114117.com Open in urlscan Pro
104.244.99.125 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://114117.com/
Effective URL:
https://114117.com/
Submission: On December 13 via api (December 13th 2023, 8:40:55 am UTC) from US — Scanned from DE

Summary HTTP 175 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 17 domains to perform 175 HTTP transactions. The main IP is 104.244.99.125, located in United States and belongs to FC2-INC-2, US. The main domain is 114117.com.
TLS certificate: Issued by R3 on October 23rd 2023. Valid for: 3 months.

This is the only time 114117.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	104.244.99.125 104.244.99.125	63210 (FC2-INC-2) (FC2-INC-2)
34	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 16	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	85.14.248.71 85.14.248.71	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
6 8	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
4 8	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	142.250.110.155 142.250.110.155	15169 (GOOGLE) (GOOGLE)
2 4	63.33.159.19 63.33.159.19	16509 (AMAZON-02) (AMAZON-02)
26	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
1	104.18.36.54 104.18.36.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
4	2600:9000:212... 2600:9000:2127:ca00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2600:1f13:800... 2600:1f13:800:7781:5f9f:1259:c76c:3ebc	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400f::a	15169 (GOOGLE) (GOOGLE)
175	28

10 104.244.99.125 (United States) 1 redirects

ASN63210 (FC2-INC-2, US)

114117.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.71 (Neukirchen-Vluyn, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

tagm.tchibo.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.2 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.36.155 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.171.85 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.110.155 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: wf-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.33.159.19 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-159-19.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.54 (None, )

ASN13335 (CLOUDFLARENET, US)

vast.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2127:ca00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:1f13:800:7781:5f9f:1259:c76c:3ebc (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400f::a (Ireland)

ASN15169 (GOOGLE, US)

r5---sn-5goeenes.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	745 KB
30	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 bid.g.doubleclick.net — Cisco Umbrella Rank: 840 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515 ad.doubleclick.net — Cisco Umbrella Rank: 139	265 KB
29	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 300 gcdn.2mdn.net — Cisco Umbrella Rank: 1193 r5---sn-5goeenes.c.2mdn.net	330 KB
20	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 900 static.adsafeprotected.com — Cisco Umbrella Rank: 602 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	204 KB
10	114117.com 1 redirects 114117.com	366 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	5 KB
8	gstatic.com www.gstatic.com csi.gstatic.com	17 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	5 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 487	138 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	57 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	257 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	295 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	145 KB
1	doubleverify.com vast.doubleverify.com — Cisco Umbrella Rank: 1706	4 KB
1	tchibo.de tagm.tchibo.de — Cisco Umbrella Rank: 49136	1023 B
175	17

	Domain	Requested by
34	pagead2.googlesyndication.com	114117.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
26	s0.2mdn.net	114117.com s0.2mdn.net
26	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com 114117.com tpc.googlesyndication.com imasdk.googleapis.com
16	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net 114117.com
12	dt.adsafeprotected.com	googleads.g.doubleclick.net
10	114117.com	1 redirects 114117.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	csi.gstatic.com	imasdk.googleapis.com
4	static.adsafeprotected.com	googleads.g.doubleclick.net
4	cdnjs.cloudflare.com	s0.2mdn.net
4	googleads4.g.doubleclick.net	114117.com
4	fw.adsafeprotected.com	2 redirects 114117.com
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net 114117.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
2	r5---sn-5goeenes.c.2mdn.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	www.googleadservices.com	googleads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	114117.com www.googletagmanager.com
1	gcdn.2mdn.net	1 redirects
1	ad.doubleclick.net	imasdk.googleapis.com
1	vast.doubleverify.com	imasdk.googleapis.com
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	tagm.tchibo.de	googleads.g.doubleclick.net
175	28

This site contains no links.

Subject Issuer	Validity	Valid
114117.com R3	`2023-10-23` - `2024-01-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tagm.tchibo.de GeoTrust TLS RSA CA G1	`2023-09-26` - `2024-09-25`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
vast.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-06-11` - `2024-07-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-11-14` - `2024-01-23`	2 months	crt.sh

This page contains 26 frames:

Primary Page: https://114117.com/
Frame ID: CF877404BBB462B701C0655C3104789C
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: F48BD3D17EEA2510086C4C3A3248C3C8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2223032880768124&output=html&h=600&slotname=2488430026&adk=1906899194&adf=1079445750&pi=t.ma~as.2488430026&w=279&fwrn=4&fwrnh=100&lmt=1702456850&rafmt=1&format=279x600&url=https%3A%2F%2F114117.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702456850583&bpp=17&bdt=755&idt=273&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&correlator=107267197238&frm=20&pv=2&ga_vid=643448232.1702456850&ga_sid=1702456851&ga_hid=1004718634&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=969&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44795921%2C95320885%2C95321230&oid=2&pvsid=3092998501295535&tmod=850579250&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=281
Frame ID: CE9D11E0233214772CCF386B5539BE69
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2223032880768124&output=html&adk=1812271804&adf=3025194257&lmt=1702456850&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x945_r&format=0x0&url=https%3A%2F%2F114117.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702456850761&bpp=1&bdt=934&idt=108&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=279x600&nras=1&correlator=107267197238&frm=20&pv=1&ga_vid=643448232.1702456850&ga_sid=1702456851&ga_hid=1004718634&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44795921%2C95320885%2C95321230&oid=2&pvsid=3092998501295535&tmod=850579250&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=114
Frame ID: DDCFF56711B48B86A21419B171377C08
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DA376B4CD5260935D363AF4DA8EA7088
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 1ADA6A1A480A94348667AA0A9F54BA97
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8583DD6FECEADB1809D18E2ED260FBCD
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 62A922A54C29A213A2AC808EE619BC03
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 424AA7B8949B5A9B508AEB792C81806E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 6308FA0AFF905C7E79390A53717B3138
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLuR3_QBMAE&v=APEucNUUI5MMex45PYWzWX7incW9Uh4fFnkaCOhzRqpddpTV8uJ5XkV-z6X3cnm2fM4RSEaxgIUuzVyb8MER02Jvudp3bYSxdurLBndtIxlKeCv_gCLYjOAkWaajqMNf_ydjE02vtHrVUhPxsggsShWnza9pObpcaOh-PmhY6hpfUwTbuDODy5g
Frame ID: 3584A818B6F1FABEF4D966F891A6E640
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: CAF7E03D6AE6E4AD5C7F7BC3114EF410
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLuR3_QBMAE&v=APEucNVDQ_Avixkn2rzKgiMfUJVcTmsZOE864M2lqb4Tfnqb7Xsjpzxt6-Aa-NigdfDj37k9783ijBGogVAPJNea6cJETNZf_E809nwYHveq-3N3F3jdZwPmAcfPtpw9fpofmz00kJSPpp-XNmyABMPHIAqK0mv0pQIbfcoUPP3FIq5ZtbDcIzs
Frame ID: BA970ED16FF82EBB2B728851EA0EE420
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 8E10C462D88609EFCBD37ADC86FD043B
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 89E69F6788BB8126DA2F9C78FDCE9704
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0A5182DD358DE5E21C5DBFA300A1B60F
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E9%96%89%E3%82%8B%E3%81%98
Frame ID: EF9DCC5C2D5B495A50EEC1099DEFBE35
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F64270121953FC2B20C2EEE850C35C81
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 0EE0F2359AFC0AA55645E3DBAC2254E4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3CC8699FB4EB9CCC164FBFBCC3F6CDDD
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
Frame ID: 07913068FF8009509210ADF9C1E3991C
Requests: 14 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C40A61473C3FF4B1F6A261204D679F93
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
Frame ID: E11F411F8FDEFF459A83C66A75B73B4D
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3DA855D37BED5A612A9A292188368326
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 0B6DBEC96C88D781D33F5F5E41415F32
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 8FB502CFE040A107FB3062F292A69A68
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

電話占いインスピの口コミ投稿掲示板 Part1｜電話占い口コミ掲示板＆人気占いランキング「ウラスピ」

Page URL History Show full URLs

http://114117.com/ HTTP 301
https://114117.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

175
Requests

93 %
HTTPS

61 %
IPv6

17
Domains

28
Subdomains

28
IPs

4
Countries

2532 kB
Transfer

6411 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://114117.com/ HTTP 301
https://114117.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 31

https://googleads.g.doubleclick.net/pagead/adview?ai=CERCdEm55ZbemOc_EvPIP_ea1sAn3z8ivdLe5rpWmEoLnxvjwGhABIJjn4HxglQKgAYKQ5YcDyAECqQIgmifU8BuyPqgDAcgDyQSqBL4BT9AIbctiWOO4VAhaTEqj9-ts5LcG4Or-_k474KTZwUND2c0GBn7SbiahaJ5bLP9o_YAXJzVYSQCflhG4MV2QwOG_k17wAca-JSwI4nT4PA33GVVdrpLbmQHPR2fux-CiZzI4dX__nUXxhKJchqGlOmV2F7GcEpCmiMcOcN_WdSwqAESq63EMrR3UlJfVYSNA83FEjpCIW8iCLlpIy4NmrZY0E_P7eksEnbd50JA47zKp0IkxOhJCPE778PBSx8AE8cPmnM8EiAWYpPC-TZIFBAgEGAGSBQQIBRgEoAYCgAe1w4-qAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEL6TD9IIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-8je_oGMgwOaCTdodHRwczovL3d3dy50Y2hpYm8uZGUva2FmZmVlLWFiby10Y2hpYm8tYzQwMjA4MjM4MC5odG1sgAoByAsBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7EC2BMN0BUBgBcBshccChoIABIUcHViLTIyMjMwMzI4ODA3NjgxMjQYAA&sigh=vz5nY9hAIes&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNQWiKfGl4oidvKHnS7veXtt6w8OyPYbg9URytucIpWibeUDthPjdYJkV9xEvfxuvDFROm57LRLhpXyhIR9wz7Q90yKU9OvrhW3ZwYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212301346571868327977%22,%22debug_reporting%22:true,%22destination%22:%22https://tchibo.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22821643266%22],%2222%22:[%22true%22],%224%22:[%2212-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223336664372878168513%22}&andc=true

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK-NWZx1vHu-oKMnJRSSIoU&google_cver=1

Request Chain 77

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXluFHRViyAXjH9dkWUNGgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK-NWZx1vHu-oKMnJRSSIoU&google_cver=1

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDlYZ0wpp4YJ_S1J1fQZkzk&google_cver=1

Request Chain 79

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE3OTkwNTU1MDkzMDAyMjYyNw%3D%3D

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK-NWZx1vHu-oKMnJRSSIoU&google_cver=1

Request Chain 81

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXluFHRViyAXjH9dkWUNGgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK-NWZx1vHu-oKMnJRSSIoU&google_cver=1

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDlYZ0wpp4YJ_S1J1fQZkzk&google_cver=1

Request Chain 83

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY2MjY3NTQwMDk0MTkxNTQ0OQ%3D%3D

Request Chain 93

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 128

https://fw.adsafeprotected.com/rfw/st/1627455/73523873/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2223032880768124&ias_chanId=1&ias_placementId=20487174429&bidurl=https://114117.com/&ias_dealId=&xsId=ABAjH0injzg91sM49liQmtRSg2oi&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0injzg91sM49liQmtRSg2oi&adContainerId=brand_safety_FG55ZY-bKayb9u8P4aOMwAg&cbFunctionName=goog_wrapCb_FG55ZY-bKayb9u8P4aOMwAg&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2F114117.com&adsafe_type=g&adsafe_url=https%3A%2F%2F114117.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-2223032880768124%26fa%3D3%26ifi%3D4%26uci%3Da!4%26btvi%3D1&adsafe_type=be&adsafe_jsinfo=,id:ded35227-5934-3125-892d-db907e205a1e,c:wFu5Uf,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765b799994-lt62n,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tYj5smV+11%7C121%7C122%7C13%7C1411%7C1412%7C151*.1627455-73523873%7C1511%7C1512%7C1513%7C1611%7C17%7C18%7C19,idMap:151*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:14,oid:531632b9-9993-11ee-b9a7-0ea4ad784ba1,v:19.8.464,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?xsId=ABAjH0injzg91sM49liQmtRSg2oi&ias_xappb=&adContainerId=brand_safety_FG55ZY-bKayb9u8P4aOMwAg&cbFunctionName=goog_wrapCb_FG55ZY-bKayb9u8P4aOMwAg&true_pb=

