thenew.tcafe2a.com Open in urlscan Pro
2606:4700:20::ac43:49e4 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://thenew.tcafe2a.com/
Submission: On December 20 via manual (December 20th 2021, 2:34:13 am UTC) from KR — Scanned from DE

Summary HTTP 109 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 21 domains to perform 109 HTTP transactions. The main IP is 2606:4700:20::ac43:49e4, located in United States and belongs to CLOUDFLARENET, US. The main domain is thenew.tcafe2a.com.

This is the only time thenew.tcafe2a.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	2606:4700:20:... 2606:4700:20::ac43:49e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
7	2606:4700:20:... 2606:4700:20::681a:b19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700:20:... 2606:4700:20::681a:a19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3 9	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400e:80c::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
1	138.201.84.252 138.201.84.252	24940 (HETZNER-AS) (HETZNER-AS)
1 5	144.76.238.55 144.76.238.55	24940 (HETZNER-AS) (HETZNER-AS)
1	51.75.147.170 51.75.147.170	16276 (OVH) (OVH)
1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1 1	18.196.159.27 18.196.159.27	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:f72f:72e8:49ba:7270	16509 (AMAZON-02) (AMAZON-02)
109	24

35 2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)

thenew.tcafe2a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:b19 (United States)

ASN13335 (CLOUDFLARENET, US)

www.tcafe2a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::681a:a19 (United States)

ASN13335 (CLOUDFLARENET, US)

i2.tcafe2a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tcafe2a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.89 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.84.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 144.76.238.55 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de

hal900021.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.147.170 (France)

ASN16276 (OVH, FR)
PTR: ns3133977.ip-51-75-147.eu

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.159.27 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-159-27.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:f72f:72e8:49ba:7270 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	tcafe2a.com thenew.tcafe2a.com www.tcafe2a.com i2.tcafe2a.com tcafe2a.com	44 MB
18	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	239 KB
13	doubleclick.net 3 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	31 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net hal900021.redintelligence.net	9 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	google.com adservice.google.com www.google.com	1 KB
4	gstatic.com fonts.gstatic.com	63 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	google.de adservice.google.de	914 B
1	innovid.com ag.innovid.com	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	461 B
1	openx.net rtb.openx.net	350 B
1	agkn.com 1 redirects d.agkn.com	763 B
1	quantserve.com cms.quantserve.com	463 B
1	contentspread.net cdn.contentspread.net	12 KB
1	googletagservices.com www.googletagservices.com	37 KB
1	googleadservices.com partner.googleadservices.com	645 B
1	googleapis.com fonts.googleapis.com	1 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
109	21

	Domain	Requested by
35	thenew.tcafe2a.com	thenew.tcafe2a.com
12	pagead2.googlesyndication.com	thenew.tcafe2a.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net thenew.tcafe2a.com
8	i2.tcafe2a.com	thenew.tcafe2a.com
7	www.tcafe2a.com	thenew.tcafe2a.com
6	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
5	hal900021.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900021.redintelligence.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
2	image6.pubmatic.com	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	tcafe2a.com	thenew.tcafe2a.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	cdn.contentspread.net	hal900021.redintelligence.net
1	hal9000.redintelligence.net	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	thenew.tcafe2a.com
1	www.googletagmanager.com	thenew.tcafe2a.com
109	28

This site contains links to these domains. Also see Links.

Domain
tcafe2a.com
www.tcafe2a.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
redintelligence.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
contentspread.net R3	`2021-12-03` - `2022-03-03`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh

This page contains 10 frames:

Primary Page: http://thenew.tcafe2a.com/
Frame ID: A0D954FC842860B1F735A80894A046C3
Requests: 70 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 2C71B264A3030FBD35B681831AEF8DE9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840554518587098&output=html&adk=1812271804&adf=3025194257&lmt=1639967573&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fthenew.tcafe2a.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1639967644225&bpp=2&bdt=1823&idt=303&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6598239913552&frm=20&pv=2&ga_vid=1635670575.1639967645&ga_sid=1639967645&ga_hid=1469918645&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C31063910&oid=2&pvsid=3610696713539061&pem=603&tmod=597&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=319
Frame ID: FDF2847EE26EE8A90C5F6B2B4918109E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840554518587098&output=html&h=600&slotname=7529873956&adk=2030298515&adf=184740106&pi=t.ma~as.7529873956&w=120&lmt=1639967573&psa=0&format=120x600&url=http%3A%2F%2Fthenew.tcafe2a.com%2F&flash=0&wgl=1&dt=1639967644614&bpp=3&bdt=2212&idt=3&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6598239913552&frm=20&pv=1&ga_vid=1635670575.1639967645&ga_sid=1639967645&ga_hid=1469918645&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1230&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C31063910&oid=2&pvsid=3610696713539061&pem=603&tmod=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=GiKa3LUGSM&p=http%3A//thenew.tcafe2a.com&dtd=19
Frame ID: 1D05EBF86A45D05B61C929C40D95E1DB
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_cLFlQEwAQ&v=APEucNUFUhFhCw0JL8Z_mf32aUOhBclPwFDCVdrrrwPbLEMMUmvSezSmHI2-ad2SCQ0fpLqPj38XoXHGV5JX2BD1rYPlV72bsHrZI2jMllMg2Uc01Gd5Y082Vd-PAopaVuNP5hFROoRYNo0mB0c_5JL6Di0J9oiEQeb7HOPiuFgU9vPjwgQLYII
Frame ID: 6CFD9DBACF104D778B3225BC23F207C4
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6356F8324EA6581593945CC374CBA5CD
Requests: 3 HTTP requests in this frame

Frame: https://hal900021.redintelligence.net/request_content.php?s=90402500010848400710614011814021&a=bfc11432
Frame ID: 85E39EB8ED4F53CE0B0233638A038BE0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ECF90FBCB377A3550B0097C6F7AFC82F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 017836BA6E5FF1D58670A9F3EE64B949
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 802C0A7A388C3949A6B79145B4625BDB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tcafe2a

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

109
Requests

50 %
HTTPS

62 %
IPv6

21
Domains

28
Subdomains

24
IPs

6
Countries

45775 kB
Transfer

46887 kB
Size

21
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: http://tcafe2a.com/bbs/board.php?bo_table=free&wr_id=7242875
Title: 솔직히 이건... 일본이 부럽네요

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=free&wr_id=7242865
Title: 중동 무슬림 시청자들이 보고나서 도저히 이해할수 없었다는 장면

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=free&wr_id=7242862
Title: 자기 소개서는 이렇게 써야 한다네요

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=free&wr_id=7242857
Title: +1 실시간 아프리카TV 19금 방송

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=free&wr_id=7242856
Title: +1 ...제가 가장 선호하는 바디녀..jpg

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=free&wr_id=7242846
Title: 외국인으로서 독립유공자인 이 사람 ㄷㄷㄷ

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=free&wr_id=7242810
Title: +9 ㄷㄷㄷ 거의? 전신 타투녀..jpg(후방) ㄷㄷㄷ

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=mvtalk&wr_id=296634
Title: DC 티탄즈와 다른 드라마가 같이 세계관이 곂치나요?

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=free&wr_id=7242793
Title: +7 치킨 가격이 3만 원이 된 이유

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=free&wr_id=7242769
Title: +5 경축 화이자 두통 110일째, 흉통 7일째

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=c_travel&wr_id=1575809
Title: 12.20 1 각국 나라 골목 길

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=c_travel&wr_id=1575808
Title: 12.20 2 각국 나라 골목 길

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=c_travel&wr_id=1575807
Title: 12.20 3 각국 나라 골목 길

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=c_travel&wr_id=1575806
Title: 12.20 4 각국 나라 골목 길

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=c_travel&wr_id=1575805
Title: 12.20 5 각국 나라 골목 길

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=gametalk&wr_id=1503142
Title: 12.20 6 내일 에픽무료게임 예상

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=gametalk&wr_id=1503137
Title: +2 12.20 7 안녕하세요 플스커펌 질문드립니다

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=c_travel&wr_id=1575761
Title: 12.20 8 여행지사진

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=c_travel&wr_id=1575760
Title: 12.20 9 여행지사진

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=c_travel&wr_id=1575759
Title: 12.20 10 여행지사진

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=c_enter&wr_id=6543219
Title: 12.20 1 하지원

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=c_enter&wr_id=6543194
Title: 12.20 2 이엘리야 미모

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=c_enter&wr_id=6543165
Title: 12.20 3 조유리

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=c_enter&wr_id=6543141
Title: 12.20 4 김채원

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=c_enter&wr_id=6543124
Title: +1 12.20 5 초아 미모

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=c_enter&wr_id=6543053
Title: +1 12.20 6 트와이스 미나 Snowman

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=c_enter&wr_id=6543026
Title: +1 12.20 7 김민주 . GIF

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=c_enter&wr_id=6542988
Title: +1 12.20 8 박선영 아나운서 2

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=c_enter&wr_id=6542954
Title: +1 12.20 9 박선영 아나운서

Search URL Search Domain Scan URL

URL: http://tcafe2a.com/bbs/board.php?bo_table=c_enter&wr_id=6542922
Title: +2 12.20 10 강아랑 기상캐스터

Search URL Search Domain Scan URL

URL: http://www.tcafe2a.com/bbs/tag.php?q=%EB%8B%A4%ED%9D%91
Title: 76 다흑

Search URL Search Domain Scan URL

URL: http://www.tcafe2a.com/bbs/tag.php?q=%EB%8F%99%EB%AC%BC
Title: 1,171 동물

Search URL Search Domain Scan URL

URL: http://www.tcafe2a.com/bbs/tag.php?q=%EB%B0%80%EB%A6%AC%ED%84%B0%EB%A6%AC
Title: 264 밀리터리

Search URL Search Domain Scan URL

URL: http://www.tcafe2a.com/bbs/tag.php?q=%EC%9A%94%EB%A6%AC
Title: 5,577 요리

Search URL Search Domain Scan URL

URL: http://www.tcafe2a.com/bbs/tag.php?q=%ED%94%BC%EC%95%84%EC%A1%B8%EB%9D%BC
Title: 50 피아졸라

Search URL Search Domain Scan URL

URL: http://www.tcafe2a.com/bbs/tag.php?q=%EB%93%9C%EB%9F%BC
Title: 49 드럼

Search URL Search Domain Scan URL

URL: http://www.tcafe2a.com/bbs/tag.php?q=%EC%B9%9C%EC%B9%A0%EB%9D%BC
Title: 38 친칠라

Search URL Search Domain Scan URL

URL: http://www.tcafe2a.com/bbs/tag.php?q=%EB%AF%B8%EB%8B%88%ED%94%BC%EA%B7%B8
Title: 93 미니피그

Search URL Search Domain Scan URL

URL: http://www.tcafe2a.com/bbs/tag.php?q=%EC%97%AD%EC%82%AC
Title: 31 역사

Search URL Search Domain Scan URL

URL: http://www.tcafe2a.com/bbs/tag.php?q=%EC%A0%84%EC%9E%90%EB%B0%94%EC%9D%B4%EC%98%AC%EB%A6%B0
Title: 70 전자바이올린

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ_HATQUbRs1W9ClHfRdJQY&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ_HATQUbRs1W9ClHfRdJQY&google_cver=1&C=1

Request Chain 77

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yb-rncoAHq-3pcXvqxw23wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ_HATQUbRs1W9ClHfRdJQY&google_cver=1

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEH_R0yZ8gSmK-3kyULWAT7g&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH_R0yZ8gSmK-3kyULWAT7g%26google_cver%3D1

Request Chain 79

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUwMzM0MjgyMTU4MTQ4MDMwNQ%3D%3D

Request Chain 85

https://hal900021.redintelligence.net/request.php?zone=hkt11xxy1wui&nw=20&renderingType=javascript&namespace=575db73a5b&subid=&uid=95c7a240c919f602&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=120x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkHfpnOu_YZblJ96u7_UPuv-78A61zfmDV8zZuavlDPAuEAEglYPUcWCV-vCBjAfIAQmpAkhkDSZZ2rI-qAMBqgSHAk_QWaFddyc4KNuKLBr9JUveN-x7EVP__mxbl-wva5CmqbD8V4cC8aTRIBnhkMNfO468WoOcrZLsXFYXK3hWRlInlKCZg3wMv5TBu2fBTyQbiXwbfm4vKEM0E3e2NOli7-_A7XGdm8eM1kPgUQv1SC741t64ZP3ge2FuzF9Y5m0joQ3iw-qxtp7EGQxQ9opPxU7IaN026u5g7gGJB_JfO1vuNeBT_vlXAtFSLJ_Tvv-7PG2Z3kFCM0kBQzE6aFm8EMUh-OR6ov1PGi61Fkf_tUj5QDO9stMbvQXtKihIQQCwLs_YWsGAli9X3kkw26fY3d7IKhTN4hdhY8mWgQQi1F9QlI-Sy0DOwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRo_d_m-ltiz3NGcuY7B0yq_g%26sig%3DAOD64_3xd5LXewH6i6410PIt0-NfzSYivw%26client%3Dca-pub-6840554518587098%26dbm_c%3DAKAmf-DUALhlf5ptglv_80VlaFl0lRn4SL2DQvQ_uNsWSaTKrfrlibJDfhK9bHD2beqh-4bw1iaCXWbpcBN5J_JFpTkqYyQT87rSq9eIkAvzHN6x7J9BylQQR6h_wSYHyQSe5zu2bsh98_NDxoUElP-oq-ZCf_0j3Q%26cry%3D1%26dbm_d%3DAKAmf-B1plGZbResWomc6t_y-PqLr-FtgaNNN4C00sA71GKwjMQlNrPPESayw_Sksrh4aPrY8FWW6a4d94sL552cHVW2TEAFyXwVyqs-Z2RwA_w6uc3QscNj3GnqGWCv4fY8hRHuLYYOOI0WAxAf5NB7U_9S-KQZ3F8UH1_ZBcfwalJeQY-TaKq6B0LTQIbXCM441I0cDSJ4OHO4sMLCoWmXHHpTqukZGwEQdhB1oE150cLQqIttFoD0Lf5QNKEVxP5QsXgZkUFOojQcHweRNoSK0dbZuPrss1pdLTSxHYuU1yp0DZk2cY5793umDqx_pJNTJyDdPkU3QuFj24yiPtI8YB5rF9kzt4hztussHI5L6BS3Jfpp2LwD11uBXxGPFG9bqjTWWimn4ay4fmEFxj6l3f1l5hrItrX0810KMZsRieQzjT4hg1AFHdDQQpVtC005ZR5hFXB_%26adurl%3D&documentReferer=http%3A%2F%2Fthenew.tcafe2a.com%2F&ancestorOrigins=http%3A%2F%2Fthenew.tcafe2a.com&random=5808424599838&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900021.redintelligence.net/request.php?zone=hkt11xxy1wui&nw=20&renderingType=javascript&namespace=575db73a5b&subid=&uid=95c7a240c919f602&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=120x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkHfpnOu_YZblJ96u7_UPuv-78A61zfmDV8zZuavlDPAuEAEglYPUcWCV-vCBjAfIAQmpAkhkDSZZ2rI-qAMBqgSHAk_QWaFddyc4KNuKLBr9JUveN-x7EVP__mxbl-wva5CmqbD8V4cC8aTRIBnhkMNfO468WoOcrZLsXFYXK3hWRlInlKCZg3wMv5TBu2fBTyQbiXwbfm4vKEM0E3e2NOli7-_A7XGdm8eM1kPgUQv1SC741t64ZP3ge2FuzF9Y5m0joQ3iw-qxtp7EGQxQ9opPxU7IaN026u5g7gGJB_JfO1vuNeBT_vlXAtFSLJ_Tvv-7PG2Z3kFCM0kBQzE6aFm8EMUh-OR6ov1PGi61Fkf_tUj5QDO9stMbvQXtKihIQQCwLs_YWsGAli9X3kkw26fY3d7IKhTN4hdhY8mWgQQi1F9QlI-Sy0DOwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRo_d_m-ltiz3NGcuY7B0yq_g%26sig%3DAOD64_3xd5LXewH6i6410PIt0-NfzSYivw%26client%3Dca-pub-6840554518587098%26dbm_c%3DAKAmf-DUALhlf5ptglv_80VlaFl0lRn4SL2DQvQ_uNsWSaTKrfrlibJDfhK9bHD2beqh-4bw1iaCXWbpcBN5J_JFpTkqYyQT87rSq9eIkAvzHN6x7J9BylQQR6h_wSYHyQSe5zu2bsh98_NDxoUElP-oq-ZCf_0j3Q%26cry%3D1%26dbm_d%3DAKAmf-B1plGZbResWomc6t_y-PqLr-FtgaNNN4C00sA71GKwjMQlNrPPESayw_Sksrh4aPrY8FWW6a4d94sL552cHVW2TEAFyXwVyqs-Z2RwA_w6uc3QscNj3GnqGWCv4fY8hRHuLYYOOI0WAxAf5NB7U_9S-KQZ3F8UH1_ZBcfwalJeQY-TaKq6B0LTQIbXCM441I0cDSJ4OHO4sMLCoWmXHHpTqukZGwEQdhB1oE150cLQqIttFoD0Lf5QNKEVxP5QsXgZkUFOojQcHweRNoSK0dbZuPrss1pdLTSxHYuU1yp0DZk2cY5793umDqx_pJNTJyDdPkU3QuFj24yiPtI8YB5rF9kzt4hztussHI5L6BS3Jfpp2LwD11uBXxGPFG9bqjTWWimn4ay4fmEFxj6l3f1l5hrItrX0810KMZsRieQzjT4hg1AFHdDQQpVtC005ZR5hFXB_%26adurl%3D&documentReferer=http%3A%2F%2Fthenew.tcafe2a.com%2F&ancestorOrigins=http%3A%2F%2Fthenew.tcafe2a.com&random=5808424599838&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 92

https://d.agkn.com/pixel/2175/?google_gid=CAESELj3i3Gd1jZv_o2RNUBAfco&google_cver=1&google_push=AYg5qPIR1aarAT8YptwMC1WlXXWepwrYYO4VwBYAcpxjFq0GAhxABXT9Me2rOv39zESLuwZ7T2wMVJDT0SWAE1Fqf2PpufPI0sD4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIR1aarAT8YptwMC1WlXXWepwrYYO4VwBYAcpxjFq0GAhxABXT9Me2rOv39zESLuwZ7T2wMVJDT0SWAE1Fqf2PpufPI0sD4&google_hm=Q0FFU0VMajNpM0dkMWpadl9vMlJOVUJBZmNv

