20b06d72585a42c2facc26bf6fb9b15c155c2bd73e466e24405bdf90cab7172
d81c633a37db238618104e2387465fdc0a98e6ed228abf723727f719a0e278ba
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dbe21c3c1f5415a40c7af9b0441a8515ac4a160ac5f4149717c3288046cda78e
dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e00d1c8d33ef445e5c86b591916928660a8c097bf129032703092d62e85f4294
e01f602ee63bf027e04fa14f95016c2128fb0672137e17b9088f263fe1432c7d
e0dcc44d0d45a79942a50f0a78ee69e380cbcd8d6c02316c2af886dc634c8997
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e81437bacb2eadf8e9892f7c4423437a86ed8249bf77dcf71770909857779174
ec5f9f7b396867c66fdef2b8e98dde1c5cff3db71aa00132902867a46945cb7e
ec895e32c7270731a299bf3935b9d927b3af78079eb6ccf7a70095f91ab3d28b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f22a626293c4abfd781c45f45a829b8b5dc91b1ee68d31dafd7a74147f0422
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5f0b12c511419cf3f39153f43834b84e92bead7268e4abd81699d384522fb2d
f60f373edf213b75f26374f410dbfaca33d9b5bce11101f5ee8d7deb582a098f