Request Chain 136

https://fw.adsafeprotected.com/rfw/st/1627455/73523873/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2223032880768124&ias_chanId=1&ias_placementId=20487175905&bidurl=https://114117.com/&ias_dealId=&xsId=ABAjH0i6rv1rLW1hrpNGto9WffXf&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0i6rv1rLW1hrpNGto9WffXf&adContainerId=brand_safety_FG55ZfScNMSu9u8PgsWXyAM&cbFunctionName=goog_wrapCb_FG55ZfScNMSu9u8PgsWXyAM&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2F114117.com&adsafe_type=g&adsafe_url=https%3A%2F%2F114117.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-2223032880768124%26fa%3D4%26ifi%3D5%26uci%3Da!5%26btvi%3D2&adsafe_type=be&adsafe_jsinfo=,id:26517e08-e256-07cb-181e-7c8b104b36ea,c:wFu5Vu,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765b799994-vhldv,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tYj5so5+11%7C121%7C122%7C13%7C1411%7C1412%7C1511%7C15121%7C1513%7C1514%7C161*.1627455-73523873%7C1611%7C1612%7C1613%7C17%7C18%7C19,idMap:161*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:20,oid:53248ab7-9993-11ee-a14b-960f78f6c6b6,v:19.8.464,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?xsId=ABAjH0i6rv1rLW1hrpNGto9WffXf&ias_xappb=&adContainerId=brand_safety_FG55ZfScNMSu9u8PgsWXyAM&cbFunctionName=goog_wrapCb_FG55ZfScNMSu9u8PgsWXyAM&true_pb=

Request Chain 153

https://gcdn.2mdn.net/videoplayback/id/779251d464fbd7d5/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240784/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/16EE1CCC8A8C921498507F32C169E66D144CE8AF.6053C1F69F29F6972F130038F43C9E87305D1255/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-5goeenes.c.2mdn.net/videoplayback/id/779251d464fbd7d5/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240784/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/752ABF26D97179A24574D33CD39CC41FDCFEC9AC.3D71B4D3E05CFDB0C90C848F12B9040C2908665F/key/cms1/cms_redirect/yes/mh/wP/mip/2a00:c98:2050:a007:2::5/mm/42/mn/sn-5goeenes/ms/onc/mt/1702456232/mv/u/mvi/5/pl/57/file/file.mp4

175 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
114117.com/
Redirect Chain

http://114117.com/
https://114117.com/

11 KB
3 KB

597ms
247ms

Document
text/html

104.244.99.125
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://114117.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.125 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx / PHP/7.1.26 PleskLin
Resource Hash: 7c4e38babccb76ffae1c97084ef419ab2a59e0018369c9157e91449b56acda71

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 3205
content-type: text/html; charset=UTF-8
date: Wed, 13 Dec 2023 08:40:49 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.1.26 PleskLin

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 13 Dec 2023 08:40:49 GMT
Location: https://114117.com/
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/7.1.26 PleskLin

GET
H2 200 bootstrap.css
114117.com/assets/css/ 119 KB
24 KB 583ms
582ms Stylesheet
text/css 104.244.99.125
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://114117.com/assets/css/bootstrap.css
Requested by: Host: 114117.com
URL: https://114117.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.125 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 3c8d36e671832c1e75c1a303889680c5817e9511aa510b4e8f42560905f4470e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://114117.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:50 GMT
content-encoding: gzip
last-modified: Mon, 03 Nov 2014 15:00:00 GMT
server: nginx
etag: W/"54579870-1dbb0"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
114117.com/assets/css/ 101 KB
24 KB 583ms
583ms Stylesheet
text/css 104.244.99.125
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://114117.com/assets/css/style.css?b
Requested by: Host: 114117.com
URL: https://114117.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.125 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: fa72ab45a1b0f4ea611e81808d322b77278de8c90ff2b3ee494cfa4fd7b6c3b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://114117.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:50 GMT
content-encoding: gzip
last-modified: Thu, 28 May 2020 00:11:51 GMT
server: nginx
etag: W/"5ecf01c7-19526"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css

GET
H2 200 logo.png
114117.com/assets/image/ 4 KB
4 KB 241ms
241ms Image
image/png 104.244.99.125
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://114117.com/assets/image/logo.png
Requested by: Host: 114117.com
URL: https://114117.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.125 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 0b85a06e2c20946788b31789b77a9b45231e41e1f5b7fe175043fe1645398b03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://114117.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:49 GMT
last-modified: Mon, 20 Apr 2020 01:36:29 GMT
server: nginx
etag: "5e9cfc9d-109d"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 4253

GET
H2 200 main.jpg
114117.com/assets/image/ 41 KB
41 KB 411ms
411ms Image
image/jpeg 104.244.99.125
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://114117.com/assets/image/main.jpg
Requested by: Host: 114117.com
URL: https://114117.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.125 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 2288522da7ef2ebb8d83b14a4f6d2a9443080e53f5b49b40ec49c5548497dd24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://114117.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:49 GMT
last-modified: Tue, 28 Oct 2014 15:00:00 GMT
server: nginx
etag: "544faf70-a2ae"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 41646

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 150ms
115ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

896a4cb8174dacd5f2491a74ea90be28fb3032b68e8578e81b99c1d2e02356c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://114117.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52048
x-xss-protection: 0
server: cafe
etag: 12659111356284678088
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 08:40:49 GMT

GET
H2 200 jquery-2.1.0.min.js Show response
114117.com/assets/js/ 193 KB
193 KB 571ms
570ms Script
application/javascript 104.244.99.125
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://114117.com/assets/js/jquery-2.1.0.min.js
Requested by: Host: 114117.com
URL: https://114117.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.125 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: ddd7805de3552461660bf5c5d29f0ba03fa71755218f54a71da3e58abffdcbbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://114117.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:50 GMT
last-modified: Thu, 04 Sep 2014 15:00:00 GMT
server: nginx
etag: "54087e70-302ca"
x-powered-by: PleskLin
content-type: application/javascript
accept-ranges: bytes
content-length: 197322

GET
H2 200 plugin.js Show response
114117.com/assets/js/ 256 B
376 B 570ms
569ms Script
application/javascript 104.244.99.125
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://114117.com/assets/js/plugin.js
Requested by: Host: 114117.com
URL: https://114117.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.125 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 6fc05706471da6b2d576e3ecc4df635592935447482c9aba49166546ab0b8031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://114117.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:49 GMT
content-encoding: gzip
last-modified: Wed, 27 May 2015 15:00:00 GMT
server: nginx
x-accel-version: 0.01
etag: "100-517117f3adc00-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 160

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 169 KB
61 KB 63ms
30ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NWJKGT3

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a06923797ab5c36e55640eace375224eb48d7f6605ffa754514c0f98b21e3a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://114117.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62128
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Dec 2023 08:40:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
84 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MBGKZB3HN2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWJKGT3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd5577057e77a4901a240d60194fe02fabf244c05ecd672bf5c0b77ea74d495a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://114117.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86191
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Dec 2023 08:40:49 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
241 B 50ms
20ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MBGKZB3HN2&gtm=45je3bt0v873674707z8830828099&_p=1702456849839&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=643448232.1702456850&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702456850&sct=1&seg=0&dl=https%3A%2F%2F114117.com%2F&dt=%E9%9B%BB%E8%A9%B1%E5%8D%A0%E3%81%84%E3%82%A4%E3%83%B3%E3%82%B9%E3%83%94%E3%81%AE%E5%8F%A3%E3%82%B3%E3%83%9F%E6%8A%95%E7%A8%BF%E6%8E%B2%E7%A4%BA%E6%9D%BF%20Part1%EF%BD%9C%E9%9B%BB%E8%A9%B1%E5%8D%A0%E3%81%84%E5%8F%A3%E3%82%B3%E3%83%9F%E6%8E%B2%E7%A4%BA%E6%9D%BF%EF%BC%86%E4%BA%BA%E6%B0%97%E5%8D%A0%E3%81%84%E3%83%A9%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0%E3%80%8C%E3%82%A6%E3%83%A9%E3%82%B9%E3%83%94%E3%80%8D&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2068
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MBGKZB3HN2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://114117.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://114117.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame F48B 9 KB
4 KB 54ms
14ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://114117.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67872
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 13:49:38 GMT
etag: 5585625838579639069
expires: Tue, 26 Dec 2023 13:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 398 KB
135 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2223032880768124&plah=114117.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1366d5e5f8bebbe27e2e1086d1ef5132c840d4900a5a61aa94368c745a6094ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://114117.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137722
x-xss-protection: 0
server: cafe
etag: 16245099449020044219
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 08:40:50 GMT

GET
H2 200 base-sprite.png
114117.com/assets/image/ 15 KB
15 KB 245ms
245ms Image
image/png 104.244.99.125
FC2-INC-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://114117.com/assets/image/base-sprite.png
Requested by: Host: 114117.com
URL: https://114117.com/assets/css/style.css?b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.125 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 72a175851bdd43f3470fe4dd9347b21d388ccb90d04b64aa724b9f726ca3a555

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://114117.com/assets/css/style.css?b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:50 GMT
last-modified: Mon, 15 Dec 2014 15:00:00 GMT
server: nginx
etag: "548ef770-3b41"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 15169

GET
DATA 200
OK truncated
/ 649 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df96dae256b19261cfc38a0a0f290abf488803d4b415219b7e734f5021d3917b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1eeb7db0708e792d00042d1285fb1c1eb648147c52895d76831ae149740bf7d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 514 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d52a5e7289027ffc3a4ac8545bf9e6e6c491332e39dda46f5750281d165898ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 813 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72b39991107c87b37f99dc6cb797d747fe9dac3ab7273d79e5b72e87320714db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 645 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4100e2471f71a611bf39726bd68cc2004e771e5c18bb1e0c45d93413a89cb263

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 Elusive-Icons.woff
114117.com/assets/font/ 60 KB
60 KB 240ms
240ms Font
application/font-woff 104.244.99.125
FC2-INC-2

General

Check archive.org

Show headers Download Go to

Full URL: https://114117.com/assets/font/Elusive-Icons.woff?v=2
Requested by: Host: 114117.com
URL: https://114117.com/assets/css/style.css?b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.244.99.125 , United States, ASN63210 (FC2-INC-2, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: dd62a29e542980034d9edb632282dd081df86babe0b7bdaf8e1a0cb9e21857a3

Request headers

Referer: https://114117.com/assets/css/style.css?b
Origin: https://114117.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:50 GMT
last-modified: Mon, 21 Jul 2014 15:00:00 GMT
server: nginx
etag: "53cd2af0-f114"
x-powered-by: PleskLin
content-type: application/font-woff
accept-ranges: bytes
content-length: 61716

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CE9D 108 KB
40 KB 652ms
650ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2223032880768124&output=html&h=600&slotname=2488430026&adk=1906899194&adf=1079445750&pi=t.ma~as.2488430026&w=279&fwrn=4&fwrnh=100&lmt=1702456850&rafmt=1&format=279x600&url=https%3A%2F%2F114117.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702456850583&bpp=17&bdt=755&idt=273&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&correlator=107267197238&frm=20&pv=2&ga_vid=643448232.1702456850&ga_sid=1702456851&ga_hid=1004718634&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=969&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44795921%2C95320885%2C95321230&oid=2&pvsid=3092998501295535&tmod=850579250&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=281

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2223032880768124&plah=114117.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3635fb396b7c33b74490109dff4fda392516d4c6a310a1149fc5d32ba0a1f8fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://114117.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40225
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 08:40:51 GMT
expires: Wed, 13 Dec 2023 08:40:51 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DDCF 396 KB
86 KB 1497ms
1496ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2223032880768124&output=html&adk=1812271804&adf=3025194257&lmt=1702456850&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x945_r&format=0x0&url=https%3A%2F%2F114117.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702456850761&bpp=1&bdt=934&idt=108&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=279x600&nras=1&correlator=107267197238&frm=20&pv=1&ga_vid=643448232.1702456850&ga_sid=1702456851&ga_hid=1004718634&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44795921%2C95320885%2C95321230&oid=2&pvsid=3092998501295535&tmod=850579250&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=114

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5052e6d54b2b5abc0ef0f26e42e1154245aeb0e4f881c066a574082adaf62f5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://114117.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 87623
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 08:40:52 GMT
expires: Wed, 13 Dec 2023 08:40:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
49ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=back-top-wrap&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://114117.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 13003681060549860654
tpc.googlesyndication.com/daca_images/simgad/ Frame CE9D 107 KB
108 KB 92ms
34ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/13003681060549860654

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2223032880768124&output=html&h=600&slotname=2488430026&adk=1906899194&adf=1079445750&pi=t.ma~as.2488430026&w=279&fwrn=4&fwrnh=100&lmt=1702456850&rafmt=1&format=279x600&url=https%3A%2F%2F114117.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702456850583&bpp=17&bdt=755&idt=273&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&correlator=107267197238&frm=20&pv=2&ga_vid=643448232.1702456850&ga_sid=1702456851&ga_hid=1004718634&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=969&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44795921%2C95320885%2C95321230&oid=2&pvsid=3092998501295535&tmod=850579250&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=281

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d46eb7315ee6abaeefda409d076567004886e97f10014aadbc65f2e797815251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:21:10 GMT
x-content-type-options: nosniff
age: 130781
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109694
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 09:59:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 20:21:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame CE9D 24 KB
9 KB 89ms
31ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34834
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 23:00:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CE9D 3 KB
1 KB 83ms
31ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:10:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 14:10:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CE9D 20 KB
9 KB 74ms
17ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CE9D 203 KB
65 KB 73ms
28ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 08:40:51 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CE9D 36 KB
15 KB 69ms
17ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:01:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85166
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14812
x-xss-protection: 0
server: cafe
etag: 15202890134401013038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 09:01:25 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DA37 143 B
166 B 19ms
19ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2223032880768124&output=html&h=600&slotname=2488430026&adk=1906899194&adf=1079445750&pi=t.ma~as.2488430026&w=279&fwrn=4&fwrnh=100&lmt=1702456850&rafmt=1&format=279x600&url=https%3A%2F%2F114117.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702456850583&bpp=17&bdt=755&idt=273&shv=r20231207&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&correlator=107267197238&frm=20&pv=2&ga_vid=643448232.1702456850&ga_sid=1702456851&ga_hid=1004718634&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=969&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44795921%2C95320885%2C95321230&oid=2&pvsid=3092998501295535&tmod=850579250&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=281
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 673
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 08:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DA37
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

28ms
27ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 08:40:51 GMT
expires: Wed, 13 Dec 2023 08:40:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 08:40:51 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CE9D 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35fb8312c8da6e759bc80dd7b88849633ad509cdc3e7072fe87682734f5dd712

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame CE9D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CERCdEm55ZbemOc_EvPIP_ea1sAn3z8ivdLe5rpWmEoLnxvjwGhABIJjn4HxglQKgAYKQ5YcDyAECqQIgmifU8BuyPqgDAcgDyQSqBL4BT9AIbctiWOO4VAhaTEqj9-ts5LcG4Or-_k474KT...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212301346571868327977%22,%22debug_reporting%22:true,%22destination%22:%22https://tchibo.de%22,%22event_report_window%22:%22...