Request Chain 94

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAF0aBPUhr9Mie7cWZXpZIE&google_cver=1&google_push=AYg5qPITFS9-vx82wz1DFZxmGXY3_Ey3s9oMWw95ZYk3ahOhuZ97rD7zjnowyBMNaSqaci84cKbx2LvUI-fBPkKPExJkC9EmBmg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAF0aBPUhr9Mie7cWZXpZIE&google_cver=1&google_push=AYg5qPITFS9-vx82wz1DFZxmGXY3_Ey3s9oMWw95ZYk3ahOhuZ97rD7zjnowyBMNaSqaci84cKbx2LvUI-fBPkKPExJkC9EmBmg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3MUZH0MgRr-UnUHkSA8u2g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPITFS9-vx82wz1DFZxmGXY3_Ey3s9oMWw95ZYk3ahOhuZ97rD7zjnowyBMNaSqaci84cKbx2LvUI-fBPkKPExJkC9EmBmg

Request Chain 95

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJC2R3Lgd3MMcBwnQfzrkgo&google_cver=1&google_push=AYg5qPJzwXAFV9_MdbDxtUQ-Ehaj2K5A42ujR_FjyxYSvIpou7_LDGV2iqzwTbrqtK5mWiT6kIJSkqpcWTkKYaCnOUr56jTcttY2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hFMkU2NEMtMjUtNjU4Sw==&google_push=AYg5qPJzwXAFV9_MdbDxtUQ-Ehaj2K5A42ujR_FjyxYSvIpou7_LDGV2iqzwTbrqtK5mWiT6kIJSkqpcWTkKYaCnOUr56jTcttY2

Request Chain 96

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_cver=1&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih&google_cver=1

109 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
thenew.tcafe2a.com/ 162 KB
24 KB 457ms
431ms Document
text/html 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: a649651820ca0f2a769fd6610b7185ec09b19d0d4b27d81868a161541860a936

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Mon, 20 Dec 2021 02:34:02 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Expires: 0
Last-Modified: Mon, 20 Dec 2021 02:32:53 GMT
Cache-Control: pre-check=0, post-check=0, max-age=0
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bp6eWjn3PVrI6Tp5c50H2E81YdTYyIMgkwXksoCTmugR%2FqUYEBselX0p7VMK1Y3WCAovN%2BKLJs10JHyTj6LvSQNszpfnNWvGmoiMXSMl9ERd3ZRSmvzLmF7MiNKTMYfpVabOYVNHxcNxz8o7XA0DLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6c0578226ed10f6e-MXP
Content-Encoding: gzip

GET
H/1.1 200
OK default.css
thenew.tcafe2a.com/css/ 24 KB
5 KB 356ms
350ms Stylesheet
text/css 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/css/default.css?ver=20210106
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8972399d9f8eb3a960ee2654c797afd696766963a26c00701aff31cc258ba15c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:02 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 31 Dec 2020 21:54:56 GMT
Server: cloudflare
ETag: W/"5ef7-5b7c9ac9f8c00"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZU9z%2BvUo84DTcsVirdPVt137FBMttkafUDYxDT9M7MZQ9aMaRoRhbrK3WtLL69TM1O%2BKCSFg0JUjNJysciDp35PW8nxLQat7JO%2FouNT3v5j60jfnyQEhrryo42IgjG%2FT50xXm6bJIFKaB8djXfbFVw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c057825587b3313-CDG
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK apms.css
thenew.tcafe2a.com/css/ 77 KB
12 KB 372ms
366ms Stylesheet
text/css 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/css/apms.css?ver=180820
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb2f0aa6f3278df99747b59b7056bf210a5b0fc7dedf7e682467b8cb21fba77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:02 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 23 Jul 2020 04:23:20 GMT
Server: cloudflare
ETag: W/"132d4-5ab14375b9e00"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLCmen05LasSzKciVUPsCYpecNoVxBpvqpvAqpI9jiIwG6reJgkOpgGxOybLOCYypgjhafJn3ujzLUOlpvYIV5eNFeEo6yOlSXt9UDNDNb9uziRI2643TvP4XwJpa02JDWYlkwRC2AN%2BC0dutTQ75g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c05782548f959ef-MXP
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK bootstrap-apms.min.css
thenew.tcafe2a.com/thema/rt-first/assets/bs3/css/ 101 KB
18 KB 854ms
848ms Stylesheet
text/css 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/thema/rt-first/assets/bs3/css/bootstrap-apms.min.css
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4af766357875fa073683e141403faf5ee5b42ff7c32e5b79960f17e3f52c3b09

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:03 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 23 Sep 2020 10:20:46 GMT
Server: cloudflare
ETag: W/"193fb-5aff86fccdb80"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2Bc%2FKreshkYjkAXbaWpXhAtuTe3AAxNnoq14%2FpEP3b0SU7W4I7dJ70q%2B%2Fm%2B1hm9FKuBt%2BDT7f6UUcTXqNCoNbVyibpVAIvpAUEVuAM%2F3DK3cLeovaIPGBapb7f2BkIrVxT6fB%2FBd7OtkJgAnGusvDw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c0578254b820f62-MXP
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK themify-icons.css
thenew.tcafe2a.com/thema/rt-first/rt-first/misc/themify-icons/ 16 KB
3 KB 341ms
334ms Stylesheet
text/css 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/thema/rt-first/rt-first/misc/themify-icons/themify-icons.css
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8a90594cc8c2796c488059c7ee25ce6cc9de27c7ac359ee680b50a2bf438da6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:02 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 23 Sep 2020 10:21:04 GMT
Server: cloudflare
ETag: W/"4033-5aff870df8400"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2aV3gJqPHmUOYXaYNrDzoLk%2Flvv%2BkQK%2Buf%2Bfq8IdZNr9HjuWtUaMQYPu7dRMtTOZlh8pH2rLjPqBoKZILS4iWTr6L6cqWGLTfEzW%2B3y%2Frg8W6of9LnFAwWrDVV2sr4iFVEk2VVU7GF8MGhPgt3M9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c057825480932bc-CDG
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK colorset.css
thenew.tcafe2a.com/thema/rt-first/colorset/Basic/ 30 KB
6 KB 546ms
540ms Stylesheet
text/css 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/thema/rt-first/colorset/Basic/colorset.css?20210107
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cde4a9fab4c5dd31a96b36e89a83ce9c257d3dd695942c70f2bdce1a4a40489

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:02 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Mon, 02 Nov 2020 20:48:13 GMT
Server: cloudflare
ETag: W/"7758-5b325dd637d40"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNyU9iEYogwF0TgN7veeNRhwe%2F0yuuQ7sSPDTTk8BBx0VwSGy5tPkjwVxh%2FNsOMjtVy8f8olPI17TKTm8DSjOfRw%2FYDqsyR8xLrzffYpx3FC08lYDraWkE6Nsd%2FdBGb5X2S4EuSKG7zgv8qMW9ARkA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c0578254ad483a8-MXP
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK rt-first-common.css
thenew.tcafe2a.com/thema/rt-first/rt-first/css/ 31 KB
5 KB 677ms
336ms Stylesheet
text/css 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/thema/rt-first/rt-first/css/rt-first-common.css?20210111
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b45030f96320f1503af252ab0d39dd70ba0c10e4d9ab3ab47899bdf735d8c5ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:03 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Mon, 11 Jan 2021 07:31:20 GMT
Server: cloudflare
ETag: W/"7d4a-5b89ae4674200"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9SiOfPK8InNQoWi2A8v9kiMrFZ9BsrohJoWeiJVJ3yKI4w%2FteD59BOJWNDwaT2fC0fP57gf3KetDCBtD%2B1yxmjCGZppAJJ%2FNewT7qgxA%2FKwL2cft6q4ZA4YXmPbcXgsQL5jbwqtASW7JyY%2FRP20N7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c05782759a732bc-CDG
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK rt-first-update.css
thenew.tcafe2a.com/thema/rt-first/rt-first/css/ 17 B
719 B 687ms
332ms Stylesheet
text/css 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/thema/rt-first/rt-first/css/rt-first-update.css?20210106
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeda6f6208cf7226321ea4ff61ec9b93fde032d5dd25cff49a4941fbca6b2816

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:03 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 23 Sep 2020 10:19:09 GMT
Server: cloudflare
ETag: "11-5aff86a04c140"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Huuagd0xR8rRcwbBYHtS2uut%2FUP9pkSrRKkSYcQXuBtAud%2BrtRSzkw39HEyTG5iVAvXpgA%2BiKz8gquoHo6j5rTFvXNhg8%2B84WeCL586wSLv8%2FMfHygMHPY1O0wM49kZTTVdGO8WX5XbxQHDLMLoTPA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6c05782769973313-CDG
Content-Length: 17

GET
H/1.1 200
OK rt-first-custom.css
thenew.tcafe2a.com/thema/rt-first/rt-first/css/ 17 B
714 B 722ms
351ms Stylesheet
text/css 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/thema/rt-first/rt-first/css/rt-first-custom.css?20210106
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeda6f6208cf7226321ea4ff61ec9b93fde032d5dd25cff49a4941fbca6b2816

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:03 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 23 Sep 2020 10:19:08 GMT
Server: cloudflare
ETag: "11-5aff869f57f00"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCkhooSNHhjy8c6idDRZOXoi%2B%2BXcLRTxulVS3DuJU9QXVR1jh4yta0ubMfdYmlS%2BzNTHWZb61UJX%2F%2B8iJ9uf7%2FmL4dcJu32UCxFM5BEtDVyzJ7tzVde7PLvt6YVFga9RADqoEoXbo5ntOvtmIrVmAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6c0578278b5059ef-MXP
Content-Length: 17

GET
H/1.1 200
OK style.css
thenew.tcafe2a.com/skin/outlogin/newtcafe/ 3 KB
2 KB 806ms
345ms Stylesheet
text/css 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/skin/outlogin/newtcafe/style.css?20211220113253
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7478062c5e8339571a6ae1eec48dc7edba9e2c0b2962ead8e2e1f5743ef003ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:03 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 24 Sep 2020 10:02:13 GMT
Server: cloudflare
ETag: W/"c26-5b00c4b4d3340"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tV4KvS%2B2oYkd5BeOxKmi%2BeNYAs6B2Bi86nAFBR4CtCDojSej2ZEqlZnlN4ApWHpcGDkUeNCsU%2Bn41JAeO1I4337GDk7IUjCnjFleA4QEMR1N%2BlsX7PisXXzAlgp6d2y00AGFMZcg7sfgOrlQuqHN2g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c05782819ea0f6e-MXP
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK widget.css
thenew.tcafe2a.com/thema/rt-first/widget/miso-post-list/ 2 KB
1 KB 892ms
346ms Stylesheet
text/css 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/thema/rt-first/widget/miso-post-list/widget.css
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b4e1648db2aba557e6097d6b9a816e1f75e5603deb8c530fa21c93278bce487

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:03 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 17 Jan 2021 18:38:17 GMT
Server: cloudflare
ETag: W/"7b3-5b91ce8a67840"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQPN49T6eglZqDP12OmWoHi76IJkEqHtRnqKWjr1dVBOHKVSWOTfyQikUuOaGslEpulv5csQZoK1ZHANutSOQ27uOMZsP9uGTy1WvKtdqKWzDTjZSLyRbknNwXvNa0B%2F6cOcaXhnEhhhcIAZg92h5w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c0578289df083a8-MXP
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK widget.css
thenew.tcafe2a.com/thema/rt-first/widget/miso-tag-list/ 362 B
915 B 998ms
320ms Stylesheet
text/css 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/thema/rt-first/widget/miso-tag-list/widget.css?ver=180820
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dffb7a20884f53b92d7e2caaaeb53493b627abfc59c0d5c81e3f11a69cdb3d8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:03 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 23 Sep 2020 10:20:37 GMT
Server: cloudflare
ETag: W/"16a-5aff86f438740"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3wNPbisbpYcsnxs73uf%2FCPLxKoDwY0DxoVcANLXL9ebb5z6BNGoJqL%2BMOGAugxB5fIqqHMx4NzcaeI%2F6Gtb%2FtjEAE%2BQxFa0KMHolY73NBd2scCAUSoKU3S%2BSgLRXUYatuf6rQ8BjUv6WxpNGvLE3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c0578296aff32bc-CDG
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK widget.css
thenew.tcafe2a.com/thema/rt-first/widget/miso-sidebar/ 8 KB
3 KB 716ms
29ms Stylesheet
text/css 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/thema/rt-first/widget/miso-sidebar/widget.css
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a7d3003dd6cc75811dc57e142fc25d553d9a6703bfb2c08191b7aed56fa0344

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:03 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Sep 2020 10:20:30 GMT
Server: cloudflare
Age: 3649
ETag: W/"1f21-5aff86ed8b780"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2TSUoYItDw%2Bojedc2rKFCJ6TxHC4EkRS8eaBSxF6SuyaKmbYwveyA2LWhnpVpFyQsTooriVtx%2F91Cbq6WjWc5uMBLQYUy9qmAcpkaNPWSf6r5UY0MpPRrLNblQvY27LWCd4ydsjiuhTryTA%2Fh50dfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c0578297ad83313-CDG
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK style.css
thenew.tcafe2a.com/skin/social/ 10 KB
3 KB 1040ms
323ms Stylesheet
text/css 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/skin/social/style.css?ver=180820
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d6e1a2955ab529844a2913966d8b629c54a52cd8567032355eb85ad6c01f714

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:03 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 21 Jan 2021 16:07:58 GMT
Server: cloudflare
ETag: W/"2784-5b96b4670f380"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hadiOVm3ZwgVsCRaIa2hmzWX1SkzNb80DxdvVfmocfkPC6AcuvOV4ygwGh0YEvikCj3Hik%2BMLdzejUNkdxUQdN9xfd8O0UTOl4RXuVNAyU%2B%2BIDKPS4uc8dgbScMdKmP2o3se5T9IKbFGbTtRBcT6TA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c057829aaee3313-CDG
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK basic.css
thenew.tcafe2a.com/css/level/ 2 KB
1 KB 1074ms
352ms Stylesheet
text/css 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/css/level/basic.css?ver=180820
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa8c8958693d97e5212211e343045f51a449b4ff65cd347752e7061bf2ee008c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:03 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 23 Jul 2020 04:23:25 GMT
Server: cloudflare
ETag: W/"912-5ab1437a7e940"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJ2anWva77pVcX5%2BLOLe1of4NmknPtvD2N9yM%2BNCYiPYMpnX%2FCOULzFQgdqcVrXnfVqKx0R%2Fscf4Z77UCsfkZA0%2FlAB0BLxuH0z3ZXVJdSm11yDr6wroOoyutQRPD31sKs%2B3y1jUdNiDS%2BayLzI8%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c057829bd8559ef-MXP
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 52ms
31ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08d512c12a15885cb5b14be883fed3ef5b09c8195eb3c65daaa3724b46a4eae6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Mon, 20 Dec 2021 02:34:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 14732344547544812526
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 51862
X-XSS-Protection: 0
Expires: Mon, 20 Dec 2021 02:34:04 GMT