0
0

95ms
49ms

Fetch
text/css

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212301346571868327977%22,%22debug_reporting%22:true,%22destination%22:%22https://tchibo.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22821643266%22],%2222%22:[%22true%22],%224%22:[%2212-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223336664372878168513%22}&andc=true

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:51 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12301346571868327977","debug_reporting":true,"destination":"https://tchibo.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["821643266"],"22":["true"],"4":["12-13"],"6":["true"]},"priority":"500","source_event_id":"3336664372878168513"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Dec 2023 08:40:51 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Dec 2023 08:40:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12301346571868327977","debug_reporting":true,"destination":"https://tchibo.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["821643266"],"22":["true"],"4":["12-13"],"6":["true"]},"priority":"500","source_event_id":"3336664372878168513"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK ai.aspx
tagm.tchibo.de/ Frame CE9D 43 B
1023 B 178ms
23ms Image
image/gif 85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tagm.tchibo.de/ai.aspx?extProvId=5&extPu=tchibo-pm-display&extLi=20801393176&cb=3204280667&cbvp=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.71 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Wed, 13 Dec 2023 08:40:51 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://tagm.tchibo.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mi, 13 Dez 2023 08:40:51 GMT
X-ET-Code: 11
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 821
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 132ms
48ms Preflight
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 13 Dec 2023 08:40:51 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 1ADA 50 KB
19 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:01:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 09:01:52 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 101ms
66ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef90b41388c1d576f3957fc3a94759cbaa20f780d1257c0b287d8a51302c5ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://114117.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12221
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 160 KB
55 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d47f63d226e204708f690ec0f9256b366c18f78c756d7a950413efa28d490c39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://114117.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56003
x-xss-protection: 0
server: cafe
etag: 11676222408787014274
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 08:40:52 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://114117.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 08:40:52 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 8583 9 KB
4 KB 13ms
13ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://114117.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 04:17:07 GMT
etag: 5585625838579639069
expires: Wed, 27 Dec 2023 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 62A9 9 KB
4 KB 12ms
12ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://114117.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 04:17:07 GMT
etag: 5585625838579639069
expires: Wed, 27 Dec 2023 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 424A 9 KB
4 KB 12ms
12ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://114117.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 04:17:07 GMT
etag: 5585625838579639069
expires: Wed, 27 Dec 2023 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 6308 9 KB
4 KB 14ms
14ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://114117.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 04:17:07 GMT
etag: 5585625838579639069
expires: Wed, 27 Dec 2023 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 8583 4 KB
1 KB 58ms
23ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 08:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 07:24:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Dec 2023 08:40:52 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8583 205 B
651 B 50ms
15ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 19:41:52 GMT
x-content-type-options: nosniff
age: 133140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 10 Dec 2024 19:41:52 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8583 604 B
695 B 51ms
16ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:57:32 GMT
x-content-type-options: nosniff
age: 85400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 11 Dec 2024 08:57:32 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 8583 16 KB
7 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24369
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 01:54:43 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 8583 22 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:16:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 02:16:55 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3584 624 B
245 B 54ms
54ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLuR3_QBMAE&v=APEucNUUI5MMex45PYWzWX7incW9Uh4fFnkaCOhzRqpddpTV8uJ5XkV-z6X3cnm2fM4RSEaxgIUuzVyb8MER02Jvudp3bYSxdurLBndtIxlKeCv_gCLYjOAkWaajqMNf_ydjE02vtHrVUhPxsggsShWnza9pObpcaOh-PmhY6hpfUwTbuDODy5g

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 08:40:52 GMT
expires: Wed, 13 Dec 2023 08:40:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CAF7 89 KB
31 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 08:40:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CAF7 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:10:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 14:10:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CAF7 20 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CAF7 203 KB
64 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 08:40:52 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CAF7 42 B
63 B 47ms
47ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CrLZTLCIlDBEn95ekWMOf6R-ElyQRM35z_P_6Q7OayB35i9A-yvhTm5GtmDWYGXZI9ipby8DjXmAZmNpQuApR_EKiZApB3JQPDM0FLmbtoi2IOhDE

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BA97 624 B
245 B 55ms
53ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLuR3_QBMAE&v=APEucNVDQ_Avixkn2rzKgiMfUJVcTmsZOE864M2lqb4Tfnqb7Xsjpzxt6-Aa-NigdfDj37k9783ijBGogVAPJNea6cJETNZf_E809nwYHveq-3N3F3jdZwPmAcfPtpw9fpofmz00kJSPpp-XNmyABMPHIAqK0mv0pQIbfcoUPP3FIq5ZtbDcIzs

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 08:40:52 GMT
expires: Wed, 13 Dec 2023 08:40:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8E10 89 KB
31 KB 183ms
183ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 13 Dec 2023 08:40:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8E10 3 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:10:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 14:10:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8E10 20 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E10 203 KB
64 KB 61ms
59ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 08:40:52 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E10 42 B
63 B 51ms
49ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CXtDTflJTfkYxHPEon8VO_7YB007HGSXMPKXN7zERPdHEudplDlGSI79PSdKNZFZe-DuyuA3m7xxnYMBUPaW3enN52h4hOkKolFTp0CzzsbCG6A3o

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 6308 24 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34835
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 23:00:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6308 8 KB
823 B 31ms
24ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 08:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 07:16:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Dec 2023 08:40:52 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 6308 15 KB
3 KB 50ms
15ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 03:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 03:37:52 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 6308 376 KB
131 KB 51ms
16ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87584
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133672
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:21:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6308 20 KB
8 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 01:54:19 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 89E6 13 KB
5 KB 13ms
13ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://114117.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 45663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 19:59:49 GMT
expires: Wed, 11 Dec 2024 19:59:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0A51 829 B
996 B 26ms
26ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0a1711dc250384e7138a53edb82ccc8bc63d4ba03013e221c77fe5d168bafc96

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dk9ib__4-woSl8ikEeChXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://114117.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dk9ib__4-woSl8ikEeChXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 08:40:52 GMT
expires: Wed, 13 Dec 2023 08:40:52 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 89E6 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 19:12:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EF9D 249 B
339 B 27ms
22ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E9%96%89%E3%82%8B%E3%81%98

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0bb5af18639dfc54932f4340945c1dceeb1e5aac5933b578f2ab597f29137599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 08:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 08:40:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Dec 2023 08:40:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EF9D 14 KB
1 KB 26ms
22ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Dec 2023 08:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 08:12:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Dec 2023 08:40:52 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EF9D 2 KB
822 B 13ms
13ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 01:54:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame EF9D 24 KB
9 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34835
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 23:00:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F642 143 B
166 B 15ms
14ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 674
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 08:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EF9D 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 14:10:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 14:10:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EF9D 20 KB
8 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 01:54:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EF9D 203 KB
64 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 08:40:52 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame EF9D 37 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:08:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 04:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Mar 2024 09:08:48 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3584
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK-NWZx1vHu-oKMnJRSSIoU&google_cver=1

43 B
739 B

36ms
36ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK-NWZx1vHu-oKMnJRSSIoU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLuR3_QBMAE&v=APEucNUUI5MMex45PYWzWX7incW9Uh4fFnkaCOhzRqpddpTV8uJ5XkV-z6X3cnm2fM4RSEaxgIUuzVyb8MER02Jvudp3bYSxdurLBndtIxlKeCv_gCLYjOAkWaajqMNf_ydjE02vtHrVUhPxsggsShWnza9pObpcaOh-PmhY6hpfUwTbuDODy5g
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2hqzPrJ4xwgZEGXqHpCFTnkUmAcTP%2B6mxXoD%2BpeDyKeu7w3qYQBA%2FXArwqgiipfve3odV8WGVTL0yCnqtsZqDpFaiDREmdRjwnGHJuTv8UIVdCYrBEhdGEy3M%2BRZYisudtSXK%2F%2F9kiNDw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 834ce7a16ca968ef-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK-NWZx1vHu-oKMnJRSSIoU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3584
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXluFHRViyAXjH9dkWUNGgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK-NWZx1vHu-oKMnJRSSIoU&google_cver=1

43 B
729 B

23ms
23ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK-NWZx1vHu-oKMnJRSSIoU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLuR3_QBMAE&v=APEucNUUI5MMex45PYWzWX7incW9Uh4fFnkaCOhzRqpddpTV8uJ5XkV-z6X3cnm2fM4RSEaxgIUuzVyb8MER02Jvudp3bYSxdurLBndtIxlKeCv_gCLYjOAkWaajqMNf_ydjE02vtHrVUhPxsggsShWnza9pObpcaOh-PmhY6hpfUwTbuDODy5g
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3lxtlJXBGvGrjLNa2KzvfHiijCtyponYHIzP0WeTEYb1PWA%2Bbmnw91jjyLIx51my5pa4ryAOac051FuuGKhj%2F7Fc87RcPipGbhRzULgVoxevL8Hc7jrDUGIex1kyi60bPAeLV47RtgEuA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 834ce7a1ace668ef-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK-NWZx1vHu-oKMnJRSSIoU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 3584
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDlYZ0wpp4YJ_S1J1fQZkzk&google_cver=1

43 B
841 B

8ms
8ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDlYZ0wpp4YJ_S1J1fQZkzk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLuR3_QBMAE&v=APEucNUUI5MMex45PYWzWX7incW9Uh4fFnkaCOhzRqpddpTV8uJ5XkV-z6X3cnm2fM4RSEaxgIUuzVyb8MER02Jvudp3bYSxdurLBndtIxlKeCv_gCLYjOAkWaajqMNf_ydjE02vtHrVUhPxsggsShWnza9pObpcaOh-PmhY6hpfUwTbuDODy5g

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
an-x-request-uuid: 124e94b5-c177-4edb-9cd1-7ea87e7d4829
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.131; 178.162.209.131; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDlYZ0wpp4YJ_S1J1fQZkzk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3584
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE3OTkwNTU1MDkzMDAyMjYyNw%3D%3D

170 B
188 B

23ms
23ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE3OTkwNTU1MDkzMDAyMjYyNw%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
an-x-request-uuid: fdb6db15-c04d-409c-942a-63c2d50ce836
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE3OTkwNTU1MDkzMDAyMjYyNw%3D%3D
x-proxy-origin: 178.162.209.131; 178.162.209.131; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BA97
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK-NWZx1vHu-oKMnJRSSIoU&google_cver=1

43 B
772 B

35ms
35ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK-NWZx1vHu-oKMnJRSSIoU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLuR3_QBMAE&v=APEucNVDQ_Avixkn2rzKgiMfUJVcTmsZOE864M2lqb4Tfnqb7Xsjpzxt6-Aa-NigdfDj37k9783ijBGogVAPJNea6cJETNZf_E809nwYHveq-3N3F3jdZwPmAcfPtpw9fpofmz00kJSPpp-XNmyABMPHIAqK0mv0pQIbfcoUPP3FIq5ZtbDcIzs
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3KsArMuUrwDrVmIiLLqbgOU%2FEnPdgsDZhqn8NOc2R8a4ClCOdcd%2FCWcnx0FWQypdmD9dqZYr8fQ2vC19agouOH%2FfeRTJjnkz%2FnZwOSPkdAx%2Bxy39fwXg7AhhfdTfXxgmGGiJBFWD1gaHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 834ce7a16ca768ef-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK-NWZx1vHu-oKMnJRSSIoU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame BA97
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXluFHRViyAXjH9dkWUNGgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK-NWZx1vHu-oKMnJRSSIoU&google_cver=1