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
thenew.tcafe2a.com/js/ 94 KB
33 KB 1539ms
681ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/js/jquery-1.11.3.min.js
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:03 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 23 Jul 2020 04:24:16 GMT
Server: cloudflare
ETag: W/"176d5-5ab143ab21c00"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wN%2BJ4Dh5YCB7bK%2FjzNUJp49lSps7TXulDb03RjmoRBpvnLtaaQ5Nv2quOPXyW45Ljzag177grUYSu3K9pJWKZTGZerVe28qawDEzu%2BcsqNZMz3sqXqGMRUNPY3S8URqZ5XOonk2r26XYy2tF29qXUg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c05782a9e010f62-MXP
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK jquery-migrate-1.2.1.min.js Show response
thenew.tcafe2a.com/js/ 7 KB
4 KB 1243ms
351ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/js/jquery-migrate-1.2.1.min.js
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:03 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 23 Jul 2020 04:24:16 GMT
Server: cloudflare
ETag: W/"1c1f-5ab143ab21c00"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gTm5fUdNmcM1cncxMKfa5boQIbU4kDfUs6fBBfejtgEeiKISQ9QlPw1zmew%2Bn1ccTVQOtpT%2ByOEOmr%2FDx0CbFpYk9CHsH4e7ZZXkQ6RcwDVYodJF%2FbpFm1bvfbsJJMyBX%2F8cBOd6B6wkpeFMERXxw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c05782acfc283a8-MXP
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK lang.js Show response
thenew.tcafe2a.com/lang/korean/ 3 KB
2 KB 1318ms
321ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/lang/korean/lang.js?ver=180820
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f28639dc07afdde1de496894a3fccf10ad829a29c83dbd7fcad9af8e8963fd39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:03 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 23 Jul 2020 04:24:19 GMT
Server: cloudflare
ETag: W/"abd-5ab143adfe2c0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIBA8pvbQpYARtzN9dUgXsd0%2BRrQWb1k6OWCo4Xc5xTS9E5tj5FEVS1Y31500y277fA89GdrEu%2F2Xo1MrOZtWgpu5OXIyzI8cgW%2F6rYs8pT60ilEHb1SWA01dEakfIRb1M8n4KDa2jf2%2Fr4sR0m%2BzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c05782b7c5c32bc-CDG
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK common.js Show response
thenew.tcafe2a.com/js/ 20 KB
7 KB 1372ms
332ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/js/common.js?ver=20210106
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d0a6031ac60ee6b1d15ea9d927bbb8bc5180b01579be92cd043bb741d1676fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:03 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 08 Oct 2020 03:23:13 GMT
Server: cloudflare
ETag: W/"5014-5b1205a250a40"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1FskfiYaXrpXEVEo9ypJTpMm%2Bd3bNGrrnmuYBGUcpMYl0mNQ047qI9HIKZdcBKtH8djbCavZiTF7NAC44SslQGuUHyHKrBu5olvhXWTcvL4BHz5v199nZ%2BF1Eyjr3RoBLN6qMNJ4HpgdJzA6aNBHg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c05782bbc293313-CDG
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK wrest.js Show response
thenew.tcafe2a.com/js/ 11 KB
3 KB 1428ms
354ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/js/wrest.js?ver=180820
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04ce0a5208b5305f1cea20d2e424d0c8db27b62800f66bac532954e2f7084f36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:03 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 23 Jul 2020 04:24:17 GMT
Server: cloudflare
ETag: W/"2a27-5ab143ac15e40"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uo5XgLiDZKu0OJqDHoXuKW4XBRTlVmOULOCxoz0EQLQPodXVKuKd8%2BLC4Z2C6vchAHFc%2BQA1Pen9sa2W%2FIGD3xZ%2BEAsmCB2hD2xW646tyBlIQUkfyPxVB5ZXf8%2F8iCU2odRmNIKLV8O30rfcEjaqRg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c05782bef5959ef-MXP
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK placeholders.min.js Show response
thenew.tcafe2a.com/js/ 5 KB
3 KB 1590ms
347ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/js/placeholders.min.js
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 980b7c3657c19191a6eec108682f5d3dcb01c1c30a6ce4d379ab53db82549b13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:04 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Mon, 16 Sep 2019 02:39:25 GMT
Server: cloudflare
ETag: W/"13ef-592a283137140"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qxCxDywBVZcrnT%2BeTTdq47dNf8B%2FJQc5lOj6O4iJrQkTD8MTgAJ6c%2F5%2FScRArLKFM9LkvZmGL0Gnk3E3HJbJro%2BfYp5TyNyliUwvTS%2BeQftstQ%2BNc6sRUVhQWY2txoNGB%2F43cJzQywd%2FTKqh1huRA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c05782cf98e83a8-MXP
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK apms.js Show response
thenew.tcafe2a.com/js/ 18 KB
6 KB 1644ms
326ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/js/apms.js?ver=20210106
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3784ce956bd1a25b970cdf94d4aee382cd0b64440c957e6ac44c8def4a696ec3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:04 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Sun, 14 Feb 2021 20:04:53 GMT
Server: cloudflare
ETag: W/"4878-5bb5161e9a340"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSBllK9xeBNhD%2FD88GANQyV8G0sXPVW%2FuHXUz4%2Fj79xd7Sqz0wk3DYls%2FYivSaSwx6xaqnfq3Z0b0D5R%2FOSbObmXJR2wvDRjp2twhGiHDEwSdJ35cVJ1FrE0RWtAFhMfHr8fP3Cw8wxgphSlPuSPUA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c05782d7de332bc-CDG
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK font-awesome.min.css
thenew.tcafe2a.com/js/font-awesome/css/ 30 KB
7 KB 1319ms
514ms Stylesheet
text/css 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/js/font-awesome/css/font-awesome.min.css
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:03 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Mon, 16 Sep 2019 02:39:25 GMT
Server: cloudflare
ETag: W/"7918-592a283137140"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3q0r5b6YQMBubjhk8AitbfxTHszwodv7ZMuBR3IkqNIPWEpNVhfPZgiQK3c%2B6JnuXG6L8jeG39%2F%2BByQ77xOM7LaCrJqQspj2sdqjT%2BBV64uZkKRXWgHCgA3%2F89YQV%2F36Xv01f0cRuDxrIiBIlElsmg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c05782a3b2a0f6e-MXP
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK jquery.mobile.swipe.min.js Show response
thenew.tcafe2a.com/plugin/apms/js/ 8 KB
4 KB 1665ms
346ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/plugin/apms/js/jquery.mobile.swipe.min.js
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c2f6c5d5cd0fe0ecfa24b844f841c8a73d8baaafb827ec413afa41335aa1c47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:04 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Thu, 23 Jul 2020 04:24:39 GMT
Server: cloudflare
ETag: W/"1e68-5ab143c110fc0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvgv2i3BhCzKuQsBJtHoBs9Y3xkXnLpLQ8af2XKi7Ve%2Bu0DF7azAjpG7EtagozFsiy0WHqQ%2Fjw42C6UGa1%2FkSD1cBZhWH4tJFYZKmRqgfOzfg2kRK4hoSO5aApq7pOkk4IaoqSk6KDAAnzvUiESwUA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c05782d7ce80f6e-MXP
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK tcafe2_logo2_dark3.png
www.tcafe2a.com/ 6 KB
7 KB 64ms
40ms Image
image/png 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.tcafe2a.com/tcafe2_logo2_dark3.png
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba51ae4560976dcdce11ca289fb4d57e588ab5d199d3b7b6ee374b93b110af55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:04 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 13 Apr 2021 20:03:45 GMT
Server: cloudflare
Age: 3406
ETag: "18dc-5bfe020a7ca40"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQaK5zkVT4Y53ZMbbX1zh5pXmoTV%2BQd8D62E9rJp%2FxCkRC8NzbxY1CxuGB2A8R5BIThdcGD%2Fw7KxDDTOjICy23nXnRAUX8BMLkJH8Ao3ntUotuh7BBh%2FWoPQZtZTI7Ca6jRg8p%2FmMeEWOswI%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6c05782feeb359f5-MXP
Content-Length: 6364

GET
H/1.1 200
OK banner_ad_3.png
thenew.tcafe2a.com/ad/ 2 KB
2 KB 619ms
350ms Image
image/png 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thenew.tcafe2a.com/ad/banner_ad_3.png
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5265b438fdbc5b1fc090c7b0f049c20b39ddfaeb22cef3ed5abbc98f6c0062a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:04 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 03 Feb 2021 18:33:58 GMT
Server: cloudflare
ETag: "704-5ba72d483d180"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8YbMMQ%2FmKlwYtW3YMMh%2FkIgosob1zw8l9GNTy1oxxnhrqlpJWcxi%2B3idU91lqF1AexAsP332C0mZJt1P6cadT9aCrrCx1Iirun9D2UvsEDflU3%2BNuaR6z12Py5JbuMukOHh%2FYHU3pNlfXL0lhWtMg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6c057831de5a83a8-MXP
Content-Length: 1796

GET
H/1.1 200
OK widget.css
thenew.tcafe2a.com/thema/rt-first/widget/miso-post-gallery/ 3 KB
1 KB 343ms
343ms Stylesheet
text/css 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/thema/rt-first/widget/miso-post-gallery/widget.css?20211220113253
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49f979ac50b53b5d9cf8e02365a52be245aafaa57cd694601c8061fde7e0f7a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:04 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 23 Sep 2020 10:19:50 GMT
Server: cloudflare
ETag: W/"a22-5aff86c765d80"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NSieZ5ruKzAnvrSsANJxEbocWbt0AO0uWAV6h4R7UxRWk26ozAIj9kV1PE6W8Qss6zjj7KW0I%2BqfFfCJA8mea4fOj336XIQarKqwW0ZFENPZjilnsz0IAajxJ6I3BzumUmOe8dMnIraV%2Fp4pUom%2F%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c05782f8f5732bc-CDG
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H2 200 ec64420fc7d70c6982dac970219603dd_1639965916_5305.gif
i2.tcafe2a.com/211220/ 9 MB
9 MB 931ms
830ms Image
image/gif 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.tcafe2a.com/211220/ec64420fc7d70c6982dac970219603dd_1639965916_5305.gif
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e20b83377e31acd4eed2532daff6ffe651bea4115a750478ec8d79b1bcedad76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 02:34:05 GMT
cf-cache-status: MISS
last-modified: Mon, 20 Dec 2021 01:33:31 GMT
server: cloudflare
etag: "61bfdd6b-9709c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3luT2vmHVwoZhiDsXrumNS3ZiaUDXi2DVsIIQfQhkkO8QdtgygEgVZNoIS62%2B1wDF5kjd5Msu11zqk4hj5Y%2FqtcwZHA3yU9JPO2c1rjBJEPMXxwssEmpfJpa%2BU43Tcn08goVUDPsPaI%2F6PE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c0578304b805a13-MXP
content-length: 9898436
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cf57845b25349f95d8e843a5971201e7_1639965908_818.gif
i2.tcafe2a.com/211220/ 9 MB
9 MB 944ms
843ms Image
image/gif 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.tcafe2a.com/211220/cf57845b25349f95d8e843a5971201e7_1639965908_818.gif
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cb06b6f7287cc0b468136939c4bdb93c120b0c845876f026c7f6e521b3a1297

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 02:34:05 GMT
cf-cache-status: MISS
last-modified: Mon, 20 Dec 2021 01:33:23 GMT
server: cloudflare
etag: "61bfdd63-8edb23"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOQP%2FrgW%2BuOC7iJrOwkg4vLF%2FmfYA%2Bk49%2BIjdXDfJozThhsJn2Uyu3t9jXHK0vqwIzdCVdAXDlePvgAjYoK6PhKDZJlbzbaMvkloEsp0DwDTZIvZBonHvvlDuQSm5Puo4BjGCEEI6HHanSmI"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c0578304b815a13-MXP
content-length: 9362211
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK utxv-TRqwB8.jpg
www.tcafe2a.com/data/apms/video/youtube/ 31 KB
32 KB 535ms
529ms Image
image/jpeg 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.tcafe2a.com/data/apms/video/youtube/utxv-TRqwB8.jpg
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de3231bed0202b582dd5060c449ea8a18568a848b82291cda18359d11ccbd45c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:04 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 20 Dec 2021 01:56:27 GMT
Server: cloudflare
ETag: "7ba1-5d38a325fb450"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqhbE62fsCvYkx%2FCUt61n2uM76K75BXQOwt9RQkFoBOukxm3HwvV2MwcPDy3m3a7C1XuUaSHlQwV8CVJ1MO%2BR1%2BbP7uBSoEh5fsPuvTc0yT%2BWCD2WiX4GNVYa3Ouwteri12jdCgbTpluI2Wfbw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6c0578300ce383ac-MXP
Content-Length: 31649

GET
H/1.1 200
OK 3NUFTMI3FB0.jpg
www.tcafe2a.com/data/apms/video/youtube/ 29 KB
29 KB 24ms
24ms Image
image/jpeg 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.tcafe2a.com/data/apms/video/youtube/3NUFTMI3FB0.jpg
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c5ce38a7f4f8b7a75b97452642752b14fa874071433a09cc11d3d47d7585c57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:04 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1100
Connection: keep-alive
Content-Length: 29255
Last-Modified: Mon, 20 Dec 2021 01:56:06 GMT
Server: cloudflare
ETag: "7247-5d38a31235037"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2GrZu%2FSlWMBNVMq4D6wm%2FkwEeRf9SgvZ0XowLuM8J3Z3wy4vTiGe0p6XOasA9Nmm15T3sVdXm4L2PD61qN0j1gYqB6oJh9LtTUoqnfkKX0SdUET2d%2FEM4XSmnZbu4BWP8E8jGTRO2htZFiS8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6c0578300ee059f5-MXP
Cf-Bgj: h2pri

GET
H/1.1 200
OK 2890328443_XcgmtvKF_c254c9fac37d3aca0c30cbb4a5abc3204cd0fc55.jpg
tcafe2a.com/data/file/c_travel/ 85 KB
86 KB 724ms
700ms Image
image/jpeg 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tcafe2a.com/data/file/c_travel/2890328443_XcgmtvKF_c254c9fac37d3aca0c30cbb4a5abc3204cd0fc55.jpg
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 997ca00cbf25345baf66fd2f05ad81b755abbf7c7733ca330f741a54ce8a9def

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:04 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 20 Dec 2021 01:56:32 GMT
Server: cloudflare
ETag: "155b9-5d38a32a64aa0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtA0v5a07AI%2B%2FY2JGZMgMcowCybnzd5b9Br8rq6u%2BP7M%2F%2FGmr%2F95KFqEJyJMDuvRg3xRtRfcIx1gLgW8gqkNXElEpDVRlXqJlAsPMHW7%2FPNtIPQUPer%2FVY68PBB4kzsr0HZU8hFDEi2B"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6c0578304c6359b9-MXP
Content-Length: 87481

GET
H/1.1 200
OK 2890328421_3N9KEo6A_7f08a5698ce77b7847c8fbb1ab19e7b2ac6ee538.jpg
tcafe2a.com/data/file/c_travel/ 30 KB
31 KB 493ms
486ms Image
image/jpeg 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tcafe2a.com/data/file/c_travel/2890328421_3N9KEo6A_7f08a5698ce77b7847c8fbb1ab19e7b2ac6ee538.jpg
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78bb5879bf9b6421556fc9a8691d60448b64327107e46e0754b423ee146bfd8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:04 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 20 Dec 2021 01:55:16 GMT
Server: cloudflare
ETag: "790b-5d38a2e1c366d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0BriQRMw0KctIjE23t3C7flKakaYy4Z5yfNjT1Zncgga9vzodxi25lKe%2B6hbTx%2B474yNtFds7CQmPdh80kINQRU1LQUztHM5KjeAHKsi2SoqNYfZy3pZG22vpa99ixNWclZW%2FxKmuyb"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6c0578306ca20857-CDG
Content-Length: 30987

GET
H/1.1 200
OK aVnB1P_LtHc.jpg
www.tcafe2a.com/data/apms/video/youtube/ 12 KB
13 KB 355ms
354ms Image
image/jpeg 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.tcafe2a.com/data/apms/video/youtube/aVnB1P_LtHc.jpg
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec32be5f83fcb1eba2bacf2d57bd5997d4cd689a54b011b290d92dea532d3fc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:04 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 20 Dec 2021 01:52:55 GMT
Server: cloudflare
ETag: "31e3-5d38a25b614ce"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9BLy5vt%2Fr7zlM0tiUfnJMuxx5oesFeUnrn8U6IA1suynZ8aDgJSvSvFD%2FZ2KVs2s95nlkk8r9gLogJ5MsG8afNLvc%2BqdCaOq0aIEH6V8FgSz7RmvCzZbKMIaSmxQPPnPgDL5lQ5PDMzzUgnqHg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6c057831b85559f5-MXP
Content-Length: 12771

GET
H/1.1 200
OK 0_cNVhIjCQM.jpg
www.tcafe2a.com/data/apms/video/youtube/ 15 KB
16 KB 43ms
36ms Image
image/jpeg 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.tcafe2a.com/data/apms/video/youtube/0_cNVhIjCQM.jpg
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2830f3c3bf70796c09d8c56b421361dd1813bf178eba66d7b923bd8be99388c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:04 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1100
Connection: keep-alive
Content-Length: 15730
Last-Modified: Mon, 20 Dec 2021 01:52:29 GMT
Server: cloudflare
ETag: "3d72-5d38a242a7f44"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8gfZP8Aen2KBtQ0MEE%2FN6AD797oNqdHRyP67%2Fu6pvpQpGrpYDeFD2IlmqdWS47vo%2BUzKJgzlq4bx0NHZQ1OjVsFsW3fzMLVPOnCnQJh3ZAAsV3GQ1SIX316cJZ0n8NUf%2FSOkhPeeZOO%2FFZCOw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6c057831d84e5a19-MXP
Cf-Bgj: h2pri

GET
H2 200 719064f0bfc0df57c7d1f4a9c31b1f52_1639964868_3643.gif
i2.tcafe2a.com/211220/ 10 MB
10 MB 847ms
846ms Image
image/gif 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.tcafe2a.com/211220/719064f0bfc0df57c7d1f4a9c31b1f52_1639964868_3643.gif
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ab81cdab11b55ed38525dc8d833c82d9915cd2cb8dcfcbb9c84ca7c096cee3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 02:34:05 GMT
cf-cache-status: MISS
last-modified: Mon, 20 Dec 2021 01:16:03 GMT
server: cloudflare
etag: "61bfd953-9eadec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpzl7ojgQzVu%2BpDbW1%2B46lkmLrKVbF1a5FAbaYwhlAYrdhUynVbVVgx%2BjqnRvArDEo%2FoQ40GzpyxHM336mzdZj7FndlyZ9uKK1CnIfOQfCguna7DtlHf59T032gOZOU6SUKC4uDQOeHkhoZz"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c057831bcc05a13-MXP
content-length: 10399212
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6fea3a4e8a30a28f024bcf93e3562fab_1639964620_0122.gif
i2.tcafe2a.com/211220/ 6 MB
6 MB 840ms
839ms Image
image/gif 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.tcafe2a.com/211220/6fea3a4e8a30a28f024bcf93e3562fab_1639964620_0122.gif
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a6aa68d1fa244164588efd7b3d16fe1e407e3f9ef26e8a56b7a3792991bc9d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 02:34:05 GMT
cf-cache-status: MISS
last-modified: Mon, 20 Dec 2021 01:11:54 GMT
server: cloudflare
etag: "61bfd85a-5844d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdqyMiPBA45QoiIXefhFhtvTTOLKks6LomkHKrmGMe%2Bi9Tcvk0mw0aQ0w0a5jyDMZrnTWB3xZkYwGaE77AwbBSHyTEgb897h2TD4JBM2%2FvDZjSSravlrIOvuvqJ73LpMpWkowTPWQNtwHZIE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c057831bcc15a13-MXP
content-length: 5784786
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20b61e40eb4e203681e2f44188cf26be_1639962703_973.jpg
i2.tcafe2a.com/211220/ 907 KB
908 KB 833ms
832ms Image
image/jpeg 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.tcafe2a.com/211220/20b61e40eb4e203681e2f44188cf26be_1639962703_973.jpg
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71703b0739540d215a49e6fc4c7a8435f635dddb4827964125572cfe6e2b3a6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 02:34:05 GMT
cf-cache-status: MISS
last-modified: Mon, 20 Dec 2021 00:39:58 GMT
server: cloudflare
etag: "61bfd0de-e2c5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBSDMd5W8HJH3pLdST%2FDJe%2F08jpaSDfreMVXZ%2BrJfBcP83fB5GI%2FfrHeSIK8tuKzRrGntkCr%2FCjCumUvt7NaT7xJfvrMNv2I85nBdbxkQeVciT9BfXbuCKosNH0HtVLDEUmjWgJsJ%2B09NZQW"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c057831bcc25a13-MXP
content-length: 928862
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 95ae1364deec54c36e6e2719f417615c_1639962637_6156.gif
i2.tcafe2a.com/211220/ 8 MB
8 MB 839ms
839ms Image
image/gif 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.tcafe2a.com/211220/95ae1364deec54c36e6e2719f417615c_1639962637_6156.gif
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0104ec244157535265bbd30170c449e5bdb332e643e729978acd5d611e2a552

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 02:34:05 GMT
cf-cache-status: MISS
last-modified: Mon, 20 Dec 2021 00:38:52 GMT
server: cloudflare
etag: "61bfd09c-7f3a49"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmlmmTfNgCHQiJ5%2FsVkiqT%2BAnHoaNBE0Tc45X2b%2BiIyuWA%2FGUQ0V6c%2BIecf5rubpd1O9jGmKu4qvaOGDFMs3QNnuraQTKsIJZiHxbBDb%2BEDU%2FPeuXpg1U9Q1IAnCBBh3W5mFUePiMSh7VP%2FN"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c057831bcc35a13-MXP
content-length: 8337993
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1822619266_h5cVt9EY_b2a79bc9e54b7244d9473f6996e05ae87bc6c9e2.jpg
www.tcafe2a.com/data/file/c_heal/ 49 KB
50 KB 48ms
41ms Image
image/jpeg 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.tcafe2a.com/data/file/c_heal/1822619266_h5cVt9EY_b2a79bc9e54b7244d9473f6996e05ae87bc6c9e2.jpg
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fe7856dcea4fd8b22309f0a9b5971414ae50dd7e7aa649ee3bf00c65ad5da5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:04 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 1090
Connection: keep-alive
Content-Length: 49989
Last-Modified: Mon, 20 Dec 2021 00:22:59 GMT
Server: cloudflare
ETag: "c345-5d388e416d771"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcVfoMVQsAzbCwnhQAHAKeGpcyUXBvUO0oNBf%2BWEL87UiC2QaeHNUxYGQTI0UKLk7jN4IH3GCwA%2F2LSV6zFaGTOPWm2vKAYNSZ3VggBDNgLQXqB36fIa1xchmnXWQwK1Up%2F7n9f019SYxdVrkw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 6c057831ea455a25-MXP
Cf-Bgj: h2pri

GET
H/1.1 200
OK 1822619266_5lGITfLC_0b64eda28adba94e9a1f483d324e3dda10344b5b.jpg
www.tcafe2a.com/data/file/c_heal/ 111 KB
112 KB 701ms
693ms Image
image/jpeg 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.tcafe2a.com/data/file/c_heal/1822619266_5lGITfLC_0b64eda28adba94e9a1f483d324e3dda10344b5b.jpg
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09f68b4eb17b41c895d78b7505bc158fe8e79e3bf522115f9c51dfe0dbfd93b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:05 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 20 Dec 2021 00:22:42 GMT
Server: cloudflare
ETag: "1bd90-5d388e3151ee0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMjVIbAvskX7stMSLsrqdsCsYhHkFdwxdeKAH6RGlKOd0We8hykJcnscVPKBwXosQnRW8X4vzhjd5r6AkWNQEf%2BA1g3VVDIvok3vYZJaqOAqKAUIV80%2B4QV8XTFNRo1%2FPOW1%2Fnf0GDV45hDapg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6c057831effef933-MXP
Content-Length: 114064

GET
H2 200 ad8dfad09466d95b12135ac813598c55_1639952219_3774.jpg
i2.tcafe2a.com/211220/ 215 KB
216 KB 840ms
840ms Image
image/jpeg 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.tcafe2a.com/211220/ad8dfad09466d95b12135ac813598c55_1639952219_3774.jpg
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 153ac176f801cd48a59167084b836950eea648571d6168b577dfad85de51f9c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 02:34:05 GMT
cf-cache-status: MISS
last-modified: Sun, 19 Dec 2021 21:45:14 GMT
server: cloudflare
etag: "61bfa7ea-35d1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJFscu%2F9Uu%2B2AZcmwrtd73u4HiG0RV0h8m28KJxZGkpYiUnGCyomBOHupW7wAEtNEVBQjPCDvsahWnnhgBInqw4L8XJzig1fCYxnNZRAC0E8OWY660o%2FOyUW0%2BfzNobIorCcodV6PXTEC624"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c057831ccd05a13-MXP
content-length: 220445
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ad8dfad09466d95b12135ac813598c55_1639952197_1795.jpg
i2.tcafe2a.com/211220/ 721 KB
722 KB 839ms
839ms Image
image/jpeg 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.tcafe2a.com/211220/ad8dfad09466d95b12135ac813598c55_1639952197_1795.jpg
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcced8501087706cc161dfcaaf6e864276c827e859621657f0a26a5c9eec9d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 02:34:05 GMT
cf-cache-status: MISS
last-modified: Sun, 19 Dec 2021 21:44:52 GMT
server: cloudflare
etag: "61bfa7d4-b4458"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8oxxXvOTzEptQsZaMVO8R4B8MXTOCnDuQQnORJET2mapcNlg62tdoHMzsKavTbyRs%2BOWJeM5YKBSMqh%2Bt%2F6yZtjDbpcEWwFHjt%2F%2FEvlopBi59NTWC8uAqi1Qaig88MkmBuwFw%2Bm4FPTIiBrf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c057831ccd15a13-MXP
content-length: 738392
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK sidebar.js Show response
thenew.tcafe2a.com/thema/rt-first/widget/miso-sidebar/ 4 KB
2 KB 351ms
351ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/thema/rt-first/widget/miso-sidebar/sidebar.js
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf573597aea23b7bdb09e42dcdc7b54838cebfe1910c637cd33330446f7e6035

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:04 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 23 Sep 2020 10:20:29 GMT
Server: cloudflare
ETag: W/"1174-5aff86ec97540"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVjM7cQIdbzmRUwhu3Pq8TR2wtNwKqNlNoXIdPnhNjAI0EUDQUrUylRfdKqWP8eDucYeLVd%2FwtbOn10CKl2u%2FbMqCNm3hS9Ht%2B1cS9lzXhADyPQCrI5h9MzdDrVK5GY6xJr8eYa4iBYCxl0aviAXfA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c05782f9e3f0f6e-MXP
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK bootstrap.min.js Show response
thenew.tcafe2a.com/thema/rt-first/assets/bs3/js/ 31 KB
9 KB 353ms
353ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/thema/rt-first/assets/bs3/js/bootstrap.min.js
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:04 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 23 Sep 2020 10:20:55 GMT
Server: cloudflare
ETag: W/"7c4b-5aff870562fc0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhDkpmJvdUe4Wh%2Fnx%2BdqHAln5QJr7%2Fjw8XZEzfX2pN76EUFtlO6jNbnkwgR%2BxizX%2Fh4zX1iRpPzAx%2BVXTr8wiS6L%2BXXzuR2bWeMebHYtJhznoda5yAMulhkrXLlmW46AlMWEg0XUW1Fa3dckWYC9cg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c05782fac3383a8-MXP
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK sly.min.js Show response
thenew.tcafe2a.com/thema/rt-first/assets/js/ 18 KB
8 KB 516ms
515ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/thema/rt-first/assets/js/sly.min.js
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8dc09e4ddc3c326ef6341498e7e8e70af3a848713429b909be53c947b43da10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:04 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 23 Sep 2020 10:18:59 GMT
Server: cloudflare
ETag: W/"48de-5aff8696c2ac0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIwl6HvGFKQcVNnM19spSpWGbmbNaNEZ1YRQgfdNAlN%2FMQ3d8f%2BlYc1s1PxJtoZeDRNVj2MS7TWlfThMF1Gz7ze2dj%2BvbycgCzTZqftUCxsDFHVm56Bu64iumO6sh%2BAuSzxl5J8Uh0IxghqInTSfQA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c05782fa8390f62-MXP
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK custom.js Show response
thenew.tcafe2a.com/thema/rt-first/assets/js/ 5 KB
3 KB 349ms
348ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/thema/rt-first/assets/js/custom.js
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9436d1c1cfe022a2f8a94be49f4ce0b3456b4326a26b3ff7e5d4fd38799b4327

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:04 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 23 Sep 2020 10:18:58 GMT
Server: cloudflare
ETag: W/"13a7-5aff8695ce880"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvLw5C2RruCp4WVvqavAERpB%2FRq3X7u2oiPA0aM0HCGsPNA2U77fgp%2FVgCu4rn67WCRCXv34oHybZ4zwanmlKmvPf7Vm5xM47mHNDD6RbD7K1ZE4WxRRyuQQ7EJkcZVuxh7Eq67p9JVfF0wFUx8d4A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c05782faaff59ef-MXP
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK sticky.js Show response
thenew.tcafe2a.com/thema/rt-first/assets/js/ 4 KB
2 KB 331ms
329ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/thema/rt-first/assets/js/sticky.js
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e444d1682648a41af23f384c2141339689aee3466c97635b264b952d1b5c1cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:04 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 23 Sep 2020 10:18:59 GMT
Server: cloudflare
ETag: W/"1106-5aff8696c2ac0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9r%2BBp4Pefn1%2Fz2Nz0Wq7n3uFFXFnR0%2B27xfDt%2FyXvFUU62Wuc3q4f%2BSVWuyZ4%2BjuX7d%2FOLwpN%2F%2F2LY%2Fao2sx1EcYCRfIdlWRIQn166LGDVe9x305ga7OiN9FpRNY983MCZufGkKaJx33J1Odv73rw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c05782fae783313-CDG
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 50ms
23ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-122666392-1

Requested by

Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3cebef0285c67cfd0fa9eac7b1f1a42fc68865ce1fda49b1e726e78682fd8659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 02:34:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36192
x-xss-protection: 0
last-modified: Mon, 20 Dec 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Dec 2021 02:34:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,500,500italic,700,900,400italic,700italic

Requested by

Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/thema/rt-first/colorset/Basic/colorset.css?20210107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bfed40bd7ac9544c000cb5d67851dfb7526c4aad1e603c6998c7fc53ff40934b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Dec 2021 02:34:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 20 Dec 2021 02:34:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Dec 2021 02:34:03 GMT

GET
H/1.1 200
OK sns_gp_s.png
thenew.tcafe2a.com/skin/social/img/ 2 KB
2 KB 612ms
325ms Image
image/png 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thenew.tcafe2a.com/skin/social/img/sns_gp_s.png
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/skin/social/style.css?ver=180820
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feb5efe08c478e22f7bdd40516caeddb9727e11d1aaa7071c18caf686087c948

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/skin/social/style.css?ver=180820
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:04 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Thu, 21 Jan 2021 16:07:59 GMT
Server: cloudflare
ETag: "61a-5b96b468035c0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3B6e8tqdoN9%2FG2vGiHFhPfyEYC8TE2nL3O%2B%2BTMZRovUNpLLna0rOJyKgS%2BmExuGzoH1EjmjMttRhVCppigFezYJS2AzTnp7mQzAmK9wBge5MvhWqI2Wap6fEt1D95ZqwyEr0haanGQRuCtH6n0vdxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6c057831bf9b3313-CDG
Content-Length: 1562

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 97ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,500italic,700,900,400italic,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://thenew.tcafe2a.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:33:18 GMT
x-content-type-options: nosniff
age: 421246
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 05:33:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 93ms
15ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,500italic,700,900,400italic,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://thenew.tcafe2a.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 11:22:37 GMT
x-content-type-options: nosniff
age: 400287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 11:22:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 84ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,500italic,700,900,400italic,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://thenew.tcafe2a.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 20:07:55 GMT
x-content-type-options: nosniff
age: 455169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 20:07:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 79ms
13ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,500italic,700,900,400italic,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://thenew.tcafe2a.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 01:54:06 GMT
x-content-type-options: nosniff
age: 434398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 01:54:06 GMT

GET
H/1.1 200
OK icon_new.gif
thenew.tcafe2a.com/thema/rt-first/widget/miso-post-list/img/ 92 B
784 B 613ms
347ms Image
image/gif 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://thenew.tcafe2a.com/thema/rt-first/widget/miso-post-list/img/icon_new.gif
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/thema/rt-first/widget/miso-post-list/widget.css
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ae60c96048d5c10f7b525f5ad6daf855e35d97945b433f8b9163716ba73abd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/thema/rt-first/widget/miso-post-list/widget.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:04 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 23 Sep 2020 10:21:19 GMT
Server: cloudflare
ETag: "5c-5aff871c465c0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8x0GC%2BExdqGQKU8PyFB%2BL15JXAEzf4ZqhgP7NI4hUCEPtVnXzAesL7eBjeee2X0RwyzgSRVI9TXM7o2ybQW11COA4FGcvWMUa2xGPpG8PDd5S3embs4JZFON05xS30kDuTSitDG8h8wDX0B%2Bcp7oVw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6c057831dd0959ef-MXP
Content-Length: 92

GET
H/1.1 200
OK themify.woff
thenew.tcafe2a.com/thema/rt-first/rt-first/misc/themify-icons/fonts/ 55 KB
34 KB 592ms
326ms Font
application/font-woff 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/thema/rt-first/rt-first/misc/themify-icons/fonts/themify.woff?-fvbane
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/thema/rt-first/rt-first/misc/themify-icons/themify-icons.css
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

Request headers

Referer: http://thenew.tcafe2a.com/thema/rt-first/rt-first/misc/themify-icons/themify-icons.css
Origin: http://thenew.tcafe2a.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:04 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Last-Modified: Wed, 23 Sep 2020 10:21:43 GMT
Server: cloudflare
ETag: W/"db2c-5aff873329bc0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rE9RIUvEo6azvbRnk6UxOLWaCHKByRieoQ7IduwEI1Ze%2B8lS4WuioHE%2FKILjcycagSmHljGPgDb6NaL6%2BjlXE0SFD%2BHR4c2zQpaXwlehsA44IH50jWqPY0n26xOHPvYU6DmvuBt4PAfVwHljPA%2BHrA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/font-woff
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c057831a90d32bc-CDG
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 276 KB
100 KB 58ms
31ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6840554518587098&plah=thenew.tcafe2a.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 02:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101734
x-xss-protection: 0
server: cafe
etag: 4507154694380913909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 02:34:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 2C71 11 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 19 Dec 2021 18:37:20 GMT
expires: Sun, 02 Jan 2022 18:37:20 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 28604
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK fontawesome-webfont.woff2
thenew.tcafe2a.com/js/font-awesome/fonts/ 75 KB
76 KB 685ms
674ms Font
application/octet-stream 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://thenew.tcafe2a.com/js/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/js/font-awesome/css/font-awesome.min.css
Protocol: HTTP/1.1
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: http://thenew.tcafe2a.com/js/font-awesome/css/font-awesome.min.css
Origin: http://thenew.tcafe2a.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:05 GMT
CF-Cache-Status: MISS
Last-Modified: Mon, 16 Sep 2019 02:39:25 GMT
Server: cloudflare
ETag: "12d68-592a283137140"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nblb0nbxYITDj69cM5rZ7bdBYXMaPCrywr9Kwpp%2BMeJLa1yetjpEdFRXdrb7x4RoeaO543Pg8fmHLqr%2FIEV%2BNSBAA8EP4oDINPahrOnbOP%2BOBLhzQvfq5Sm9z649Vdx8IKaaHsxm1BL6vj9mXRMZIA%3D%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6c057831df5c0f6e-MXP
Content-Length: 77160