43 B
734 B

27ms
27ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK-NWZx1vHu-oKMnJRSSIoU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLuR3_QBMAE&v=APEucNVDQ_Avixkn2rzKgiMfUJVcTmsZOE864M2lqb4Tfnqb7Xsjpzxt6-Aa-NigdfDj37k9783ijBGogVAPJNea6cJETNZf_E809nwYHveq-3N3F3jdZwPmAcfPtpw9fpofmz00kJSPpp-XNmyABMPHIAqK0mv0pQIbfcoUPP3FIq5ZtbDcIzs
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0w3f6C759%2BN2z6GZxiLkhOOEdLpXQ74slBSLrlezPWkdyGO1dfFXrqCeS8i%2B%2BUaoqBL3AakHLqYOofxaSelPKJWrcUGL3w50bRsw7JyyJCZFg7zligH16PRIa0N%2FCOdGiG0DGCLLlxg3VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 834ce7a1ace568ef-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK-NWZx1vHu-oKMnJRSSIoU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame BA97
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDlYZ0wpp4YJ_S1J1fQZkzk&google_cver=1

43 B
841 B

7ms
7ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDlYZ0wpp4YJ_S1J1fQZkzk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGLuR3_QBMAE&v=APEucNVDQ_Avixkn2rzKgiMfUJVcTmsZOE864M2lqb4Tfnqb7Xsjpzxt6-Aa-NigdfDj37k9783ijBGogVAPJNea6cJETNZf_E809nwYHveq-3N3F3jdZwPmAcfPtpw9fpofmz00kJSPpp-XNmyABMPHIAqK0mv0pQIbfcoUPP3FIq5ZtbDcIzs

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
an-x-request-uuid: e7524152-4e7e-4010-9c52-8b59f5d0c7d7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.131; 178.162.209.131; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDlYZ0wpp4YJ_S1J1fQZkzk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BA97
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY2MjY3NTQwMDk0MTkxNTQ0OQ%3D%3D

170 B
243 B

23ms
22ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY2MjY3NTQwMDk0MTkxNTQ0OQ%3D%3D

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
an-x-request-uuid: ce97ad7c-f924-46c0-bc28-b0f464cc60e6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY2MjY3NTQwMDk0MTkxNTQ0OQ%3D%3D
x-proxy-origin: 178.162.209.131; 178.162.209.131; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CAF7 0
20 B 50ms
47ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8656958323332&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CAF7 0
20 B 50ms
48ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8656958323332&version=m202309260101&ct=76&x=1&cor=3407687908194290000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CAF7 109 KB
41 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cq6Jvj7W3ttIN8odotOap4GQbrwLR5QOZIPH8Ki8dkcCZzCSph0bfMxwCTjI8TDFd3hCVXSdYUkqyty-G8K_d5x1xFNLsQuYi1BaQWH_HirHyYgO76oK1FRxO8er1KrOFgGb0rOuVgNxZtrzjhZTd0SMyWczml8eVCvp1xJuHUAxEIKB4&dbm_d=AKAmf-C5Rq1E_nhBCu6775EkQvVvkYfviN14yqVVFtbRmLLcaNZFwUaqlupiEZsjxAyD07w9SlLaxHIuCh5gD-3d40d8HNprmKStV-4GAZ7MZthd1VT1GLcwXsl7ggmItuykDNaCAM42Mm7iSHVG7wRz-4Fv4NlVQ6h3Kgz7MVNKmcBXONgfZM18gHgAZj_aHPJo0Nb_1ny4SGcYSwL1FHpWKfrAXBLjU6oz4Ke55tWR34SD2GcerUK5GoDy7AUhoIy8sujOeYE0il5UYa2C_SzNtKAL_eiP6eTf74D6seNMDgvMdAWdBJ6sglh6dZFAVXs563-DnDIqaro2IdabmqEeTol3fsqs_Qq_2xvonBSCSOdzpwwFeHZH5IYCBjH0YJv2en7FMoZyJ-90x_RxOLNP4wqeEsdIF7_1kxERSudRHmqGOg14zbIKR_UM9eVBWJQEELKdPFzh3Iy5q8of5PAKSQpX6tFUA5JPNU0mgz_iMAY3t5F9bwK1qaB868dY0w2MojKJJG7Wnr5zgm5lXhQrhBdwmKbYds5mqGECwJJb_H8n69nn2LALS3HlvelsIdXyPWZQ8BkEhN2yXdxQZvG-qzX9yEkP3kDu9z1zHt3hBZ4ECmq9sKCklP_jg3CRetWXDJ1gwCFxooicQ9eWQ_4apUA8sBZKbSALn3YmvSSDZUppBAUj7eZFTBNQhU1ycguDBKeCUhD0iuUf27ccK0veralvbJpJFx5nyqDP2njngNKDjTaaj7yDk-ARiSlEXlhK_6SgOiS5TEfnPzbla7gVWzOruKmvfuNhTxdieCQRBxq6RwjXfZiWwRMZbvuv5xkFhqsa5dqe0xTX9bd7mAfGr0xka1KtBsQmeFR0FzGn8Z7rwyzBcdu7azwK_Vquv0TEnbkvTsyjFA6NSaUvvls8Tat1B01_98rB_6Lz3D6bRcIJp5IXZf-F6-rFIbMdcj-PJj2hTACl2HwzlSslUhtVtthoROvw3-o2F3ca1D1TvM_jBVj9G82oTDqdp_WNkuNmbBiXNKxDQTfANj_iWIh1ETfkCneSL8EzSIP6pLrmc66M4Tw_ixTsA_U-BBFLSbl0_73ZB8CAPYHP5eTQojaP8_WEqqmDzNesiQyKmtLnvfAQGO3m6dV7aIbA5QeS95PnWC6lhIv7djIHi5tqP0qi3KEMlhiselXIzlRKbCor5GD9GYlNuhNr4OcJq6_xOBfWjyAJNhnIGbbPz85xMS1gFvN-APsYEDxma4h5B3-WzpFR7wX1n_DwxFqKMVyGG1AEBmumDxRU_It-1GrafzvQCEuDWRdlWh_OeXT8dRWPs9A21i23RA3YtjWtBqu-2iMnDaKw6Xkn7GQ12mAHasJonqYRc0xMa30mCKPUFJgHr31SwqgFkNjEB-zJnhTc0DdBiI8gFg-J25JVRBNzaJFgYhxMtS2vztyjtBgnWSOLSelKLYkT7fyIKMbKjw2RU8pjOsjVkzE2H5ZlLBKbRdD3W7sBB-bCSlcXe1e7KmHXidqjy9txTtXqRwfFtQ2qrj0D_H6WGmY8KEQ-Z-2VMFw8MUn-oZBbuTNdNjKxTz_pwggBRlXQzTmFi63vHBuPPsLAMVm7U_z07KdehtzLwBpa_BhWeGsDYuKB_2ENAatNMZyYdBxZLcyn7NZpeqNXHnX2xqtS7bd6-0AuiAPUfPhtO9rHVOyrAFRqaNYKhNRoC4jPY2QFdhW91GpbHapeFfXff9pnVXuCTeG20CGaFc-CzakFe2up5LWIbGTvWbg5yt6yq8tkp99jmzD9NeiGXkS2pD0ez1jfGtiOoU6xjw8EMAiFPtRCCdhyfaXAvX9zUwRS2YFpTnp2d5SA3oKtsBptMskZg_L_s56H897hVCX4ICYSwAp0uOEp1hM7_y6Uvt5Ey2U5a4enQ5uBjs8Bch1mVJfD1JRGNkydJbO1HpS1_34ZvUHbXeHDLHznVGFSPCKWRqsmWZcFYaauY07pT2ohKKtEcGhfK0GacJ2OYGscrzhihp0_N8sMptK3hI2I0Ct5P0D4iOxgFCsoQp6BH1OW3qE2xCGFUaDoqGGibtqYUSs1eUGYA3Ud7qSIVPAhtG5kBJz_wBOrt0Do4QZxFNX6FtqzGUDFGoOxsFy4qudwhKtiK5AiX_TV_D9iA_rQEinThVGUneRIowDAgWJj7M3A4ioPLzpoyabV-j95GvDOMntE52utW_hlFqWN78LwgnSMv4-8lCSFOkSAADql83ghNOl-S5W3zxQLB-CnqbSz2xt4bcHwIgV7KEW9Ug_PIR9TiPMiQzhG7oneStFEbjoSzwGOJt3wRo_6s9-ITha42ppgFXTIMHRlWu-UI73oFJ2QVOxunPcqmxxt3XaoNR1-Ks0VCann7MQK5a21BcxxUncBKXnW5AjqZNNTdebTfZVA6_-nuA2nyAhK8s8LvqkxexIAHpTgY6Drb7cPffWtVLJKq1uM0lFkq0gzn0ZsJqEeVEL0ET1GIhZu_Esr9OGmbnbPmttOd9XDhtkjFtVPvLNmpaRGctfwf9Cp-VQcsVxz--BEdlK__2mmXDtOC3k0N3O37BF0TRs6lj2GMmnmfweVzj0loipiIafraANkFIzkw_1jSRyR6U90yUVvGXpY5nfQI727vgjCcUCxkO3kHheS2kgBdCrjeHAzQFJHd76SB1DAMU30A9aJohxGwrhH5__8FSg4C1RAOMCjK_6qDBhCfj3niWzk_MtDEQKJt_JIg3oFhIZC3z_GEKo8TUCD5WSqIJS-SCarwVqt6l4QENRvPsyUMaMSa_TmJnJoo2LzAFJUr8vChtW6YL4twwpIjNx0h5-hR2m2rYj1VOZviDXE6sIHRtiC20fS1lXifjXtEgb5TBvX6Zg--Cp5w21rjLfh1agnzS3LzWiklmQZnsyLVj-Hb8dRpP1NBLqWzjLDAvmmD9KJVYMlePWdEWLdxwe0b7sflANJ6z5CROgJXalXJmHogLEFcSs6aGHhfmtgPj4kDOLo9w3YI7bHy3ov_UFZrJNrsjm46-sFB_Pw9KI1bCITLCSWYxqW5vEl2fdQXx-3Yk4gDSel4CyNRSKMIJGzfBL_9HB3h1Pib-mbYRnCUixl32R-QFW1uI4skBc4PLhLupmoDDdEZ5uxmOtw0NUM4_5wNXmAlyRZ7dLbFyVZ3K6j2GmmZ38IVt6DsLiLets3aR-XsGabQTLuoJ_8A4qYzvJJF15_J7YOadE1I5pfUAhzl7ygScnMPKsOzTi18hiwlPL1uARX52LlPP24zSKhgW_w-z4LV8-PLkka7RBU1QdP-98OtN7SDQEQUND9h2UHngDWuKNlsLCb89VlTBjcRP54-AI4wip60tvLKlnTQiwd34LDglZFEoAgBxTLhjEtjynR3A6kkwIidMzzpQvKpLN_3iFU8Zh7jAMH4P9PZx9fYiYLtcrkdznpzkUAr45Ueer5IjaUV8X7iP8Al9Q2qfE7ruwZylIYnK8fVVCXBfTba7jOrbhKjT5F09pt6QIlr2CTSQEgxrLGBStXHGIz_2LR5fFg5U8ZNhgjASso3Dsa-jbBDD_kj4tL4MQYGQDxh6kPcSFx5kbkdglo3VcXHZ9Lf5oDPNTVjv8QKcCnRH0-NelGwd_OwumOaLDRpNTd1x9R_b2nl-yX0RigMslfJ5CiCJvubUs_Sl_Y_C3u3MwIA2HGb4oyHBv0p32t1Yh1rk-RVn_HnRQ3pZIx188hqh54gguAKRT5YAGTsUa_kuERmQFFVY-Aum4B5UiKSg3yJtMlOe5PQX9VUjNmlBsx30n8EDiY_kkDShP-20OwMM9HZfAR1NeuXpthuDqPiavyo2imDXDSLzvii58qJeND-F6aFhkXpDqG0omIK5eEd9VHeQ&cid=CAQSTgDICaaNYCscH_ot6cFosQGZcU4NX_PxNtWQlEp5E6BWhLBP--u3rGXsC8zkwFlH5Is5OU5bPJf0U8tRGFIjSuECqi7pO8BmPXlpVjCXrRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2F114117.com%2F&ds=l&xdt=1&iif=1&cor=3407687908194290000&adk=1761367584&idt=65&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

877ae93b74be1ed777306ace4155546fbb76a3d5baa8c1eb8c32817f34c95335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42219
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0A51 0
0 48ms
48ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3092998501295535&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CE9D 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKpml8O9toyXirzZZgpvDmh_0A5Te2H6Eo1DadJs7WT8pc4l9_h1v02z8O_eysw0q-5NXz-vJuPbnusvwLKgFqIrxx1J8VenM77T1g4eDe5H0LLT84-Csh-7LaiTD4tgXWQ0kwgAukUHK5qyOQdvt2ymTP&sai=AMfl-YSsKwMw8hgOpvvt-zktDRrp8io3BTwbdL7tdkGTadpcL1f4rqiz9W5kyK5_HVzCyDyq2HceF7JowvGdg3NgDFFW2obUzKJcesXIIvEo1305OQg-_psHi0fc6yn9baqTqnKPoyW_80hde0Daxi8Edw&sig=Cg0ArKJSzOyD-IRVyrDbEAE&cid=CAQSTwDICaaNQWiKfGl4oidvKHnS7veXtt6w8OyPYbg9URytucIpWibeUDthPjdYJkV9xEvfxuvDFROm57LRLhpXyhIR9wz7Q90yKU9OvrhW3ZwYAQ&id=lidar2&mcvt=1018&p=0,0,558,279&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1906899194&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702456850865&rpt=791&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6308 0
234 B 51ms
16ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lq3iuqq7&c=2021923299463&slotId=1010961649731.5&qqid=CMvt4v6BjIMDFZ-60QQdMrMOuw&fb=outstream-lima&sei=44752538%2C44807614%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6308 0
20 B 48ms
48ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CzWa0Em55ZcucOp_1xtYPsua62Aupov7TdKu1k6aYEs-Ph_mUMRABIJjn4HxglQLIAQWoAwHIA5sEqgTtAU_Q6RMgysqETKBUF_YnEjdLDXeDWFwhoGGwUDnCdcJvLcWZfIQikw5eDLSm5am-tv-9zj7JB77Y59sN1DKhC1quAu0ZdFRLeOkyWiidrims9USKHtgGTtTMRXH74-66ZlekYLhFWJ03XgRZMyYF2a99QA9XMqTHP9k21aQKM8o9bIrA2lbFf1100XMdF7OcUxmSoJ7Qg7qKQCuLbQ1HEYG0bGY3ZbjkgOA0dbEw8qiL_N-X-nxUw6lUWkz3_-KL9BjPOhV3_pTqo__QueYqyT-Hj5rXIt0LWCi2l1h0RrX1Rm1kpK9agncdapLTJcAEu4jbyL4E4AQDiAWtxa3HTJAGAaAGToAHmpLo1QKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliJsN_-gYyDA4AKAZgLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJERbATpYzeFcgTv6TE4wPYEwqIFAPYFAHQFQH4FgGAFwHoFwWyGAMiAQA&eventType=clickstring&clientTime=1702456852698&ai=CzWa0Em55ZcucOp_1xtYPsua62Aupov7TdKu1k6aYEs-Ph_mUMRABIJjn4HxglQLIAQWoAwHIA5sEqgTtAU_Q6RMgysqETKBUF_YnEjdLDXeDWFwhoGGwUDnCdcJvLcWZfIQikw5eDLSm5am-tv-9zj7JB77Y59sN1DKhC1quAu0ZdFRLeOkyWiidrims9USKHtgGTtTMRXH74-66ZlekYLhFWJ03XgRZMyYF2a99QA9XMqTHP9k21aQKM8o9bIrA2lbFf1100XMdF7OcUxmSoJ7Qg7qKQCuLbQ1HEYG0bGY3ZbjkgOA0dbEw8qiL_N-X-nxUw6lUWkz3_-KL9BjPOhV3_pTqo__QueYqyT-Hj5rXIt0LWCi2l1h0RrX1Rm1kpK9agncdapLTJcAEu4jbyL4E4AQDiAWtxa3HTJAGAaAGToAHmpLo1QKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliJsN_-gYyDA4AKAZgLAcgLAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJERbATpYzeFcgTv6TE4wPYEwqIFAPYFAHQFQH4FgGAFwHoFwWyGAMiAQA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6308 0
54 B 45ms
17ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lq3iuqqj&c=2021923299463&slotId=1010961649731.5&qqid=CMvt4v6BjIMDFZ-60QQdMrMOuw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1es&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 6308 28 KB
18 KB 98ms
53ms XHR
text/xml 142.250.110.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AKUYhz7jNieJTGzdeVJnMHdzZzyHNQMZdDVKAkwNblEvQHqP4nQ70pIQF0JaPyyZKiBYv8KBf7iGkLt2uxyfGcRFcaag&dbm_d=AKAmf-C5-802fnrLMZE8QWQ92GiDTbd-mnvLGwbEIOW5tE-bFwInya4ORCbmxqB_YHgX2_boN0G24AobBL3oMM63Iwj1B-PbhZD6XsvkcikWORFum9ovpHWKfRekwilzNSHatBvgdjWPWZiS80QqqHESZ1dQW2wV2SjojqS7ntVe417XpHJpGIqdCmGylyH0C3ubolE1inHNYOvhAsx-CBguMSfqyv5F3meRROLiVGR2NgmEgJeB6DId1GZzTeZw8yoAWcT54nqlBpmFjl0SpOIb9oLJs6jCTSAwnmomgx7aVmMZ4SRjZ46W1PAaNF-ylrLGCJ-D8JwsDDyQ8W_tHFGdeHWkmiA1AuSbgONm4q0r1ixQReP5g2BKRofSEMbhbmvXRawxTUYn08sKyUYJBIyvWWdPfGy3fjSvIjXF9Zi4WLO3-eNunIJSjTU-U-cq6n1x6Z1Q-XYwyDqfrF941ceBi7yALNz9o4PUKlJvZo-nyfZUkqMkzCWzhpPb0nK3OtSKin9SVfHu-sNESmOA4N9pVG8idD1RbWeZXQ1ROl-Iqu5G7_piEtshwLxtYC624bTA1p-lVN6trZkjEhPgK0rI-GfK-d8E1POKLmNatyFDeTqL7t_oKhCZUVPLvs3Iczje2AGMp2jgmsxNkdzNUlv7EqQ5cM6JPCrCUqeg_8LDXXBqf0r8sNWEqyiuQ83XRXM6sjQCgkZ06SDtzy87fhaJs-l0eNrEoLd5NdLNd5_c7YuNq3V4ri91oRM8nHawLCYHzL3N5jb1HjvsoCrcQuV729QHBpmANTXZ9p-E_HZUPCPhdTHhfW8jz55Kvd5pbusreJ0WswHpjsCDKG73wE6hqVQU9Tj_UL8LpCheDvLXrvUdLXR40SyxxG3R22RoHl3CMSLL3FkgK7lvb6SwyLZTGDhA2bWSk_gMyolpp6rutV4uI6Y8POgcEBYoOTEJPlwxz5z706OcIrLAjfMXjNLi36n-9htMcrro732NWgTdoJqD1UrrnDQvqYycLwPPsfej0QxNKgdfn1tCJxDpu4aXu8GucNnWhrc47sQoDD_ix5DyZLLWZfDwz4B4HnlsDkonh3MExBaopOUzXo8_LeHZTTnm-XDOxPFncvHKnOqfmJDJgXFztEtCqpma1EetOf9xMiffiCowQKIGLsRQ010vXNIM-5RF1QcTjGYinfxoNraGHxVtgzJ6IWLYdWR8FdrG8117MAPplHm5CRHVmYzg7Cus5AZkVPV5b_2BqyDMysu5AqskNHV-h2TWb0KPCzXbdiqvxjq-O5ssrDtOK8PjvhNgQUVWD2hJs59UGxG83n22-OtLjhnBP0wY-2yCfHUHgL97-rWLcM1vt70XEfLgaNuTa_y9FUGF28PFCpQ3StKKm5O8wFzFuJhnuNvz5SQKzy31qUk10TC-ZbkcENue1zRadoe654n9Jw20geslbBxI2cvCcInxXhjae2WfgpRUPLoOBALrFHckB95E6C573Lg9xz49WPfz70ioTK6x5pe3SsCkYX4h7IcGEQBtIg-j51AzTob7Zt-TYGh0ia9eHIyeHW0BuabXaTY3GWmSYOwU0BMdONBWbrounvJeQW9Y8avj_buEg3a7nNCXFNGroNeitKaPSdXBsPkAqyFZfeTgdgmLhrntI1JXXJ1nJi4jpXOVFno2WnpqltX67ZGrL_s-KM_jrRL0kTbTXLuYquKhtgp3seyyBFKpMR-hqCTdtorE8FFS8xJpZqz9fsGCV_-85ZQid6ejKqIMsY1x9RG9reSQwrV-7sQJffn3mGiVMjVVpQsBor7rMWhPtAAHhhcq9KqoM-1TP5aTN4p0IyR_7GMP8ueBRdN_B5QcJie0yxjNxRWjL4YxbKvPrnyjwhjUjEHI6NTlG3F-aiq1gAjzwodC-bFZRLmIY5HKj3mvxQpPcvg6ZySW2DmOTr_C5YoOumtwksTrQgmBfesJWRciamFVXO_y3ilJuvY80UUSSZOfeFpAp1ZtXEVbKCTnz9iaGDOs0C2F0kbdl3pzz8R1IW1nbv58XxYe4f3qGoZTjXC2TEWBu4aWtcBVVT9L-cu5Xsr5QuMYutdJAxqz32QZhKO9-CgX1EuZD5BUCjo0-YbMoq8McfOykV39o-9-EG48VAbv_bwehUf82qrYA3G9WCC5ssD_CPdtluY9zpDEIqwC1UKCpVMCVHWY-tP-75I6pEQUZCaE0YCMRPNxxWIYRXZOu6lo_X5rbYl-sS2deJuge79eshY1NnWbOW4uUVNfyL4V-T8o_mbtchAH9tkoyGNT5NteDHMVpReE1xN750e8WVZlkAqOF8E4J4JoxDjejLpPBdv0VUCtyz6DFfjIAyVgWKHCFX9u5tHBH4CR6hL6wQocb68EwRtW3Dvc5lA3o7BGwWb26d3ZllL4X3uzSC7598NgIeb0_4T1SXPJCC4ZN847q58UB5yEK1avedjkw7rrT44b6_a42FXhiKU8dkXUPGjC8-yeKxIFsjBT0j2cYvR3vJA5ISJNGGIVkdlWfsocgtGeZv6gQPaPxSkdBoOfoycMU-gxFnBKB12ZGZ-UCOSk-7tiJ_QjErYIBAUSTKf4rfJ08ElUt2D7EMmvW9H3gK4VKMxtKIQJs4EpP9umYD9VEoolkRrWS9T6Rxp3yBZ-w5i-pIk_Ovdbl2_KiXUq_ddUxzxRhIaMIkKZGRkUFBlqnuGvPwCNKd8Jw_ubxlA3UOgMCWOAFflfUhTMomBWEUoxwBbSaaF2v6bMvb5wZxFj_kNTT_AwoiwbKfsoXY6lsKGeRFkdN3Q2y0yTvgWpMjaCIy2K0junj76NVAhvOslwNn-Zce-C7NbC6U-ovU4JiHMEONVP2esV8Xe79ObYpc2K0yl1uN2CjNU_5VTg0Lz3gVCwPTx8E3RVBxs4yhbdUpoTTR5J1LQt_NcP4mgmuIs-vuaS6KRE6rkrGxO0B60jkmnzeGsLDFGwfe4kBhLsrOeUa7DssxWW3kExbd9-sXiO4kOnIIUbVn1iF9a3Ln0P2ZrSs23RhyfcWn9Z_o8cmzxGcmiPgFFfBmN8OqR0uTuNs9-Y4tku7E3n93IHUW-8zYMdxoVI0laMhN9LUoXgFzVXm8iT6WrVpdaw4lvfamNW8DkliJZLgZa8bQqfb1MFkEAVX6RNU4uCxM7VkpjeKTuwLcCAoKJKTW9as6x17XPxpdGcLBVi9_C7swwqwiUt2yGRo8r-ZW8YVngyibA3lny5lZH7UPELQj6kPIO0De8XwriQXVKniKC5cLDclqBsTABVNd_apYFfAYEivEhQh2pefp8r0Ny-aRWmh2gcj7p2nOmYNaHW3zV5mFonu6J-TgHXsMePlTUkEZjmEcK7XQp-55iKnazUSte8CrCFFMUF979xsud2bdm4DnEQKC-m8gtBB7X-Kva1vNA55lF-SJXcaGT7TJZvj3WHOgBqDWa-cfd7I2NUsUaekXMNkqHN9C25hwkVg-yrJPaT6cgbwuRD6WyNy_8zc8OZPfJrT17H1vjl7L1CP5xqX38XiOUCb6wFOm5l3Kx6BaWF_Bbba8m--_oGhT90FHwojOB4MyKr1kveHqOF2ueXspVUnhuS&cid=CAQSTgDICaaNYCscH_ot6cFosQGZcU4NX_PxNtWQlEp5E6BWhLBP--u3rGXsC8zkwFlH5Is5OU5bPJf0U8tRGFIjSuECqi7pO8BmPXlpVjCXrRgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.110.155 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wf-in-f155.1e100.net

Software

cafe /

Resource Hash

73ee8ba7cb2d2ddceb473654eb9ade847a4038a3e6ad13a640e136158234f39e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17510
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F642
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