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
645 B 84ms
16ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=thenew.tcafe2a.com&callback=_gfp_s_&client=ca-pub-6840554518587098

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6840554518587098&plah=thenew.tcafe2a.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

7b8085c65fa5ed0b00658731d8de0d4205cb7a1050f0eb55c6abc99ab5cd3ce2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 02:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 38ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=thenew.tcafe2a.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 02:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 60ms
19ms Script
application/javascript 2a00:1450:400e:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=thenew.tcafe2a.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 02:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FDF2 0
188 B 71ms
70ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840554518587098&output=html&adk=1812271804&adf=3025194257&lmt=1639967573&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fthenew.tcafe2a.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1639967644225&bpp=2&bdt=1823&idt=303&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6598239913552&frm=20&pv=2&ga_vid=1635670575.1639967645&ga_sid=1639967645&ga_hid=1469918645&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C31063910&oid=2&pvsid=3610696713539061&pem=603&tmod=597&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=319

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 20 Dec 2021 02:34:04 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 20 Dec 2021 02:34:04 GMT
cache-control: private

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=thenew.tcafe2a.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 02:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
19ms Script
application/javascript 2a00:1450:400e:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=thenew.tcafe2a.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 02:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1D05 20 KB
10 KB 424ms
424ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840554518587098&output=html&h=600&slotname=7529873956&adk=2030298515&adf=184740106&pi=t.ma~as.7529873956&w=120&lmt=1639967573&psa=0&format=120x600&url=http%3A%2F%2Fthenew.tcafe2a.com%2F&flash=0&wgl=1&dt=1639967644614&bpp=3&bdt=2212&idt=3&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6598239913552&frm=20&pv=1&ga_vid=1635670575.1639967645&ga_sid=1639967645&ga_hid=1469918645&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1230&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C31063910&oid=2&pvsid=3610696713539061&pem=603&tmod=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=GiKa3LUGSM&p=http%3A//thenew.tcafe2a.com&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f15aec1732bc42ef3ecfeef62ee9b4eefdb084144fbb7309837d378aa7310645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 20 Dec 2021 02:34:05 GMT
server: cafe
content-length: 10566
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 20 Dec 2021 02:34:05 GMT
cache-control: private

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122666392-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5578
date: Mon, 20 Dec 2021 01:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 20 Dec 2021 03:01:06 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 29ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1469918645&t=pageview&_s=1&dl=http%3A%2F%2Fthenew.tcafe2a.com%2F&ul=en-us&de=UTF-8&dt=Tcafe2a&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=575816409&gjid=199982555&cid=1635670575.1639967645&tid=UA-122666392-1&_gid=1252279007.1639967645&_r=1&gtm=2ouc10&z=741433484

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://thenew.tcafe2a.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 02:34:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://thenew.tcafe2a.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D05 42 B
63 B 30ms
15ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DXY4Zim9IS_EDDAi3cekwJ5h1f4KzeWYcXI3qZqP6SgH2Rfz9GqzHxVznjYkZ7OZLLFWTHxw01PlewQsiDFpDORYLzz8glcZGLN8E9wH19Ret9Iuc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840554518587098&output=html&h=600&slotname=7529873956&adk=2030298515&adf=184740106&pi=t.ma~as.7529873956&w=120&lmt=1639967573&psa=0&format=120x600&url=http%3A%2F%2Fthenew.tcafe2a.com%2F&flash=0&wgl=1&dt=1639967644614&bpp=3&bdt=2212&idt=3&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6598239913552&frm=20&pv=1&ga_vid=1635670575.1639967645&ga_sid=1639967645&ga_hid=1469918645&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1230&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C31063910&oid=2&pvsid=3610696713539061&pem=603&tmod=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=GiKa3LUGSM&p=http%3A//thenew.tcafe2a.com&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 02:34:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1D05 2 KB
1 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 02:11:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 02:11:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1D05 119 KB
37 KB 46ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 02:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Dec 2021 02:34:05 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1D05 15 KB
7 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 02:17:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 02:17:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1D05 0
0 39ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRpEpnk2CTWbYDrqw_uAMi425dZEl4emu6u512znM77LujNePnJlJ1Wax6AGf6ykhYTLDHZw6ZQqcyAuR93OFiPkVhoqg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840554518587098&output=html&h=600&slotname=7529873956&adk=2030298515&adf=184740106&pi=t.ma~as.7529873956&w=120&lmt=1639967573&psa=0&format=120x600&url=http%3A%2F%2Fthenew.tcafe2a.com%2F&flash=0&wgl=1&dt=1639967644614&bpp=3&bdt=2212&idt=3&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6598239913552&frm=20&pv=1&ga_vid=1635670575.1639967645&ga_sid=1639967645&ga_hid=1469918645&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1230&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C31063910&oid=2&pvsid=3610696713539061&pem=603&tmod=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=GiKa3LUGSM&p=http%3A//thenew.tcafe2a.com&dtd=19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6CFD 624 B
297 B 17ms
17ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_cLFlQEwAQ&v=APEucNUFUhFhCw0JL8Z_mf32aUOhBclPwFDCVdrrrwPbLEMMUmvSezSmHI2-ad2SCQ0fpLqPj38XoXHGV5JX2BD1rYPlV72bsHrZI2jMllMg2Uc01Gd5Y082Vd-PAopaVuNP5hFROoRYNo0mB0c_5JL6Di0J9oiEQeb7HOPiuFgU9vPjwgQLYII

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840554518587098&output=html&h=600&slotname=7529873956&adk=2030298515&adf=184740106&pi=t.ma~as.7529873956&w=120&lmt=1639967573&psa=0&format=120x600&url=http%3A%2F%2Fthenew.tcafe2a.com%2F&flash=0&wgl=1&dt=1639967644614&bpp=3&bdt=2212&idt=3&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6598239913552&frm=20&pv=1&ga_vid=1635670575.1639967645&ga_sid=1639967645&ga_hid=1469918645&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1230&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C31063910&oid=2&pvsid=3610696713539061&pem=603&tmod=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=GiKa3LUGSM&p=http%3A//thenew.tcafe2a.com&dtd=19

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 20 Dec 2021 02:34:05 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1D05 24 KB
14 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AM0kmnW4gQrZbl3JxLn255xaYkwbQQFMy3Fcay1O6UmAEyhygPXoy5qnk7jFhtUJMKmcEbmFpal5blE4yyBOLVVe41SfT5F2J4CQ3s1t_LT94zvz3o3zsLRMLq18r5PiiVSMB2efAur0DpW9MlgTz0dyYzVA&cry=1&dbm_d=AKAmf-Dmm4pb8HHNshovdCy-MqhOXe6MJ3y5TGl7LWM671eN9eTOaln-kDRTdeLqgXLtAEM10slFjmZU_LFvvGGwTCrmMG9UKyeUi9WNVGhhk2N0WLBAVdm7YpBpIEbnVnBG7Q2UVoDV6_URnHy0hI9QOcgF9JN5cdb4UtJd-hLPcyy-8watC726dDdSKtSKhTpCQANcNHqiM6tAfzCH-Us-bYFN6IsJYuApOZdJxwTM-e3BUpamsy_h-wpUWTtEWxK5wvNEQD9zLc28fChpveuqK8WvXCJAGPkxx7ezEYCJYam6juoxfubkNVoZtTZOraTSVwieBCBodbWo2p_WXXD6urQAG6ryh9N2Dn6EE8MdZ7uah5JmsMBqQ-1_qV6YdmzmDcvPaIWcEFc2JfPJcbNNdvTs99TEi6kwtBstpfuXKDikkMS6PUzW0waeYy4Thj84lxa4shFIUaPGKyPHP8y3uxvk9jX48U0ddXCabUVoi6Hiv4wL8XUf3n5YtMJcGqYi6f5l7T3jirALAbvQkEtg8BgnC5jLVGlp9y06FqhB6VUTr4xlw5_b_Hynu1SAKSfzIuf4wc6jHDkZ5ZAMhVmMjW55XzMkVRhCCeNq2nzBTsuWhR8xNjcHtO2s8wcn3u22AfkRzW6l45BHlTGgpfWP-L8o1sbjG3zjgsdqz-13rzikTLctAnBLODCt8AKwoET-eSwgc1uBQ9cmwoL-AsX9Z3QrVxLq1FafYpZgNO4C0tIE6EfXv3T5sk0G91ldncBeEBVIEOlvpjyG84wpH3eJM9LRqVdMchjEPVrXZFCSflLJqqeToS_aLhJJqCNmoEhhlJLsIh7e28-gkYZXje5hS8zT_Tp7PsFU3hrhuwWcgr71dTqCzoSzIUiYA-Kbp7aCf5M0IhcItfj_-nKrLNjemM7KYso9pzETVtffpdaWkXD7dGEB6tY2kEc-eNULMzv4OjdCyIiRmpmPndTU1rtiZK5Qw2Rp9vbm2NXwkWbqnTcD7HJK2FTxLblLJTidbNg2497UBOhCAhHlluzz0ycT9X_-HPk8x1fy3BJtDvWz7DBuOgqa1O_0UGNc4010pqqq2uxNZMrHGobWwNIU1LR25HBqyc7AMbfjNt_I0d8mXoA6CdObKzkHBFHhChGjNuU_XweKonjldQOZhw-67x6WBRMhUVKIbJCtxsIYglKvE_GypTU59dh4asNweu8Z5kjVnUYIIF6A-DnCMwU0uR8f23mgwIemA1Jteloqtdf7y5Fa2i_AHRatYVBWQ7m52QUF1f4xZT0anL_Zmq_EyhlpV5uIS59fbd1YrNSgmyp8TiiAJTbBPH6dPoQT2FJGiR6ikP3z1ZpJyObotGw3A0Y4OHAk19bh6abYtcIfME_Zc76uKT7QMC5nMDeTfKudasQe11BWgYO1fB2UBM8CUPB14blla-g-zubPoPrUwyzDT0YhuKXXvVfGrzLguUHmZRL1xlViKbQ3Hq-UdFPuyQZtaTNYMdshQUT-dMtTVNxP_UEA2aKjarhPohxahquN3vrW929nnmhwdNtyJz8Rv7Ci39UyJ2aETjeVLmady6VP1oaWKLAUyMNQROxKpltJHq8pCtblV0i8Qk7RVg5FOCQsZixsiP_pgqpIGKH0S_CFPOxNYLES0V6od9U-dAZccaxJqlE3RTu33a38FlqYahgzdpKrrHY6fyzyhqosLDSzJ2Nh8PIm3Vz-7_iHM1tAYFZG1EZTfT9blidEOqQ7zieLqV-VoACqPvh_tVfZNQns62cndX7B13tE97-h6_UEKB3F_yQrKSk438pBLfrDYb4FjcBJERGD8CC6iW-1YaPMlrQTUClt3TPA12ev21RImaL15ji5oBROpQP9opza79GwjBKJS3vt2aPUT5ghBLnLse5RAMXH-ZJmsx5PGpKfrJMo7NNODxYx3MCewGdK7s-9130Tl-XjSwg5RxWXNd712OP2bMbPEsljZiit72mW8x1YPwzTEjUjzUJ8_tvaur9G09BFufkarrzaMP85s9pc1HfscW-cb9iO5Ipc-ib_dcEBFCTTQzl1z05EiTFgsseH0uKYvaoYZR-TWj_fFw2myg0OZ9HPW9_d-WvvIIOZoneBdJoPNeW2FzSAQsbmWSSFZxehh_0OJS1rJVhu6Kan_50CZMc0NquLeJJrwSpHIR13RERJM7CjhAyZn0ZUNG4OpCbGUyvSs-GBEcIKyg0oCZ6OqR1rQs71MmlqvyUFK1c9ZlrcEIXv8s9UuuLyKmlFdpvuqfv9pUHC_SHLxZD1rN6rjfcUdN8ur7Wg3OWXNQqxQZKHsAHsKb6OAv-VnKHtTFqSNs1a8T3uVDUkHUvsk319P35Q7J13IF6BCYKlOhO3qM2qBO46oPuFn0vvNWHPn9mEjFiH4iIDaOigUBByEodvuyt8gTr34zWA23yf9Qgu9_8KwNTPJOxyrrjMyhP09vQXAqPSOzZU4ZHi4ibN6QL3zQP5FXuhuIwCrldtgoEVaQ6RqpZA8aM49bF6mQmj_3LcdGImkpPr4w8RmsRbJgyCOm2oQkvZLteXwLePJ3UkW3OgiGIyW0mwuxxNCTzGcXn-kcdDhlBIaEn3lDqI72scWMcalx5eOeFfmRb233PLilT_BuqRx_VLz8my6ahZNEm6c_FUE2eYhzQ2co1mVCHk4BpL896EqrevSBRyFbvYE_nNxEvOqdU0AE6N-MiKPWZfeB71LmB90wRfUp8T1hCQcfcQbwXCzBMDjJM_vIWej0v8cPtwydja0T3DCfrg8m1fMyJ9LX96KtGpLjMw2oHYL0MaaAPYnkLf5J_9_i3G4mrAIponi6HTXCMVvcHTAcMN9DbszvGdfbl9rA219zHpQ6yzptJVxGqAtu1JwmBUfrsFVYOALarX7bjH5NOdC5OW453DU3l6JRUw1y43aB4hWTWdqZSnCUl97_xMY5B9LCa1VNod0UI3FIlmRAxJldFX8rjJMox7HzWuEkP4JMjQ2UVfzNISPwV0Jp6EYVXaLLLhe66zIUf2Fyv9pvivTuLKjOrNpTFhb4RUjZZPiakWRWMSCLprfb0Sl7BHb_YIQsYx0b89DKKOFOKVNWYrtWYujRbRG1NvajGvM_yjyqVyDEd22ZfJTtDoRdqF_WIKglZbSyRoKdOujTUR-TrnX_L3ow-DwdLrItnV-UfT9tEtfeXOAnJKybhy3wAWybDtI03JotRKbhPlvgpbwnZS83WZfUs6Bvva58jMRqFUSZ1gjwy4k9M-HKpbhky99abwNSuU5Gpn8Gp0bYQGxHb2kbGUJuzmAL1sAxe4DM0J8fm81C3u6qE&cid=CAASEuRo_d_m-ltiz3NGcuY7B0yq_g&rfl=1%2Chttp%253A%252F%252Fthenew.tcafe2a.com%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8adca71a664d488f73a477e10224bed0d3934c7ff3102f553b8ce6cbcb21e24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840554518587098&output=html&h=600&slotname=7529873956&adk=2030298515&adf=184740106&pi=t.ma~as.7529873956&w=120&lmt=1639967573&psa=0&format=120x600&url=http%3A%2F%2Fthenew.tcafe2a.com%2F&flash=0&wgl=1&dt=1639967644614&bpp=3&bdt=2212&idt=3&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6598239913552&frm=20&pv=1&ga_vid=1635670575.1639967645&ga_sid=1639967645&ga_hid=1469918645&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1230&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C31063910&oid=2&pvsid=3610696713539061&pem=603&tmod=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=GiKa3LUGSM&p=http%3A//thenew.tcafe2a.com&dtd=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 02:34:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14196
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6CFD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ_HATQUbRs1W9ClHfRdJQY&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ_HATQUbRs1W9ClHfRdJQY&google_cver=1&C=1

43 B
1014 B

27ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ_HATQUbRs1W9ClHfRdJQY&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_cLFlQEwAQ&v=APEucNUFUhFhCw0JL8Z_mf32aUOhBclPwFDCVdrrrwPbLEMMUmvSezSmHI2-ad2SCQ0fpLqPj38XoXHGV5JX2BD1rYPlV72bsHrZI2jMllMg2Uc01Gd5Y082Vd-PAopaVuNP5hFROoRYNo0mB0c_5JL6Di0J9oiEQeb7HOPiuFgU9vPjwgQLYII
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 02:34:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 20 Dec 2021 02:34:05 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 02:34:05 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ_HATQUbRs1W9ClHfRdJQY&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 20 Dec 2021 02:34:05 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6CFD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yb-rncoAHq-3pcXvqxw23wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ_HATQUbRs1W9ClHfRdJQY&google_cver=1