21ms
21ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 08:40:52 GMT
expires: Wed, 13 Dec 2023 08:40:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 08:40:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1627455/73523873/ Frame CAF7 255 KB
77 KB 111ms
42ms Script
application/javascript 63.33.159.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1627455/73523873/skeleton.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2223032880768124&ias_chanId=1&ias_placementId=20487174429&bidurl=https://114117.com/&ias_dealId=&xsId=ABAjH0injzg91sM49liQmtRSg2oi&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0injzg91sM49liQmtRSg2oi
Requested by: Host: 114117.com
URL: https://114117.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.159.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-159-19.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 96e29a5c921fd8ed334a779181743ae18cce1941f948ceb6fed4b5491faecc4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame CAF7 111 KB
39 KB 81ms
23ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 20:46:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame CAF7 11 KB
4 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cq6Jvj7W3ttIN8odotOap4GQbrwLR5QOZIPH8Ki8dkcCZzCSph0bfMxwCTjI8TDFd3hCVXSdYUkqyty-G8K_d5x1xFNLsQuYi1BaQWH_HirHyYgO76oK1FRxO8er1KrOFgGb0rOuVgNxZtrzjhZTd0SMyWczml8eVCvp1xJuHUAxEIKB4&dbm_d=AKAmf-C5Rq1E_nhBCu6775EkQvVvkYfviN14yqVVFtbRmLLcaNZFwUaqlupiEZsjxAyD07w9SlLaxHIuCh5gD-3d40d8HNprmKStV-4GAZ7MZthd1VT1GLcwXsl7ggmItuykDNaCAM42Mm7iSHVG7wRz-4Fv4NlVQ6h3Kgz7MVNKmcBXONgfZM18gHgAZj_aHPJo0Nb_1ny4SGcYSwL1FHpWKfrAXBLjU6oz4Ke55tWR34SD2GcerUK5GoDy7AUhoIy8sujOeYE0il5UYa2C_SzNtKAL_eiP6eTf74D6seNMDgvMdAWdBJ6sglh6dZFAVXs563-DnDIqaro2IdabmqEeTol3fsqs_Qq_2xvonBSCSOdzpwwFeHZH5IYCBjH0YJv2en7FMoZyJ-90x_RxOLNP4wqeEsdIF7_1kxERSudRHmqGOg14zbIKR_UM9eVBWJQEELKdPFzh3Iy5q8of5PAKSQpX6tFUA5JPNU0mgz_iMAY3t5F9bwK1qaB868dY0w2MojKJJG7Wnr5zgm5lXhQrhBdwmKbYds5mqGECwJJb_H8n69nn2LALS3HlvelsIdXyPWZQ8BkEhN2yXdxQZvG-qzX9yEkP3kDu9z1zHt3hBZ4ECmq9sKCklP_jg3CRetWXDJ1gwCFxooicQ9eWQ_4apUA8sBZKbSALn3YmvSSDZUppBAUj7eZFTBNQhU1ycguDBKeCUhD0iuUf27ccK0veralvbJpJFx5nyqDP2njngNKDjTaaj7yDk-ARiSlEXlhK_6SgOiS5TEfnPzbla7gVWzOruKmvfuNhTxdieCQRBxq6RwjXfZiWwRMZbvuv5xkFhqsa5dqe0xTX9bd7mAfGr0xka1KtBsQmeFR0FzGn8Z7rwyzBcdu7azwK_Vquv0TEnbkvTsyjFA6NSaUvvls8Tat1B01_98rB_6Lz3D6bRcIJp5IXZf-F6-rFIbMdcj-PJj2hTACl2HwzlSslUhtVtthoROvw3-o2F3ca1D1TvM_jBVj9G82oTDqdp_WNkuNmbBiXNKxDQTfANj_iWIh1ETfkCneSL8EzSIP6pLrmc66M4Tw_ixTsA_U-BBFLSbl0_73ZB8CAPYHP5eTQojaP8_WEqqmDzNesiQyKmtLnvfAQGO3m6dV7aIbA5QeS95PnWC6lhIv7djIHi5tqP0qi3KEMlhiselXIzlRKbCor5GD9GYlNuhNr4OcJq6_xOBfWjyAJNhnIGbbPz85xMS1gFvN-APsYEDxma4h5B3-WzpFR7wX1n_DwxFqKMVyGG1AEBmumDxRU_It-1GrafzvQCEuDWRdlWh_OeXT8dRWPs9A21i23RA3YtjWtBqu-2iMnDaKw6Xkn7GQ12mAHasJonqYRc0xMa30mCKPUFJgHr31SwqgFkNjEB-zJnhTc0DdBiI8gFg-J25JVRBNzaJFgYhxMtS2vztyjtBgnWSOLSelKLYkT7fyIKMbKjw2RU8pjOsjVkzE2H5ZlLBKbRdD3W7sBB-bCSlcXe1e7KmHXidqjy9txTtXqRwfFtQ2qrj0D_H6WGmY8KEQ-Z-2VMFw8MUn-oZBbuTNdNjKxTz_pwggBRlXQzTmFi63vHBuPPsLAMVm7U_z07KdehtzLwBpa_BhWeGsDYuKB_2ENAatNMZyYdBxZLcyn7NZpeqNXHnX2xqtS7bd6-0AuiAPUfPhtO9rHVOyrAFRqaNYKhNRoC4jPY2QFdhW91GpbHapeFfXff9pnVXuCTeG20CGaFc-CzakFe2up5LWIbGTvWbg5yt6yq8tkp99jmzD9NeiGXkS2pD0ez1jfGtiOoU6xjw8EMAiFPtRCCdhyfaXAvX9zUwRS2YFpTnp2d5SA3oKtsBptMskZg_L_s56H897hVCX4ICYSwAp0uOEp1hM7_y6Uvt5Ey2U5a4enQ5uBjs8Bch1mVJfD1JRGNkydJbO1HpS1_34ZvUHbXeHDLHznVGFSPCKWRqsmWZcFYaauY07pT2ohKKtEcGhfK0GacJ2OYGscrzhihp0_N8sMptK3hI2I0Ct5P0D4iOxgFCsoQp6BH1OW3qE2xCGFUaDoqGGibtqYUSs1eUGYA3Ud7qSIVPAhtG5kBJz_wBOrt0Do4QZxFNX6FtqzGUDFGoOxsFy4qudwhKtiK5AiX_TV_D9iA_rQEinThVGUneRIowDAgWJj7M3A4ioPLzpoyabV-j95GvDOMntE52utW_hlFqWN78LwgnSMv4-8lCSFOkSAADql83ghNOl-S5W3zxQLB-CnqbSz2xt4bcHwIgV7KEW9Ug_PIR9TiPMiQzhG7oneStFEbjoSzwGOJt3wRo_6s9-ITha42ppgFXTIMHRlWu-UI73oFJ2QVOxunPcqmxxt3XaoNR1-Ks0VCann7MQK5a21BcxxUncBKXnW5AjqZNNTdebTfZVA6_-nuA2nyAhK8s8LvqkxexIAHpTgY6Drb7cPffWtVLJKq1uM0lFkq0gzn0ZsJqEeVEL0ET1GIhZu_Esr9OGmbnbPmttOd9XDhtkjFtVPvLNmpaRGctfwf9Cp-VQcsVxz--BEdlK__2mmXDtOC3k0N3O37BF0TRs6lj2GMmnmfweVzj0loipiIafraANkFIzkw_1jSRyR6U90yUVvGXpY5nfQI727vgjCcUCxkO3kHheS2kgBdCrjeHAzQFJHd76SB1DAMU30A9aJohxGwrhH5__8FSg4C1RAOMCjK_6qDBhCfj3niWzk_MtDEQKJt_JIg3oFhIZC3z_GEKo8TUCD5WSqIJS-SCarwVqt6l4QENRvPsyUMaMSa_TmJnJoo2LzAFJUr8vChtW6YL4twwpIjNx0h5-hR2m2rYj1VOZviDXE6sIHRtiC20fS1lXifjXtEgb5TBvX6Zg--Cp5w21rjLfh1agnzS3LzWiklmQZnsyLVj-Hb8dRpP1NBLqWzjLDAvmmD9KJVYMlePWdEWLdxwe0b7sflANJ6z5CROgJXalXJmHogLEFcSs6aGHhfmtgPj4kDOLo9w3YI7bHy3ov_UFZrJNrsjm46-sFB_Pw9KI1bCITLCSWYxqW5vEl2fdQXx-3Yk4gDSel4CyNRSKMIJGzfBL_9HB3h1Pib-mbYRnCUixl32R-QFW1uI4skBc4PLhLupmoDDdEZ5uxmOtw0NUM4_5wNXmAlyRZ7dLbFyVZ3K6j2GmmZ38IVt6DsLiLets3aR-XsGabQTLuoJ_8A4qYzvJJF15_J7YOadE1I5pfUAhzl7ygScnMPKsOzTi18hiwlPL1uARX52LlPP24zSKhgW_w-z4LV8-PLkka7RBU1QdP-98OtN7SDQEQUND9h2UHngDWuKNlsLCb89VlTBjcRP54-AI4wip60tvLKlnTQiwd34LDglZFEoAgBxTLhjEtjynR3A6kkwIidMzzpQvKpLN_3iFU8Zh7jAMH4P9PZx9fYiYLtcrkdznpzkUAr45Ueer5IjaUV8X7iP8Al9Q2qfE7ruwZylIYnK8fVVCXBfTba7jOrbhKjT5F09pt6QIlr2CTSQEgxrLGBStXHGIz_2LR5fFg5U8ZNhgjASso3Dsa-jbBDD_kj4tL4MQYGQDxh6kPcSFx5kbkdglo3VcXHZ9Lf5oDPNTVjv8QKcCnRH0-NelGwd_OwumOaLDRpNTd1x9R_b2nl-yX0RigMslfJ5CiCJvubUs_Sl_Y_C3u3MwIA2HGb4oyHBv0p32t1Yh1rk-RVn_HnRQ3pZIx188hqh54gguAKRT5YAGTsUa_kuERmQFFVY-Aum4B5UiKSg3yJtMlOe5PQX9VUjNmlBsx30n8EDiY_kkDShP-20OwMM9HZfAR1NeuXpthuDqPiavyo2imDXDSLzvii58qJeND-F6aFhkXpDqG0omIK5eEd9VHeQ&cid=CAQSTgDICaaNYCscH_ot6cFosQGZcU4NX_PxNtWQlEp5E6BWhLBP--u3rGXsC8zkwFlH5Is5OU5bPJf0U8tRGFIjSuECqi7pO8BmPXlpVjCXrRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2F114117.com%2F&ds=l&xdt=1&iif=1&cor=3407687908194290000&adk=1761367584&idt=65&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:57:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 01:57:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame CAF7 31 KB
12 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 20:42:27 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame CAF7 41 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 398144
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 18:05:08 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 89E6 0
10 B 12ms
12ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?akIgNQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 6308 0
54 B 17ms
16ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lq3iuqqp&c=2021923299463&slotId=1010961649731.5&qqid=CMvt4v6BjIMDFZ-60QQdMrMOuw&fb=outstream-lima&vast_v=2.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
vast.doubleverify.com/v3/ Frame 6308 20 KB
4 KB 106ms
22ms XHR
text/xml 104.18.36.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.doubleverify.com/v3/vast?_media=3&ctx=10242044&cmp=30443038&sid=5513185&plc=380370236&adsrv=166&_redirect=1&psf=0&_vast=https://ad.doubleclick.net/ddm/pfadx/N7657.3553448DISPLAYVIDEO360/B30443038.380370236%3Bsz%3D0x0%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.0.0.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://114117.com/%3Bnel%3D0%3Fves%3DdGltZXN0YW1wOiAxNzAyNDU2ODUyNzg0CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzc1F1N1lWb1pEMllnanUxb21XWVNiVWhBaUxCaEpGb0RhY1lTamRBYU1fNE8xd0FfX2VZUGtSU3BRc3ZmQWxaaC1ZZlJWbWJOcUlKZHdSbkJjQkhHU2ZtSjFjalE5aFRIb0dnTU5qd2d0ajk0N09IeWpEOWU3Y1ZnQjF2UkMtZ2hNeWdZbDJ6UUl4a2JhSTJOTmlvYVFkeUd0d3pucF9rdjFJUDVzTGYzSlVWaWdmZHlaZkdTMHJZNm9xRW9IclRQSWFBWkVKNHNzWERPNVg3bXUydXpxX2FJenpvbzUyeTRiRXJXcXJxWGhMc0lPVVVCYno2ZXhOY09VQ2lmXzNZNC1KdW45RUhrV2FFbFVTVmJWd2dhMFd6bHBSWnZxQy1pdG1hTFNMRnVpTDZ2dGxRUTlrTkg2VTY0WnZRZ0VLZlhaR2NPNW5PRUdSYWxmLXJOLVVqN2E4aTJ3MklLd1hKdlNzaGRRUHpTVlFwRVcyUU9IMlgzUGtLbFhsMkE3amllTnhnUkJIN1BmcWpWY2RCMXl1cEtmaC1Jc3RSNkc4YWt2TTZyNFp3Y1V4T0s0cUhBempNM1BUbmcybFJSWUpUNXJCUjl5cHpzZXNEeEhYUnhRZTl0NFFKR2FYa0RFTjhsU2pzQThDMGc4LWRNSDdVOGgtaDkwQjhJYnViMlZoZllxc1ZiZUJfeVZVdGdLMXBIMDFxR0VsVkxTa1YxMk44OC1EQlVjQndBX3Zyd01UX1M1U09UYUpNZnRVcnNZVFlSc3IxcEhpY1ZjSjRkQUlYaU5rUHFNSmRyX3E3QWVsTjFobDFzRkExZjctaHdwNTFRT25lWVBrYVktRjZJNEVtS2V3TmE5T3FaUDVIQUFqa1llTTZzczlhM25nM2VOTFdmSG9jZlJVTm80MnNMWVloM1BJUGNVdmdpbmEwRWtUUUh4cFVCNlA4cEx0blZtc2w0RG1WZ1MtVHJrcUltOXByQ0ZZdWFEbEEtTmw3NWhoMm5rcVVrY0VaVmgyZEEzT2lhNnNhQlFjZXpFVS1IcTBzem1IX0hKeHFyZmcyMENsbm54Ym1lYnRLbTFQRFpBbDBVMGJDYWtuYjVFaEM3cGpkdFdZNlhGYWliaGhnTjBBOWxjU2xVZk1KaDg0MUxweDFDWDNEeDBrZWpGSzJYNUExWDJWUlhEa2lYbjVGQWdqcDQxZUhXQjZjWTlrdXVaYWFTbVhBS3dWMG5uZEFMRzlDWlp1aDFxdFZQd3QzUW92OUxudlBlMm1Kdm1vZ0FnOS1jd0xTN0UtaU9VOU5VeGpRVVdMQmpZbHNRd3hVUXVfVFhxckVrQUh3S2l0bXdIemhIb2ZuSVA5d0NkZGdhMmJSNFB0Sm80bUprdWdQSFFVMUpoLXRuZFM3anpraFY0NzlXcVlYeTd4VmdrODBsRlRyZDA0UXBQaTN4MGRra1pKQUw2bFYxQTU0NzRWdmEzMGUtNlprZ2Nfa3Z6VVA3Q29UM2htaUF2M2M5NGZLY0V1MHlaTWpsOTRsYktKZUFxNGJZeldJRGt5cVJidDlqRWxKckFraUZJTDdMdExBZnJTY1pSdjhnaEtxN1VFaWlwaXFYUl9OeDgtRGpNOTB0V19fNktxQ29la2lidkRzMktHS3NUaU9HZlFBOHRiS1c4emt4TWJwYWxmZm1qSi1wOUlBVkUtSjA5S2d4a0tGUXpkTzVqcFVaQTRJc2hDN2cmc2FpPUFNZmwtWVRsUkY0c0prU3preVZjYmMxMmhfSkZCUTJjNHFHWmliVlk1dW5aa2htWW1tMzlGbUhXcEdfd3ZNMlBMRHJ5dWV3dU92dWhGaGNVTkJJaVJRRUtSUlhWQ1RxTFBUZmEzbVN0bFNmb2wzaG5yVHRMMXdGbFk2RjM2bmEySUFmNjBBUkRaazAzME5ndFlLT3NvOUNkY2JLOHlzMTV1LWJyNTVvVDNjRGRhSnl3Tk5QZzhiRnE3ZmNuSFotcUM0LXVTU3JkaHB1bDdxWDI0Sm9ZWm1JdkIzZTBIYnYxT2NnYy1JWk9vb21XTU9QMG41bnI2bVpZNkhQbGhRVXVXbm5fYlNhT1NzTW5Xa2J6NHFhelgwN1REWE1FODhLOEpCM0c3TnlZUkstUHRUUW0tUjF4eUh3JnNpZz1DZzBBcktKU3pKaVBBLU93QWFLUUVBRSZjcnk9MSZmYnNfYWVpZD0lNUJnd19mYnNhZWlkJTVEJnVybGZpeD0xJmFkdXJsPWh0dHBzOi8vd3d3LmVhLmNvbS9nYW1lcy9lYS1zcG9ydHMtZmMvZmMtMjQvZmVhdHVyZXMlM0Z1dG1fY2FtcGFpZ24lM0RGQ19icmRfd3dfbTZfcHJnbXZfZHYzNjBfbWYlMjZ1dG1fc291cmNlJTNEZHYzNjAlMjZ1dG1fbWVkaXVtJTNEdmlkZW8lMjZjaWQlM0Q3MzU5OCUyNnRzJTNEMTY1Mjg5MDE0MTU5MyUyNmRjbGlkJTNEJTI1ZWRjbGlkISIK%26dc_cid%3D206232047%26dc_adid%3D572228367&_api=[APIFRAMEWORKS]&_ssm=[SERVERSIDE]&_tsm=[TIMESTAMP]&gdpr=&gdpr_consent=&_abm=[APPBUNDLE]&_pum=[PAGEURL]
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3295be5d77ee98e97f84e4e4f07e6305c1df7975ebfaa90ba246d8acd3abf407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:52 GMT
content-encoding: br
server: cloudflare
vary: origin, Accept-Encoding
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 834ce7a2aa013a61-FRA
link: <https://cdn.doubleverify.com>; rel=preconnect, <https://tpsc-video-eu.doubleverify.com>; rel=preconnect, <https://vtrk.doubleverify.com>; rel=preconnect
alt-svc: h3=":443"; ma=86400

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E10 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1368117836276&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E10 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1368117836276&version=m202309260101&ct=76&x=1&cor=10796326558105643000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8E10 109 KB
41 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CWspKRUK1TLRFgx_durHOPegZbXJm-2Ox2WdllzbNjLDV2CwB_4iIleVhBtcKM0YN2JsFhhdA6JU_tYaMbvfRci-2F1V6Zy1V74heoWo-Zk69dzqCUwmzisUv21uluH9MuUq-Qs76egWxYosiAq61IFR44b6p1ZWP_vCtANfrpBArOnE4&dbm_d=AKAmf-CzR0kaIMz98jjtGBb_rI02y5fevp52B2uiLCdwv9cxrPfLCB-n-cPpr4Louw0iQ06J_4i3E6zva-Y_evTwzNhgEEaTcZBkVckzmGg7cn-7kz2aw35MF5xHnwKChr113i_xdz48dU14xL-YjhdYmw0TVjsEaYMcTnJ8rFDAUlo1frYW_t6IlLffbXmGiTmz9pjGVAN6brW1fLwqT9q7uPW_tcmNatLoNuCf8Mkvf0--4D1_IyvsS_aykVEHPNn7xrq2CiA6D1DqhhQnsXDn1gND50y5pZIAZOjnYOzWZeb7M5VCIHVh5lc_8hZm0JeS26LmdGuhDlZo7p6KRZ_FAVgrNcuqBzDmEiRTs7AtPyK6eEz0fqz6SQoTTa2tvQeFWU79AGNeTQOcX1rHt0kFDANBMlNyPcpluhza-VQgPP1zOdznoGEpA9PcBz53S4TtImEe_2KKORhYhn8Hn8k9u5KZdP8-xKYTbwhGFZLuknGbR7d5QRrv9LMU1z9UFL_BEz_QzbkGTWD54g_QtGrIdhIZfADMmCnWCQ2EPbX3d7gesQJkQNk7rGcE7ztYSgCZPyiUfIn3ULmpUlpwT25FnwhSrXwflWDCkZu5TWOtvReoIt38qKkiKd7FpBtEUKaDifPymHFCp1Po7yPE84FZhehUjfsGuvnoHhcmBW_pX7NPluLjPURf8i8fXKTs9TJ2AEoGzsdftKyFEf_fuf24ErrMYXXxYFQFrfFF2_QhD3_mp9URWe92Mb-E2MBhhR6FmfJUBtgdYlcrHLQ_aeWDZbqE2oJIVYZXNFfGdmVHz3glBwA7g1OgMJ329QmjhnW-zMrAZ-6c842doAnkDmvgDPSG052ja0JbYyB3k4xtUfXR77aeh0ZBPL2fwhRTW0Q11HasG6rKAeskf0u8-qtWywn8KED4BBFXYiAlUf9RWIzDytIBe6fYKUstKhdUd6hYD3mjB6xt664gF_7-l_57PjhquS5AwOzXRLjgoaO70-EwzjaNcZltNuZ_kC4TAsXOgSoQkn0nVy9Z8y2OQpXsggvtTEnvCJnWXoa8-Sx_ubgL29DZwjeoZrp49pti6mvINP3E8yfwlF_6sqmKa52rBh-9Dx8w93ceu-qYwKa2icbRZTNgZIGkYlhkmi5I1QPLE3acVOSF8iUDp0P64tMkzS0z3fpFwSBmOQnUR7Vp5bVgBcEfEdrgvhQ_uSHlXKlo6w8GknLg6e7LLxAUpuzRT6YnyBqleVvRfXhVy9Z260IqAAg3f06RRvECnUKU-gLZvmc__l6jEc0xaEdWSQ9kPH2g2bmgjdMRpMfGG_sQ-i2pcn4-7eJvEGGIOz8GtM8ONv5-594jjunvOxuLxkzZ-xnhD7mHAhJfjlNRexZni8E6rsdwB1mL90QpjJei12rUeMaw4yIrU3u9Q9DB61q6hsOA4RtYG4SGCRKGq0oWC8wbinrXP2cNzaY1OG-M4EyWNI_hdgO13FmBJXJUzP3-QZPd1eFo-D3Zd4EKKHDjknRgOgmNPrd5Cq0uB6k2pa4uVtKXlEKOK9vfWCgugxSYTLprIfjORzZuHcc5fWg5brRxHMhPgjbb1fyGj-QjnrllMU85YabiyKWD2T3PWzLflSyQ7X6AQXOFVbuy52jsIhwrtyLFPN22Rw9ttYMdTVrpsX07IK2UA6HuS7ngVamG3RPQTss8rl7eHr_V0j-rzGWxEFrROLwoCrO7ebVYrmIfhroUBcsAjZmnv6GL-RtUmpNQCBI4aCPUZorHYBQoHJHUWR56ALM1u6oHeVzvCdw5C1uzyr9sHQIK2iKaqulZfmM_79N1GaXFJpfEFIu8yrmUxCjXJygyAUTI6H1JDqi3o4ZnZl0nsmdvcnS9FV01q8bdsXszzy9_N6S_2I2g7Jq8YzWLMQKQbyWS6w3ReT3XjGJwzNLeIy86IVUZe1r-7skvynp4JaMDz_2S6bdyaS8Sytx_4b0vCYXIFX-Ap26sdDirgsXvfG8gc2lvooQ44oFQ5OWRKiXSzUba4UG0cVU5lFUMDGmylD61GP1IhkObxjFUuHzA5PrR4DyVaVyVZRaHFZFj8kqSu8b-Sqt50Bt1dMKHbWCYRplEn46_x_Y5ZFmgJzUcQy1TYfjbKgSwt7BaQmStGmKN2xjSP2fPQ8Qm5SD2qo9ObCIpMq4B9638mf56FRVa4auYK7Ui5HCnNOrxODc-nXAEtLYzfJXSlf8kC5rsZL-hWp6Gv1ARR4B0Umc5fxiEncv8qBMgz93byDZZUuaRd1sNbvZ10qackoj8by0mPqBYfEhRf4VQ3HiAr2F3F3HOGb_Uehf4uI4cje3vxuiyoz8IaMOYB5HRdGKqQ7CZpt4oonjHHZLv6unM25mOHm1upc52AGwRI46lTcM5ud3TDj3UmAEK7q7xkshlQgy_ES2ol1VYOqX6SftrimAfmLIgscHVnk4h7lM-37PYd_0tU6OwOgYQy-c3cLFofE6ChmBX8HorXurfsCuXFUe8BJ2Cu2nbBIje8uA9njE1G77KkZWUsxwZWZtw-7ldD9U6_n1JPDcyYl0D4VYVBPb-bQ7Cl9KBXtpSvAvHkZ2zr2yVk27DQ6euz3NatT-RyHbUZ8j8Eu4e3ZVZ1JiW49MJbiICs68Rk8k1BMExX04IoC1s8BStufDlISq3NIKE2mS_ERfJvunj4hfzZPJkQI_MA3EzeKT4pu5toKi3rZjxKYn_Q7piAFRaaJJC0siWEYsD2xeXC8GxN_IcUnrfySxLH3GjNuuyVEYm8oE7nVMP8jSmlgi-Rx15b0NwagLK5dK2fOMJFxnEXfze-bCnm1smQbMsw9VOh_QhxPOXYkqX8oC6SN_l8dO0ArZu7at5cdagSIEMybDE96gfSxvYN_f5OFXKTgAckXhsx71kuOMsMGwQANtr9eks3EzGWTjhbxsfi5HPP8QOERGtZ_1ZWRjnZ2I3fCN57toSqDrMtxLcqM_hqAJEMNoYZwoCRXSzouLNBsaGFoReDGd1yoUQ_cmTKeXQjcK3S9Zx_c_aT-GX0dsb-A5KvNyINtQ3IrNBDx5pdBW2VjaVd4Dzmjy5MdmoCJPiccuUQwdj-BQ4NAEPNOQ9PtkhnYXGeWz5DX0l6xf-1XogYZOycpQcwabBC420Jbc9jZjH8kILGdiOn9nB-rvyqZ0tt-A-j0vs5nuw7BbNGJXK92oEGw95CtqSW1loPz9IZbUHhXrG1j0XxTXESF5fGhv4tLhUsClqx82_XWT64LIh1o53mJ8QSsQzRpVLXOB8PNCDDhYGwK2d6cFr3IXHNkObyfVlbhDFroNgXKVQn94D0Wdn8nd3AuACe2Cmj3pTO9juXoXs5Q84mAOKIJSkTUfyZ79YcEwPPzcpbF8XdPOYBkCgl0W6t0TEaYWZtNgolQbzENHnhm-SNU5uN0xMDCEGSUG2SdvVVT7wOR_jQJO34OIFLFvpxGzhtFLaCrvW8M-T3r1Us-Y4lk7Aj_nW_dSN8YrHXtbrmfI4aven5oZZ5ie0uzueS_k9A2_0PItc8biQQpgyJi__Uaacsra63K6X5oSixn2xX2ZKhKmKvaDIzOFVUjMEzjydKve7D1d0dcAaGucdwvqC400UCtpkbHGnigobuqUMiOjYQ46HaNmJrtpp838qWe_TahTTOu6u_PNQzFrhHuNfB7seh2u2RPzaVqVHpmfRTjzd3W8eErsdEjHtA5f9pnkgmmZIrYAyuD2r3mL1OplGcbFqsryGM9kkOusprz9LtCzo17AxnAik7H2NmEYVHTGiUcupRrx96JybUMdAWjopoosyOam-SGenVI3MMYdMIz_OdOSVGS_XhdWIfSOczdaHcaukwq2L196fkGu-HzwsIzmIWbbFow&cid=CAQSTgDICaaNYCscH_ot6cFosQGZcU4NX_PxNtWQlEp5E6BWhLBP--u3rGXsC8zkwFlH5Is5OU5bPJf0U8tRGFIjSuECqi7pO8BmPXlpVjCXrRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2F114117.com%2F&ds=l&xdt=1&iif=1&cor=10796326558105643000&adk=1726166463&idt=208&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfdc305561d7eb1cfc0346ee81c0007595edebc7417551adbdd6eadbaaed9421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42181
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 0EE0 50 KB
19 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:01:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 09:01:52 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3CC8 38 KB
13 KB 14ms
14ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 84445
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 09:13:27 GMT
expires: Wed, 11 Dec 2024 09:13:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17864851622750576224/ Frame 0791 6 KB
2 KB 43ms
15ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca212a6d45038b16f7e2ee85414d0f67362985095eac9dc26a34e96d1ea529b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 115876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1847
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 00:29:36 GMT
expires: Wed, 11 Dec 2024 00:29:36 GMT
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CAF7 0
0 102ms
59ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstlcLxEyKeTV-MIg3cwQly-oAEJvjp8CTVGQ_d7Upp4sCzk1Ck5dUcxZQx9I_3MsCNuKJrSOPQXr6MRcCV3Yx-Ie3erOdtMMIJrOdsdwT2Vfn7XhQO0GsxmTEKNsBRXavPRy1zmnVvkpOw_bvzWRcoQ3P7tS5w9-4PeV_nJhfb-MOrlJmeGtb6kU8qZAQPh7sbnfHB2W-7Dx-VXyBaJkrQsXINmwi6nHMs_DZ2pc52QFnbaQiMkC5vQFKwZXSg6IfUlK5pzyvIKyI8T72QxkzfYYn0vnTaHaACCzKHd8lEvG3qqeg6sRpBsySsbD0HGKOqXuqXampxg5kxYHig357g16z7XzujrQtBt0h8raDi00y23804Kx8HeM1Z51m4DXuQUNz9pDHMKvQuU5-sjMNMj5rpYVpun_umGZB0GHIyt6-nY5xFNyFcSg-efzBL_8ay_E-zsWdLEd_oUq8bUjVIIDeEukkaj7RYjs0tOJmnYlPm0Ny07ro4whydaPy2pQxGMwPEmCcy9Lt3PkZuoRcoJJ_kEZkUuJHu7gJ84BfYWvmFnDndJuUPqNLfSx5tYsyp3dDHTDyu15UiIMjnHygTq1C-ojbuTCpIaU6S8-1c2rUjVEN_Pr7fQAE5cfrvsrZ8bGeBFsuC6Y70Se0zQg79eMM54CzICA_lrgJXL42QUGEV5bfRIO-Vxp_Tv-BVwkIDPIecSRDuXR2uuMEX-YY6waUGkQIuB1ftOBlC4ltDeKFYBHRvwefomQbyXU4LN9Mmrz1nUPPXfHwzfojpRXCNi35f77UZSRiAMzVkHLu_6iwL5q0PgpejjcmcJgUHcheMRsd21t_DfC4CUU8DmdwPDpcRWbwF1mxTe4nqjdrboJWPQMMNCQuQNVa1uNpGRFwrmz_L6r8PeTEWRYXA1qCDvD1ZELyO4wqMVXEmwX3Fafw0LWmAfBeVi1h7Ho4tIC3dbgMNSvFpSOmGs-N07M-vIeWthj37IIagiD835UHIgweQ2gmnvhd8Sz6AndSdFtJ_RcvU0JsuNKX5Mo8CTtDHsFPPhJ8-YeTXNOw7KjJ95KRq6elxI2-SOsYplBCh31AD1v8OVxIF1vDcHYU-5i6u55SJUGjQRJWIhBjmKb1AV4uYHx2Y8U--kvxUUJxdDhC5YsnIdX7G4K-KcA9e-qtEKnmC0gIFFne3HYSv4qGv9n833VZiQo1SoAWazExZPvE9lH0E4mX8-CBC2El6URPIN-Sm0Ryqrl7YpbDImmFi_LL8n6Jl0HGNdsTJm20xHGWytE91NnDtPYw&sai=AMfl-YQ6Ax5aQuma0fpQqAvS7jJxO3wzkNOSH_PmFETBeM3Uruu9AyMfTT-GCtKww1RGBpKl_4Ac8vZf_RMB6QpG7__hD95u_1Hgvy24b7JVL3-qsHxXkVvSvsbBi8OZPtbUWHUVFGgn1wG8GQFBTsM_827DTYkkEB6DfcHtn9UbqCzJRxYG9c87gxUC-7SROYdW-QSHCfnlm7EgtuokBBgCjMR_zQURFKn0T3AgO3j5MPk2iG5MFHQ2PdPOmLFOBtzwdq-AjKvX1U18s6bdO6T9obbber3RcZlle_ZJ1A&sig=Cg0ArKJSzP8al0iS5fYBEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=106&cbvp=1&cstd=104&cisv=r20231207.49284&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Dec 2023 08:40:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 3CC8 39 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 19:12:54 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/17864851622750576224/css/ Frame 0791 5 KB
2 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d74871f1d66e7c0230449ab708d05f088e33d578275cfbc2e0d95529b689cfcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 03:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18310
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Dec 2024 03:35:42 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 0791 70 KB
25 KB 47ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1042233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25267
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-62b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qLfrvopeIMaDzbUIf9cZyqZqPHNBuG1fEM8EO4gBz1dLfbgksmqZJK1MFfOz0OYRSnbeKn3wz7U1LEF2a3w443qFwQj6y3bFSyqsR2WKJzWxPLXEEbsXVwrD0i1pRBkcDtKBQRKNpy2mlluQuEgC1pv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 834ce7a2bb309a30-FRA
expires: Mon, 02 Dec 2024 08:40:52 GMT