43 B
894 B

24ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ_HATQUbRs1W9ClHfRdJQY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_cLFlQEwAQ&v=APEucNUFUhFhCw0JL8Z_mf32aUOhBclPwFDCVdrrrwPbLEMMUmvSezSmHI2-ad2SCQ0fpLqPj38XoXHGV5JX2BD1rYPlV72bsHrZI2jMllMg2Uc01Gd5Y082Vd-PAopaVuNP5hFROoRYNo0mB0c_5JL6Di0J9oiEQeb7HOPiuFgU9vPjwgQLYII
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 02:34:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 20 Dec 2021 02:34:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Dec 2021 02:34:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ_HATQUbRs1W9ClHfRdJQY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 6CFD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEH_R0yZ8gSmK-3kyULWAT7g&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH_R0yZ8gSmK-3kyULWAT7g%26google_cver%3D1

43 B
1 KB

13ms
13ms

Image
image/gif

185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH_R0yZ8gSmK-3kyULWAT7g%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY_cLFlQEwAQ&v=APEucNUFUhFhCw0JL8Z_mf32aUOhBclPwFDCVdrrrwPbLEMMUmvSezSmHI2-ad2SCQ0fpLqPj38XoXHGV5JX2BD1rYPlV72bsHrZI2jMllMg2Uc01Gd5Y082Vd-PAopaVuNP5hFROoRYNo0mB0c_5JL6Di0J9oiEQeb7HOPiuFgU9vPjwgQLYII

Protocol

HTTP/1.1

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 02:34:05 GMT
X-Proxy-Origin: 194.36.108.22; 194.36.108.22; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: fbf2fda9-6f53-4307-8e1a-9ae4d7bffd1c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 02:34:05 GMT
X-Proxy-Origin: 194.36.108.22; 194.36.108.22; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6784ec36-3bf9-4f79-8dbf-ccbddc2f4b69
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEH_R0yZ8gSmK-3kyULWAT7g%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6CFD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUwMzM0MjgyMTU4MTQ4MDMwNQ%3D%3D

170 B
188 B

31ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUwMzM0MjgyMTU4MTQ4MDMwNQ%3D%3D

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 02:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 02:34:05 GMT
X-Proxy-Origin: 194.36.108.22; 194.36.108.22; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4ca8d2d4-7c04-4675-9ab1-70a7c96e3f42
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUwMzM0MjgyMTU4MTQ4MDMwNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 1D05 24 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AM0kmnW4gQrZbl3JxLn255xaYkwbQQFMy3Fcay1O6UmAEyhygPXoy5qnk7jFhtUJMKmcEbmFpal5blE4yyBOLVVe41SfT5F2J4CQ3s1t_LT94zvz3o3zsLRMLq18r5PiiVSMB2efAur0DpW9MlgTz0dyYzVA&cry=1&dbm_d=AKAmf-Dmm4pb8HHNshovdCy-MqhOXe6MJ3y5TGl7LWM671eN9eTOaln-kDRTdeLqgXLtAEM10slFjmZU_LFvvGGwTCrmMG9UKyeUi9WNVGhhk2N0WLBAVdm7YpBpIEbnVnBG7Q2UVoDV6_URnHy0hI9QOcgF9JN5cdb4UtJd-hLPcyy-8watC726dDdSKtSKhTpCQANcNHqiM6tAfzCH-Us-bYFN6IsJYuApOZdJxwTM-e3BUpamsy_h-wpUWTtEWxK5wvNEQD9zLc28fChpveuqK8WvXCJAGPkxx7ezEYCJYam6juoxfubkNVoZtTZOraTSVwieBCBodbWo2p_WXXD6urQAG6ryh9N2Dn6EE8MdZ7uah5JmsMBqQ-1_qV6YdmzmDcvPaIWcEFc2JfPJcbNNdvTs99TEi6kwtBstpfuXKDikkMS6PUzW0waeYy4Thj84lxa4shFIUaPGKyPHP8y3uxvk9jX48U0ddXCabUVoi6Hiv4wL8XUf3n5YtMJcGqYi6f5l7T3jirALAbvQkEtg8BgnC5jLVGlp9y06FqhB6VUTr4xlw5_b_Hynu1SAKSfzIuf4wc6jHDkZ5ZAMhVmMjW55XzMkVRhCCeNq2nzBTsuWhR8xNjcHtO2s8wcn3u22AfkRzW6l45BHlTGgpfWP-L8o1sbjG3zjgsdqz-13rzikTLctAnBLODCt8AKwoET-eSwgc1uBQ9cmwoL-AsX9Z3QrVxLq1FafYpZgNO4C0tIE6EfXv3T5sk0G91ldncBeEBVIEOlvpjyG84wpH3eJM9LRqVdMchjEPVrXZFCSflLJqqeToS_aLhJJqCNmoEhhlJLsIh7e28-gkYZXje5hS8zT_Tp7PsFU3hrhuwWcgr71dTqCzoSzIUiYA-Kbp7aCf5M0IhcItfj_-nKrLNjemM7KYso9pzETVtffpdaWkXD7dGEB6tY2kEc-eNULMzv4OjdCyIiRmpmPndTU1rtiZK5Qw2Rp9vbm2NXwkWbqnTcD7HJK2FTxLblLJTidbNg2497UBOhCAhHlluzz0ycT9X_-HPk8x1fy3BJtDvWz7DBuOgqa1O_0UGNc4010pqqq2uxNZMrHGobWwNIU1LR25HBqyc7AMbfjNt_I0d8mXoA6CdObKzkHBFHhChGjNuU_XweKonjldQOZhw-67x6WBRMhUVKIbJCtxsIYglKvE_GypTU59dh4asNweu8Z5kjVnUYIIF6A-DnCMwU0uR8f23mgwIemA1Jteloqtdf7y5Fa2i_AHRatYVBWQ7m52QUF1f4xZT0anL_Zmq_EyhlpV5uIS59fbd1YrNSgmyp8TiiAJTbBPH6dPoQT2FJGiR6ikP3z1ZpJyObotGw3A0Y4OHAk19bh6abYtcIfME_Zc76uKT7QMC5nMDeTfKudasQe11BWgYO1fB2UBM8CUPB14blla-g-zubPoPrUwyzDT0YhuKXXvVfGrzLguUHmZRL1xlViKbQ3Hq-UdFPuyQZtaTNYMdshQUT-dMtTVNxP_UEA2aKjarhPohxahquN3vrW929nnmhwdNtyJz8Rv7Ci39UyJ2aETjeVLmady6VP1oaWKLAUyMNQROxKpltJHq8pCtblV0i8Qk7RVg5FOCQsZixsiP_pgqpIGKH0S_CFPOxNYLES0V6od9U-dAZccaxJqlE3RTu33a38FlqYahgzdpKrrHY6fyzyhqosLDSzJ2Nh8PIm3Vz-7_iHM1tAYFZG1EZTfT9blidEOqQ7zieLqV-VoACqPvh_tVfZNQns62cndX7B13tE97-h6_UEKB3F_yQrKSk438pBLfrDYb4FjcBJERGD8CC6iW-1YaPMlrQTUClt3TPA12ev21RImaL15ji5oBROpQP9opza79GwjBKJS3vt2aPUT5ghBLnLse5RAMXH-ZJmsx5PGpKfrJMo7NNODxYx3MCewGdK7s-9130Tl-XjSwg5RxWXNd712OP2bMbPEsljZiit72mW8x1YPwzTEjUjzUJ8_tvaur9G09BFufkarrzaMP85s9pc1HfscW-cb9iO5Ipc-ib_dcEBFCTTQzl1z05EiTFgsseH0uKYvaoYZR-TWj_fFw2myg0OZ9HPW9_d-WvvIIOZoneBdJoPNeW2FzSAQsbmWSSFZxehh_0OJS1rJVhu6Kan_50CZMc0NquLeJJrwSpHIR13RERJM7CjhAyZn0ZUNG4OpCbGUyvSs-GBEcIKyg0oCZ6OqR1rQs71MmlqvyUFK1c9ZlrcEIXv8s9UuuLyKmlFdpvuqfv9pUHC_SHLxZD1rN6rjfcUdN8ur7Wg3OWXNQqxQZKHsAHsKb6OAv-VnKHtTFqSNs1a8T3uVDUkHUvsk319P35Q7J13IF6BCYKlOhO3qM2qBO46oPuFn0vvNWHPn9mEjFiH4iIDaOigUBByEodvuyt8gTr34zWA23yf9Qgu9_8KwNTPJOxyrrjMyhP09vQXAqPSOzZU4ZHi4ibN6QL3zQP5FXuhuIwCrldtgoEVaQ6RqpZA8aM49bF6mQmj_3LcdGImkpPr4w8RmsRbJgyCOm2oQkvZLteXwLePJ3UkW3OgiGIyW0mwuxxNCTzGcXn-kcdDhlBIaEn3lDqI72scWMcalx5eOeFfmRb233PLilT_BuqRx_VLz8my6ahZNEm6c_FUE2eYhzQ2co1mVCHk4BpL896EqrevSBRyFbvYE_nNxEvOqdU0AE6N-MiKPWZfeB71LmB90wRfUp8T1hCQcfcQbwXCzBMDjJM_vIWej0v8cPtwydja0T3DCfrg8m1fMyJ9LX96KtGpLjMw2oHYL0MaaAPYnkLf5J_9_i3G4mrAIponi6HTXCMVvcHTAcMN9DbszvGdfbl9rA219zHpQ6yzptJVxGqAtu1JwmBUfrsFVYOALarX7bjH5NOdC5OW453DU3l6JRUw1y43aB4hWTWdqZSnCUl97_xMY5B9LCa1VNod0UI3FIlmRAxJldFX8rjJMox7HzWuEkP4JMjQ2UVfzNISPwV0Jp6EYVXaLLLhe66zIUf2Fyv9pvivTuLKjOrNpTFhb4RUjZZPiakWRWMSCLprfb0Sl7BHb_YIQsYx0b89DKKOFOKVNWYrtWYujRbRG1NvajGvM_yjyqVyDEd22ZfJTtDoRdqF_WIKglZbSyRoKdOujTUR-TrnX_L3ow-DwdLrItnV-UfT9tEtfeXOAnJKybhy3wAWybDtI03JotRKbhPlvgpbwnZS83WZfUs6Bvva58jMRqFUSZ1gjwy4k9M-HKpbhky99abwNSuU5Gpn8Gp0bYQGxHb2kbGUJuzmAL1sAxe4DM0J8fm81C3u6qE&cid=CAASEuRo_d_m-ltiz3NGcuY7B0yq_g&rfl=1%2Chttp%253A%252F%252Fthenew.tcafe2a.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 02:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 02:31:43 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1D05 41 KB
15 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 09:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62226
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Dec 2022 09:16:59 GMT

GET
H/1.1 200
OK hkt11xxy1wui Show response
hal9000.redintelligence.net/zone/ Frame 1D05 11 KB
4 KB 69ms
13ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/hkt11xxy1wui?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkHfpnOu_YZblJ96u7_UPuv-78A61zfmDV8zZuavlDPAuEAEglYPUcWCV-vCBjAfIAQmpAkhkDSZZ2rI-qAMBqgSHAk_QWaFddyc4KNuKLBr9JUveN-x7EVP__mxbl-wva5CmqbD8V4cC8aTRIBnhkMNfO468WoOcrZLsXFYXK3hWRlInlKCZg3wMv5TBu2fBTyQbiXwbfm4vKEM0E3e2NOli7-_A7XGdm8eM1kPgUQv1SC741t64ZP3ge2FuzF9Y5m0joQ3iw-qxtp7EGQxQ9opPxU7IaN026u5g7gGJB_JfO1vuNeBT_vlXAtFSLJ_Tvv-7PG2Z3kFCM0kBQzE6aFm8EMUh-OR6ov1PGi61Fkf_tUj5QDO9stMbvQXtKihIQQCwLs_YWsGAli9X3kkw26fY3d7IKhTN4hdhY8mWgQQi1F9QlI-Sy0DOwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRo_d_m-ltiz3NGcuY7B0yq_g%26sig%3DAOD64_3xd5LXewH6i6410PIt0-NfzSYivw%26client%3Dca-pub-6840554518587098%26dbm_c%3DAKAmf-DUALhlf5ptglv_80VlaFl0lRn4SL2DQvQ_uNsWSaTKrfrlibJDfhK9bHD2beqh-4bw1iaCXWbpcBN5J_JFpTkqYyQT87rSq9eIkAvzHN6x7J9BylQQR6h_wSYHyQSe5zu2bsh98_NDxoUElP-oq-ZCf_0j3Q%26cry%3D1%26dbm_d%3DAKAmf-B1plGZbResWomc6t_y-PqLr-FtgaNNN4C00sA71GKwjMQlNrPPESayw_Sksrh4aPrY8FWW6a4d94sL552cHVW2TEAFyXwVyqs-Z2RwA_w6uc3QscNj3GnqGWCv4fY8hRHuLYYOOI0WAxAf5NB7U_9S-KQZ3F8UH1_ZBcfwalJeQY-TaKq6B0LTQIbXCM441I0cDSJ4OHO4sMLCoWmXHHpTqukZGwEQdhB1oE150cLQqIttFoD0Lf5QNKEVxP5QsXgZkUFOojQcHweRNoSK0dbZuPrss1pdLTSxHYuU1yp0DZk2cY5793umDqx_pJNTJyDdPkU3QuFj24yiPtI8YB5rF9kzt4hztussHI5L6BS3Jfpp2LwD11uBXxGPFG9bqjTWWimn4ay4fmEFxj6l3f1l5hrItrX0810KMZsRieQzjT4hg1AFHdDQQpVtC005ZR5hFXB_%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840554518587098&output=html&h=600&slotname=7529873956&adk=2030298515&adf=184740106&pi=t.ma~as.7529873956&w=120&lmt=1639967573&psa=0&format=120x600&url=http%3A%2F%2Fthenew.tcafe2a.com%2F&flash=0&wgl=1&dt=1639967644614&bpp=3&bdt=2212&idt=3&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6598239913552&frm=20&pv=1&ga_vid=1635670575.1639967645&ga_sid=1639967645&ga_hid=1469918645&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1230&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C31063910&oid=2&pvsid=3610696713539061&pem=603&tmod=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=GiKa3LUGSM&p=http%3A//thenew.tcafe2a.com&dtd=19
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 4247c965da717b075ae5c72eb76f5721dd64648123864da89550df3b1aecd0f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:05 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3928
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6356 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sun, 19 Dec 2021 09:16:59 GMT
expires: Mon, 19 Dec 2022 09:16:59 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 62226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 6356 35 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 18 Dec 2021 21:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Dec 2022 21:31:34 GMT

GET
H/1.1

200
OK

request.php Show response
hal900021.redintelligence.net/ Frame 1D05
Redirect Chain

https://hal900021.redintelligence.net/request.php?zone=hkt11xxy1wui&nw=20&renderingType=javascript&namespace=575db73a5b&subid=&uid=95c7a240c919f602&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900021.redintelligence.net/request.php?zone=hkt11xxy1wui&nw=20&renderingType=javascript&namespace=575db73a5b&subid=&uid=95c7a240c919f602&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
936 B

97ms
74ms

Script
application/x-javascript

144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request.php?zone=hkt11xxy1wui&nw=20&renderingType=javascript&namespace=575db73a5b&subid=&uid=95c7a240c919f602&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=120x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkHfpnOu_YZblJ96u7_UPuv-78A61zfmDV8zZuavlDPAuEAEglYPUcWCV-vCBjAfIAQmpAkhkDSZZ2rI-qAMBqgSHAk_QWaFddyc4KNuKLBr9JUveN-x7EVP__mxbl-wva5CmqbD8V4cC8aTRIBnhkMNfO468WoOcrZLsXFYXK3hWRlInlKCZg3wMv5TBu2fBTyQbiXwbfm4vKEM0E3e2NOli7-_A7XGdm8eM1kPgUQv1SC741t64ZP3ge2FuzF9Y5m0joQ3iw-qxtp7EGQxQ9opPxU7IaN026u5g7gGJB_JfO1vuNeBT_vlXAtFSLJ_Tvv-7PG2Z3kFCM0kBQzE6aFm8EMUh-OR6ov1PGi61Fkf_tUj5QDO9stMbvQXtKihIQQCwLs_YWsGAli9X3kkw26fY3d7IKhTN4hdhY8mWgQQi1F9QlI-Sy0DOwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRo_d_m-ltiz3NGcuY7B0yq_g%26sig%3DAOD64_3xd5LXewH6i6410PIt0-NfzSYivw%26client%3Dca-pub-6840554518587098%26dbm_c%3DAKAmf-DUALhlf5ptglv_80VlaFl0lRn4SL2DQvQ_uNsWSaTKrfrlibJDfhK9bHD2beqh-4bw1iaCXWbpcBN5J_JFpTkqYyQT87rSq9eIkAvzHN6x7J9BylQQR6h_wSYHyQSe5zu2bsh98_NDxoUElP-oq-ZCf_0j3Q%26cry%3D1%26dbm_d%3DAKAmf-B1plGZbResWomc6t_y-PqLr-FtgaNNN4C00sA71GKwjMQlNrPPESayw_Sksrh4aPrY8FWW6a4d94sL552cHVW2TEAFyXwVyqs-Z2RwA_w6uc3QscNj3GnqGWCv4fY8hRHuLYYOOI0WAxAf5NB7U_9S-KQZ3F8UH1_ZBcfwalJeQY-TaKq6B0LTQIbXCM441I0cDSJ4OHO4sMLCoWmXHHpTqukZGwEQdhB1oE150cLQqIttFoD0Lf5QNKEVxP5QsXgZkUFOojQcHweRNoSK0dbZuPrss1pdLTSxHYuU1yp0DZk2cY5793umDqx_pJNTJyDdPkU3QuFj24yiPtI8YB5rF9kzt4hztussHI5L6BS3Jfpp2LwD11uBXxGPFG9bqjTWWimn4ay4fmEFxj6l3f1l5hrItrX0810KMZsRieQzjT4hg1AFHdDQQpVtC005ZR5hFXB_%26adurl%3D&documentReferer=http%3A%2F%2Fthenew.tcafe2a.com%2F&ancestorOrigins=http%3A%2F%2Fthenew.tcafe2a.com&random=5808424599838&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840554518587098&output=html&h=600&slotname=7529873956&adk=2030298515&adf=184740106&pi=t.ma~as.7529873956&w=120&lmt=1639967573&psa=0&format=120x600&url=http%3A%2F%2Fthenew.tcafe2a.com%2F&flash=0&wgl=1&dt=1639967644614&bpp=3&bdt=2212&idt=3&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6598239913552&frm=20&pv=1&ga_vid=1635670575.1639967645&ga_sid=1639967645&ga_hid=1469918645&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1230&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C31063910&oid=2&pvsid=3610696713539061&pem=603&tmod=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=GiKa3LUGSM&p=http%3A//thenew.tcafe2a.com&dtd=19
Protocol: HTTP/1.1
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: ff6ca405a11a00110dbac63c8906fe87635525678da1f151b6ce76887deae04f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 02:34:05 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 90402500010848400710614011814021
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 330
Expires: Mon, 20 Dec 2021 02:34:05 +0100

Redirect headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 02:34:05 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=hkt11xxy1wui&nw=20&renderingType=javascript&namespace=575db73a5b&subid=&uid=95c7a240c919f602&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=120x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkHfpnOu_YZblJ96u7_UPuv-78A61zfmDV8zZuavlDPAuEAEglYPUcWCV-vCBjAfIAQmpAkhkDSZZ2rI-qAMBqgSHAk_QWaFddyc4KNuKLBr9JUveN-x7EVP__mxbl-wva5CmqbD8V4cC8aTRIBnhkMNfO468WoOcrZLsXFYXK3hWRlInlKCZg3wMv5TBu2fBTyQbiXwbfm4vKEM0E3e2NOli7-_A7XGdm8eM1kPgUQv1SC741t64ZP3ge2FuzF9Y5m0joQ3iw-qxtp7EGQxQ9opPxU7IaN026u5g7gGJB_JfO1vuNeBT_vlXAtFSLJ_Tvv-7PG2Z3kFCM0kBQzE6aFm8EMUh-OR6ov1PGi61Fkf_tUj5QDO9stMbvQXtKihIQQCwLs_YWsGAli9X3kkw26fY3d7IKhTN4hdhY8mWgQQi1F9QlI-Sy0DOwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRo_d_m-ltiz3NGcuY7B0yq_g%26sig%3DAOD64_3xd5LXewH6i6410PIt0-NfzSYivw%26client%3Dca-pub-6840554518587098%26dbm_c%3DAKAmf-DUALhlf5ptglv_80VlaFl0lRn4SL2DQvQ_uNsWSaTKrfrlibJDfhK9bHD2beqh-4bw1iaCXWbpcBN5J_JFpTkqYyQT87rSq9eIkAvzHN6x7J9BylQQR6h_wSYHyQSe5zu2bsh98_NDxoUElP-oq-ZCf_0j3Q%26cry%3D1%26dbm_d%3DAKAmf-B1plGZbResWomc6t_y-PqLr-FtgaNNN4C00sA71GKwjMQlNrPPESayw_Sksrh4aPrY8FWW6a4d94sL552cHVW2TEAFyXwVyqs-Z2RwA_w6uc3QscNj3GnqGWCv4fY8hRHuLYYOOI0WAxAf5NB7U_9S-KQZ3F8UH1_ZBcfwalJeQY-TaKq6B0LTQIbXCM441I0cDSJ4OHO4sMLCoWmXHHpTqukZGwEQdhB1oE150cLQqIttFoD0Lf5QNKEVxP5QsXgZkUFOojQcHweRNoSK0dbZuPrss1pdLTSxHYuU1yp0DZk2cY5793umDqx_pJNTJyDdPkU3QuFj24yiPtI8YB5rF9kzt4hztussHI5L6BS3Jfpp2LwD11uBXxGPFG9bqjTWWimn4ay4fmEFxj6l3f1l5hrItrX0810KMZsRieQzjT4hg1AFHdDQQpVtC005ZR5hFXB_%26adurl%3D&documentReferer=http%3A%2F%2Fthenew.tcafe2a.com%2F&ancestorOrigins=http%3A%2F%2Fthenew.tcafe2a.com&random=5808424599838&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 20 Dec 2021 02:34:05 +0100

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6356 0
20 B 20ms
20ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4RT3neu_YbLUBbXXx_AP-oWOmA4AAAAAOAHgBAI&bg=!JCelJ2PNAAZKWFskSlg7ACkAdvg8Wm6Nxa1PTfVJb95gBRolvKx7RhZEqZZZVH0ejl5zIVXrKZhKlAIAAAChUgAAAAxoAQeZAuK0BXFOvj41WEgt7ZxLCaGgjfK3nO1xTnWEQMU3wQdrz28fRRB6o58ju5tnPY1HLOvrxXKVqa4tD89Akq9Gua7igBUoccQ5kFT5nJ-SmVTQJBVuO4j9mBhUx5o3VYSWZ5QwaElbktBSdPEE8pXq6S0bDw75ukC4Gu5uO7rpPDzYxthAO8k_bZEWQn-EzhZPZPttragbgWkp6Zk53gkmziIOcL9NJTqymdxBTh3CA7eZA3eZCVnLv29-LtLyFW0-fNlAG7y4gcB76O1zvCHbQ_eUUymQaHM-zwTBzfm7jZqF5xkiicTJ_-MA3OgleFlGhJibtBUO0xu2BqtZYvuaxD3zGvKPMcTKDj1L5ACurjBtBsP6gKztba1OOgXxGDA3LfoZNGNUdaILwcydSnvMAJ9Sz4413xqpAVWQnP6wg57XPQnwqKOuKzLBm_LtYNEpbgC_eHqoDjI--CqclV3lOhdXoTX6DQkTKk5BbA0AZUp5F1mOD_5k2CGWtbbMey0APpcZzNClF0sLEBf6Y7M7v6FFYOdMchxO2RWvkF0QXbrNv16GH5hBuiGMJJ7e4fVsq2pm75fdQNsAGFDxMr3h71wU5jlUTTWFobav_AivbuJ2pdBZtabdMR8koIQNdmXYVo3a5y3lfwo37_e6bzgsDY_aGMxJppS-3nPJ1Iburl1VQ3awLW3EoQEFTMlHBCwKLqb1kTFBUSnfgrdcehDNq9YdDBF0ihtNMr3ohkfUGzc8YfvYhmF366EHLWbw17G41O2hQ10Ua53QdtgF0nBTsQ1rED8bCXdpNxQRyelJDvkevLPkNxBZFe10nGbbgvEhpxFZBZrvnSYLWsUN2DswRZ_1eRuBqFTFSw1jHySZqBJrTzleUmBqgte4u_baVxuliy0x0T3Uz3MElFKT9aKyBCO7AKDNGQObAGcAN2Ogc-D8aHQNapUyFm68EwTdpm3HiywuJ7_NDZxgwGywmGoZbqXqdQM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 02:34:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900021.redintelligence.net/ Frame 85E3 4 KB
2 KB 48ms
11ms Document
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/request_content.php?s=90402500010848400710614011814021&a=bfc11432
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request.php?zone=hkt11xxy1wui&nw=20&renderingType=javascript&namespace=575db73a5b&subid=&uid=95c7a240c919f602&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=120x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCkHfpnOu_YZblJ96u7_UPuv-78A61zfmDV8zZuavlDPAuEAEglYPUcWCV-vCBjAfIAQmpAkhkDSZZ2rI-qAMBqgSHAk_QWaFddyc4KNuKLBr9JUveN-x7EVP__mxbl-wva5CmqbD8V4cC8aTRIBnhkMNfO468WoOcrZLsXFYXK3hWRlInlKCZg3wMv5TBu2fBTyQbiXwbfm4vKEM0E3e2NOli7-_A7XGdm8eM1kPgUQv1SC741t64ZP3ge2FuzF9Y5m0joQ3iw-qxtp7EGQxQ9opPxU7IaN026u5g7gGJB_JfO1vuNeBT_vlXAtFSLJ_Tvv-7PG2Z3kFCM0kBQzE6aFm8EMUh-OR6ov1PGi61Fkf_tUj5QDO9stMbvQXtKihIQQCwLs_YWsGAli9X3kkw26fY3d7IKhTN4hdhY8mWgQQi1F9QlI-Sy0DOwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRo_d_m-ltiz3NGcuY7B0yq_g%26sig%3DAOD64_3xd5LXewH6i6410PIt0-NfzSYivw%26client%3Dca-pub-6840554518587098%26dbm_c%3DAKAmf-DUALhlf5ptglv_80VlaFl0lRn4SL2DQvQ_uNsWSaTKrfrlibJDfhK9bHD2beqh-4bw1iaCXWbpcBN5J_JFpTkqYyQT87rSq9eIkAvzHN6x7J9BylQQR6h_wSYHyQSe5zu2bsh98_NDxoUElP-oq-ZCf_0j3Q%26cry%3D1%26dbm_d%3DAKAmf-B1plGZbResWomc6t_y-PqLr-FtgaNNN4C00sA71GKwjMQlNrPPESayw_Sksrh4aPrY8FWW6a4d94sL552cHVW2TEAFyXwVyqs-Z2RwA_w6uc3QscNj3GnqGWCv4fY8hRHuLYYOOI0WAxAf5NB7U_9S-KQZ3F8UH1_ZBcfwalJeQY-TaKq6B0LTQIbXCM441I0cDSJ4OHO4sMLCoWmXHHpTqukZGwEQdhB1oE150cLQqIttFoD0Lf5QNKEVxP5QsXgZkUFOojQcHweRNoSK0dbZuPrss1pdLTSxHYuU1yp0DZk2cY5793umDqx_pJNTJyDdPkU3QuFj24yiPtI8YB5rF9kzt4hztussHI5L6BS3Jfpp2LwD11uBXxGPFG9bqjTWWimn4ay4fmEFxj6l3f1l5hrItrX0810KMZsRieQzjT4hg1AFHdDQQpVtC005ZR5hFXB_%26adurl%3D&documentReferer=http%3A%2F%2Fthenew.tcafe2a.com%2F&ancestorOrigins=http%3A%2F%2Fthenew.tcafe2a.com&random=5808424599838&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 683c73ac036f9ab78398a4ecaab49594b1285722ec5e18c084854666ed42decd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Mon, 20 Dec 2021 02:34:05 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 20 Dec 2021 02:34:05 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1535
Connection: close
Content-Type: text/html; charset=utf-8

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame ECF9 1 KB
749 B 23ms
23ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 19 Dec 2021 13:26:12 GMT
expires: Mon, 20 Dec 2021 13:26:12 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 47273
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1D05 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dedc2fe2f5e69dda84b84ea4b91c46f2766d566550ceb05bd0eb86494d4647bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 120x600-MSSTORE-Office2016-Launch%20(1).gif
cdn.contentspread.net/24i/advertiser/14265/creativesup/ Frame 85E3 12 KB
12 KB 53ms
18ms Image
image/gif 51.75.147.170
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/14265/creativesup/120x600-MSSTORE-Office2016-Launch%20(1).gif
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=90402500010848400710614011814021&a=bfc11432
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.75.147.170 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3133977.ip-51-75-147.eu
Software: nginx /
Resource Hash: 4e04a71539ed9c6225be00ff2d26cd88f3a3be36865b39b5a87518d944deaf62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:05 GMT
Last-Modified: Tue, 16 Feb 2016 09:19:17 GMT
Server: nginx
ETag: "56c2e995-2e02"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 11778

GET
H2 200 dpixel
cms.quantserve.com/ Frame ECF9 35 B
463 B 29ms
10ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBLF6ojd1mg14y_qvtATJNM&google_cver=1&google_push=AYg5qPLb_I__gcPN8AfgEQlGoR-5IX1igg3WXE6WcaQeYbj7f1CxWk_YoVu7pjHtVS2vcFk2t3gTXDwnIM0jL0MiUopRbfnI9UtM

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 02:34:05 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ECF9
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESELj3i3Gd1jZv_o2RNUBAfco&google_cver=1&google_push=AYg5qPIR1aarAT8YptwMC1WlXXWepwrYYO4VwBYAcpxjFq0GAhxABXT9Me2rOv39zESLuwZ7T2wMVJDT0SWAE1Fqf2PpufPI0sD4
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIR1aarAT8YptwMC1WlXXWepwrYYO4VwBYAcpxjFq0GAhxABXT9Me2rOv39zESLuwZ7T2wMVJDT0SWAE1Fqf2PpufPI0sD4&google_hm=Q0FFU0VMajNpM0dkMWpad...

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIR1aarAT8YptwMC1WlXXWepwrYYO4VwBYAcpxjFq0GAhxABXT9Me2rOv39zESLuwZ7T2wMVJDT0SWAE1Fqf2PpufPI0sD4&google_hm=Q0FFU0VMajNpM0dkMWpadl9vMlJOVUJBZmNv

Requested by

Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 02:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 02:34:05 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPIR1aarAT8YptwMC1WlXXWepwrYYO4VwBYAcpxjFq0GAhxABXT9Me2rOv39zESLuwZ7T2wMVJDT0SWAE1Fqf2PpufPI0sD4&google_hm=Q0FFU0VMajNpM0dkMWpadl9vMlJOVUJBZmNv
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame ECF9 43 B
350 B 39ms
17ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDm38XlODD06FZ-4QYGwZvw&google_cver=1&google_push=AYg5qPKdlEnJ3qCAntKlugXJEx-FnlGFmX47q9kVknF_qZNDhFE8tLDyF_qK61WHonsQuOdoEN8thRjLreDBBP75esaLlcnR7MM6
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840554518587098&output=html&h=600&slotname=7529873956&adk=2030298515&adf=184740106&pi=t.ma~as.7529873956&w=120&lmt=1639967573&psa=0&format=120x600&url=http%3A%2F%2Fthenew.tcafe2a.com%2F&flash=0&wgl=1&dt=1639967644614&bpp=3&bdt=2212&idt=3&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6598239913552&frm=20&pv=1&ga_vid=1635670575.1639967645&ga_sid=1639967645&ga_hid=1469918645&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1230&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C31063910&oid=2&pvsid=3610696713539061&pem=603&tmod=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=GiKa3LUGSM&p=http%3A//thenew.tcafe2a.com&dtd=19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 02:34:04 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: chatsqrgmcg1anckiei4rcgcpsbnoiju

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ECF9
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3MUZH0MgRr-UnUHkSA8u2g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3MUZH0MgRr-UnUHkSA8u2g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPITFS9-vx82wz1DFZxmGXY3_Ey3s9oMWw95ZYk3ahOhuZ97rD7zjnowyBMNaSqaci84cKbx2LvUI-fBPkKPExJkC9EmBmg

Requested by

Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 02:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3MUZH0MgRr-UnUHkSA8u2g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPITFS9-vx82wz1DFZxmGXY3_Ey3s9oMWw95ZYk3ahOhuZ97rD7zjnowyBMNaSqaci84cKbx2LvUI-fBPkKPExJkC9EmBmg
date: Mon, 20 Dec 2021 02:34:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ECF9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJC2R3Lgd3MMcBwnQfzrkgo&google_cver=1&google_push=AYg5qPJzwXAFV9_MdbDxtUQ-Ehaj2K5A42ujR_FjyxYSvIpou7_LDGV2iqzwTbrqtK5mWiT6kIJ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hFMkU2NEMtMjUtNjU4Sw==&google_push=AYg5qPJzwXAFV9_MdbDxtUQ-Ehaj2K5A42ujR_FjyxYSvIpou7_LDGV2iqzwTbrqtK5mWiT6kIJSkqpcWTkKYaCnOUr56jTcttY2

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hFMkU2NEMtMjUtNjU4Sw==&google_push=AYg5qPJzwXAFV9_MdbDxtUQ-Ehaj2K5A42ujR_FjyxYSvIpou7_LDGV2iqzwTbrqtK5mWiT6kIJSkqpcWTkKYaCnOUr56jTcttY2

Requested by

Host: thenew.tcafe2a.com
URL: http://thenew.tcafe2a.com/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 02:34:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1hFMkU2NEMtMjUtNjU4Sw==&google_push=AYg5qPJzwXAFV9_MdbDxtUQ-Ehaj2K5A42ujR_FjyxYSvIpou7_LDGV2iqzwTbrqtK5mWiT6kIJSkqpcWTkKYaCnOUr56jTcttY2
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 03d4828e33e22cf7b4098c5a68746480
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame ECF9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame ECF9 43 B
296 B 403ms
21ms Image
image/gif 2a05:d01c:1d8:8100:f72f:72e8:49ba:7270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEEGSq9CdgnzdjtztP7U_pSA&google_cver=1&google_push=AYg5qPLSEvLyIsFKoBPhAai9hhN0rYnGzUfZ5cR-ADRcyuW995t17w_CQ-l7qsnrwAOZlo_xl-zwCvKgw-9-LKS1P3M25GmRSro
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6840554518587098&output=html&h=600&slotname=7529873956&adk=2030298515&adf=184740106&pi=t.ma~as.7529873956&w=120&lmt=1639967573&psa=0&format=120x600&url=http%3A%2F%2Fthenew.tcafe2a.com%2F&flash=0&wgl=1&dt=1639967644614&bpp=3&bdt=2212&idt=3&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6598239913552&frm=20&pv=1&ga_vid=1635670575.1639967645&ga_sid=1639967645&ga_hid=1469918645&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1230&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C31063910&oid=2&pvsid=3610696713539061&pem=603&tmod=597&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=GiKa3LUGSM&p=http%3A//thenew.tcafe2a.com&dtd=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:f72f:72e8:49ba:7270 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 02:34:05 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame ECF9 0
12 B 15ms
15ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KpB7BRYh25_YKXJ2Lckj8Bbk8dQ8NGMCALlmXtNrXB1hp9qfIazUPk3_bhUcUrnQot4Hn-

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 02:34:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK viewability Show response
hal900021.redintelligence.net/ Frame 85E3 0
150 B 37ms
14ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/viewability?s=90402500010848400710614011814021&a=f8081ae1&vb=m
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=90402500010848400710614011814021&a=bfc11432
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/request_content.php?s=90402500010848400710614011814021&a=bfc11432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:05 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 85E3 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1D05 42 B
64 B 33ms
18ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOnApeivuHCrc7xGjSYTYdx462lM0pF3INXOUl-8aHo-5zW_284k_REqalSSXvtBUmzgZB6qvLFJ1nun_DT6kk1K_VthFZ_Loyhzr_&sai=AMfl-YQs_wu8JEFTwhE6yjI4GvpF_EBp2u7YvHqpX3HIyf5C_2Hy6iNkvVw3HLWBCDKTnJuZdk632VH4kGHYPpiHEgDDm_EMTnD0KiQ&sig=Cg0ArKJSzGxz32oyMWRMEAE&cid=CAASEuRo_d_m-ltiz3NGcuY7B0yq_g&id=lidar2&mcvt=1000&p=0,0,600,120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2030298515&rs=2&la=0&cr=0&vs=4&r=v&rst=1639967644635&rpt=811&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 02:34:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900021.redintelligence.net/ Frame 85E3 0
150 B 75ms
18ms Script
text/html 144.76.238.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900021.redintelligence.net/viewability?s=90402500010848400710614011814021&a=f8081ae1&vb=v
Requested by: Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=90402500010848400710614011814021&a=bfc11432
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.238.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.238.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900021.redintelligence.net/request_content.php?s=90402500010848400710614011814021&a=bfc11432
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 02:34:06 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 20ms
20ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2069d65c9c09d1de207b65aeca4fb20afa931c3c82ee1dfb9daeb7ada5d7a640

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 02:34:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8584
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 02:34:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Mon, 20 Dec 2021 02:34:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0178 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Sun, 19 Dec 2021 22:00:02 GMT
expires: Mon, 19 Dec 2022 22:00:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16445
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 802C 783 B
535 B 42ms
18ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eb2a7bbfd84ad7bd248bf7996eebf9c67d32463f55651ba4d71412952bd0c52d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YBgFhYa/IWBR0tOJXjsU2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 20 Dec 2021 02:34:07 GMT
date: Mon, 20 Dec 2021 02:34:07 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-YBgFhYa/IWBR0tOJXjsU2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 0178 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 18 Dec 2021 21:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Dec 2022 21:31:34 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 802C 0
0 17ms
16ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=3610696713539061&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 17ms
16ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=3610696713539061&bg=!VFelVxPNAAZKWFskSlg7ACkAdvg8WokarwgwSlalPMwnu9zKD1jbYvPOodP3PM1n4a3vXLyzCEBT3wIAAABaUgAAAAloAQeZAqulTO1Wzr2tWOapa66y9kfzHR9myV8z33PUTbRTlxvgd6HejETBqDCa-L98pNEf8UpSqTFELKoGJrDDE5yBo0ceLq3WOZG_4Sc62qe8cQBreIn9JAjF-m5Ts5e9NvaraXo7jRG-WHZ3Rwk6KPAggXpiZTi06iokFIpGUE_HAAaYwYGjUVG4tfGpVRMYYcjJ2rd37Vcb6FuPJHVjDXgMDkNi2KV7sFrXAtJeISetE86oAnEr5D3fE_s_ff_znuOotXq815duLsEz5Q3K-KiaQgPVqDZLYc90vnYyzEGMbUygrwdfoKixEsuh-CogAtQLkfgTMdXlkoDuUQIisM2wizCwTFowgERAz0H2RWgI5e6bvN7hLGcGgSAtZ5Ai5lJ4aabuCs0-nvfW2AlENCRkj_7Srg-efBw9J3evoYln2AHVzOhoHxxU2NNkeQwyqeHPNbFmVxKsYA5VzUQgaB0Q2As9pUh0mWRj8qxqURr5bhN3e6vOCm3s7Q9c1JVZQTayov5CrrCqf8TNr9F5I7_a9C1fDzUJ7q096L5CsjhhXx8RbMhrnfLX7phVapMzVAWsV7L7jAnhm8gno8WsoHL-phi3G8AHr1yE3omSaoyPNVhyOOJBMXcjuXeu3ZCBuwBOaN7T5jsaGw-pHf_9MPzgcLc-brAOzzsXyYRXxQTbaJ8caPgG87mKduiXGUrh_HMUajpM7j1FOBhYBeumCJ3YI0ebVRmk3Hto-Tw_IYkYiJ7hKsNQYH53tYcBNZIB8N8pW4DSMWRx5zFPY3MCAKWRzbAieWnIyFgDy1YapN5YSwMv_n7s5ffUyfdQmmHk1AXMs6eOmqxZftCDaHucw50QK2j598tpOa1nqcugmJoO8oTg33kYnCDuTOdNG3HdmZyjcLUEyHqVXgQe8t5H7g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://thenew.tcafe2a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 02:34:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih&google_cver=1

Verdicts & Comments Add Verdict or Comment

188 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tcafe2a.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1403pb07igsa0f415nsiskpr03
.tcafe2a.com/	1970-01-20 08:54:23	Name: __gads Value: ID=e813e354085bf7d0-2298a4ff09cd0038:T=1639967644:RT=1639967644:S=ALNI_Ma0HH8J9KPfucYWFuM6GlPn02QcFA
.tcafe2a.com/	1970-01-20 17:03:59	Name: _ga Value: GA1.2.1635670575.1639967645
.tcafe2a.com/	1970-01-19 23:34:14	Name: _gid Value: GA1.2.1252279007.1639967645
.tcafe2a.com/	1970-01-19 23:32:47	Name: _gat_gtag_UA_122666392_1 Value: 1
.doubleclick.net/	1970-01-20 08:54:23	Name: IDE Value: AHWqTUnDUq_xH1HQ7FtraLLPv2D-KFTVBl8nsKJ-xX_y5JTuovyqSTsdBfJQ5JbGLhI
.casalemedia.com/	1970-01-20 01:42:23	Name: CMPS Value: 5223
.adnxs.com/	1970-01-20 01:42:23	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU$mBh1o!]tbPl1M>e)ZlrFUfJ+tGXxo3M$u]-T]Xs?^1UVK'MYNa:>BCb#r.jx-RIIbpRzqF1`b_o4*/q6s
.adnxs.com/	1970-01-20 01:42:23	Name: uuid2 Value: 7943542437534247101
.casalemedia.com/	1970-01-19 23:34:14	Name: CMST Value: Yb-rnWG-650A
.casalemedia.com/	1970-01-20 08:18:23	Name: CMID Value: Yb-rncoAHq-3pcXvqxw24QAA
.casalemedia.com/	1970-01-20 01:42:23	Name: CMPRO Value: 1178
.casalemedia.com/	1970-01-20 08:18:23	Name: CMRUM3 Value: 2d61bfeb9d2760CAESEJ_HATQUbRs1W9ClHfRdJQY
.redintelligence.net/	1970-01-20 01:42:23	Name: 8lcfmzhxc8d6_uid Value: f6da98168e1f05d0
.quantserve.com/	1970-01-20 01:42:23	Name: d Value: ED0BCQGAJYEA
.quantserve.com/	1970-01-20 09:03:02	Name: mc Value: 61bfeb9d-7a179-a4ffe-8e905
.pubmatic.com/	1970-01-19 23:34:14	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 01:42:23	Name: KADUSERCOOKIE Value: DCC5191F-4320-46BF-949D-41E4480F2EDA
.agkn.com/	1970-01-20 08:18:23	Name: ab Value: 0001%3ALpmgI%2BHYi5TMzfZZt%2FGpiQC5OaYWzNl5
.agkn.com/	1970-01-20 08:18:23	Name: u Value: C\|0CEApUqgdKVKoHQAAAAAAAQ13AQCAAQpAAAAAAA
.innovid.com/	1970-01-20 01:42:23	Name: uuid Value: 3f38e217-7b65-4bb2-9fd3-1e1e98ec5c0f-20211219 21:34:05

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yb_rncoAHq_3pcXvqxw24QAABJoAAAIB&google_gid=CAESEErV4qbTneAnV2bCn0fF3HA&google_push=AYg5qPJ5YEcebW5G_sFhH9dCtJMY6QaG7q9SnX0L9_WsqSpfkuE4BnrNyM3PWLNV1Jy0VvbIZ7erWWVrsmNw1AYUTISMYtqpIkih&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
cdn.contentspread.net
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900021.redintelligence.net
i2.tcafe2a.com
ib.adnxs.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
tcafe2a.com
thenew.tcafe2a.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.tcafe2a.com
cm.g.doubleclick.net
138.201.84.252
142.250.185.66
144.76.238.55
18.196.159.27
185.33.221.89
185.64.190.78
2.18.234.21
2606:4700:20::681a:a19
2606:4700:20::681a:b19
2606:4700:20::ac43:49e4
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:801::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2002
2a00:1450:400e:80c::2002
2a05:d01c:1d8:8100:f72f:72e8:49ba:7270
35.186.253.211
51.75.147.170
8.43.72.98
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
04ce0a5208b5305f1cea20d2e424d0c8db27b62800f66bac532954e2f7084f36
08d512c12a15885cb5b14be883fed3ef5b09c8195eb3c65daaa3724b46a4eae6
09f68b4eb17b41c895d78b7505bc158fe8e79e3bf522115f9c51dfe0dbfd93b9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
0e444d1682648a41af23f384c2141339689aee3466c97635b264b952d1b5c1cd
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
153ac176f801cd48a59167084b836950eea648571d6168b577dfad85de51f9c8
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
2069d65c9c09d1de207b65aeca4fb20afa931c3c82ee1dfb9daeb7ada5d7a640
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
2830f3c3bf70796c09d8c56b421361dd1813bf178eba66d7b923bd8be99388c1
2ab81cdab11b55ed38525dc8d833c82d9915cd2cb8dcfcbb9c84ca7c096cee3c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b4e1648db2aba557e6097d6b9a816e1f75e5603deb8c530fa21c93278bce487
2cde4a9fab4c5dd31a96b36e89a83ce9c257d3dd695942c70f2bdce1a4a40489
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3784ce956bd1a25b970cdf94d4aee382cd0b64440c957e6ac44c8def4a696ec3
3a6aa68d1fa244164588efd7b3d16fe1e407e3f9ef26e8a56b7a3792991bc9d6
3cebef0285c67cfd0fa9eac7b1f1a42fc68865ce1fda49b1e726e78682fd8659
3fe7856dcea4fd8b22309f0a9b5971414ae50dd7e7aa649ee3bf00c65ad5da5e
4247c965da717b075ae5c72eb76f5721dd64648123864da89550df3b1aecd0f1
49f979ac50b53b5d9cf8e02365a52be245aafaa57cd694601c8061fde7e0f7a0
4a7d3003dd6cc75811dc57e142fc25d553d9a6703bfb2c08191b7aed56fa0344
4af766357875fa073683e141403faf5ee5b42ff7c32e5b79960f17e3f52c3b09
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e04a71539ed9c6225be00ff2d26cd88f3a3be36865b39b5a87518d944deaf62
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fcced8501087706cc161dfcaaf6e864276c827e859621657f0a26a5c9eec9d9
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c2f6c5d5cd0fe0ecfa24b844f841c8a73d8baaafb827ec413afa41335aa1c47
5c5ce38a7f4f8b7a75b97452642752b14fa874071433a09cc11d3d47d7585c57
5d6e1a2955ab529844a2913966d8b629c54a52cd8567032355eb85ad6c01f714
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
683c73ac036f9ab78398a4ecaab49594b1285722ec5e18c084854666ed42decd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb06b6f7287cc0b468136939c4bdb93c120b0c845876f026c7f6e521b3a1297
71703b0739540d215a49e6fc4c7a8435f635dddb4827964125572cfe6e2b3a6d
7478062c5e8339571a6ae1eec48dc7edba9e2c0b2962ead8e2e1f5743ef003ae
78bb5879bf9b6421556fc9a8691d60448b64327107e46e0754b423ee146bfd8e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b8085c65fa5ed0b00658731d8de0d4205cb7a1050f0eb55c6abc99ab5cd3ce2
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8972399d9f8eb3a960ee2654c797afd696766963a26c00701aff31cc258ba15c
8d0a6031ac60ee6b1d15ea9d927bbb8bc5180b01579be92cd043bb741d1676fd
9436d1c1cfe022a2f8a94be49f4ce0b3456b4326a26b3ff7e5d4fd38799b4327
980b7c3657c19191a6eec108682f5d3dcb01c1c30a6ce4d379ab53db82549b13
997ca00cbf25345baf66fd2f05ad81b755abbf7c7733ca330f741a54ce8a9def
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ae60c96048d5c10f7b525f5ad6daf855e35d97945b433f8b9163716ba73abd2
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a649651820ca0f2a769fd6610b7185ec09b19d0d4b27d81868a161541860a936
aa8c8958693d97e5212211e343045f51a449b4ff65cd347752e7061bf2ee008c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b45030f96320f1503af252ab0d39dd70ba0c10e4d9ab3ab47899bdf735d8c5ae
ba51ae4560976dcdce11ca289fb4d57e588ab5d199d3b7b6ee374b93b110af55
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bfed40bd7ac9544c000cb5d67851dfb7526c4aad1e603c6998c7fc53ff40934b
c8adca71a664d488f73a477e10224bed0d3934c7ff3102f553b8ce6cbcb21e24
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf573597aea23b7bdb09e42dcdc7b54838cebfe1910c637cd33330446f7e6035
d0104ec244157535265bbd30170c449e5bdb332e643e729978acd5d611e2a552
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
de3231bed0202b582dd5060c449ea8a18568a848b82291cda18359d11ccbd45c
dedc2fe2f5e69dda84b84ea4b91c46f2766d566550ceb05bd0eb86494d4647bf
dffb7a20884f53b92d7e2caaaeb53493b627abfc59c0d5c81e3f11a69cdb3d8a
e20b83377e31acd4eed2532daff6ffe651bea4115a750478ec8d79b1bcedad76
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a90594cc8c2796c488059c7ee25ce6cc9de27c7ac359ee680b50a2bf438da6
e8dc09e4ddc3c326ef6341498e7e8e70af3a848713429b909be53c947b43da10
eb2a7bbfd84ad7bd248bf7996eebf9c67d32463f55651ba4d71412952bd0c52d
ec32be5f83fcb1eba2bacf2d57bd5997d4cd689a54b011b290d92dea532d3fc2
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
eeb2f0aa6f3278df99747b59b7056bf210a5b0fc7dedf7e682467b8cb21fba77
eeda6f6208cf7226321ea4ff61ec9b93fde032d5dd25cff49a4941fbca6b2816
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15aec1732bc42ef3ecfeef62ee9b4eefdb084144fbb7309837d378aa7310645
f28639dc07afdde1de496894a3fccf10ad829a29c83dbd7fcad9af8e8963fd39
f5265b438fdbc5b1fc090c7b0f049c20b39ddfaeb22cef3ed5abbc98f6c0062a
feb5efe08c478e22f7bdd40516caeddb9727e11d1aaa7071c18caf686087c948
ff6ca405a11a00110dbac63c8906fe87635525678da1f151b6ce76887deae04f
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

thenew.tcafe2a.com Open in urlscan Pro 2606:4700:20::ac43:49e4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

109 Requests

50 %HTTPS

62 %IPv6

21 Domains

28 Subdomains

24 IPs

6 Countries

45775 kBTransfer

46887 kBSize

21 Cookies

40 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

thenew.tcafe2a.com Open in urlscan Pro
2606:4700:20::ac43:49e4 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

50 %
HTTPS

62 %
IPv6

21
Domains

28
Subdomains

24
IPs

6
Countries

45775 kB
Transfer

46887 kB
Size

21
Cookies

109 HTTP transactions
2 data transactions