GET
H2 200 CustomEase.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame 0791 7 KB
4 KB 50ms
30ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1134377
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3299
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-ce3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MV1MmO4aEIZg6IND7TwMujH1scGHPeMaMSZzRo1DImyI8eJO9OYYp235S3BTxXRHcxJGzNEeVAph4i8WY8U%2Fy9Qd%2FHIcgNKKWn0WiNOo1t%2F5KdPmNCRU8jxk0nbrdpsykj7SBk25YDgPD36Dy3MlvcNt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 834ce7a2bb339a30-FRA
expires: Mon, 02 Dec 2024 08:40:52 GMT

GET
H3 200 dyson.svg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 0791 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/dyson.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:02:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85114
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1076
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 09:02:18 GMT

GET
H3 200 rtbIcon.svg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 0791 2 KB
800 B 18ms
18ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/rtbIcon.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108402
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 771
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 02:34:10 GMT

GET
H3 200 dyson-v15s-submarine-stack.svg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 0791 13 KB
4 KB 15ms
15ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/dyson-v15s-submarine-stack.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12ff2ec39651e02b34ee26ae91b66614f3b981e5b8db58feb16115c2b6b201f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84482
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3980
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 09:12:50 GMT

GET
H3 200 1-min.jpg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 0791 31 KB
31 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/1-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dee119ee49ab8771cf531190b1b186a092c709f799baf9ab566a3ca9778ea0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 04:42:51 GMT
x-content-type-options: nosniff
age: 100681
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31326
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 04:42:51 GMT

GET
H3 200 2-min.jpg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 0791 21 KB
21 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/2-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d66ba6bc03128cc3ce96e393fc2b3f7c8bd2e73af8258ae6d6a5e6f2efb9848

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:59:06 GMT
x-content-type-options: nosniff
age: 85306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21613
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 08:59:06 GMT

GET
H3 200 3-min.jpg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 0791 25 KB
25 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/3-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de63bf5ecaf8695bae42a604e9808a63c55b0d62bdb3b4462c1530950772fc27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:56:47 GMT
x-content-type-options: nosniff
age: 85446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25605
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 08:56:47 GMT

GET
H3 200 4-min.jpg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 0791 30 KB
30 KB 17ms
17ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/4-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

263403e6cea55abd488e73b1a3ed6fac18d6b3136572570953b3392504715123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 05:08:38 GMT
x-content-type-options: nosniff
age: 99135
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30924
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 05:08:38 GMT

GET
H3 200 arrow.svg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 0791 192 B
190 B 21ms
21ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 19:57:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132195
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 161
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 19:57:38 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/17864851622750576224/script/ Frame 0791 4 KB
973 B 15ms
15ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/script/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e24e46459c7d6e73401ab03d015d9819826b4d7e01d5dacb37c0264ebf8f069a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130345
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 944
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 20:28:27 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1627455/73523873/ Frame 8E10 255 KB
77 KB 36ms
35ms Script
application/javascript 63.33.159.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1627455/73523873/skeleton.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2223032880768124&ias_chanId=1&ias_placementId=20487175905&bidurl=https://114117.com/&ias_dealId=&xsId=ABAjH0i6rv1rLW1hrpNGto9WffXf&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0i6rv1rLW1hrpNGto9WffXf
Requested by: Host: 114117.com
URL: https://114117.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.159.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-159-19.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4c01b517c93a5efc775e0c1ab583e7cb29e03450b67c2101dc7a0c2214810985

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 8E10 111 KB
39 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Dec 2023 20:46:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 8E10 11 KB
4 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CWspKRUK1TLRFgx_durHOPegZbXJm-2Ox2WdllzbNjLDV2CwB_4iIleVhBtcKM0YN2JsFhhdA6JU_tYaMbvfRci-2F1V6Zy1V74heoWo-Zk69dzqCUwmzisUv21uluH9MuUq-Qs76egWxYosiAq61IFR44b6p1ZWP_vCtANfrpBArOnE4&dbm_d=AKAmf-CzR0kaIMz98jjtGBb_rI02y5fevp52B2uiLCdwv9cxrPfLCB-n-cPpr4Louw0iQ06J_4i3E6zva-Y_evTwzNhgEEaTcZBkVckzmGg7cn-7kz2aw35MF5xHnwKChr113i_xdz48dU14xL-YjhdYmw0TVjsEaYMcTnJ8rFDAUlo1frYW_t6IlLffbXmGiTmz9pjGVAN6brW1fLwqT9q7uPW_tcmNatLoNuCf8Mkvf0--4D1_IyvsS_aykVEHPNn7xrq2CiA6D1DqhhQnsXDn1gND50y5pZIAZOjnYOzWZeb7M5VCIHVh5lc_8hZm0JeS26LmdGuhDlZo7p6KRZ_FAVgrNcuqBzDmEiRTs7AtPyK6eEz0fqz6SQoTTa2tvQeFWU79AGNeTQOcX1rHt0kFDANBMlNyPcpluhza-VQgPP1zOdznoGEpA9PcBz53S4TtImEe_2KKORhYhn8Hn8k9u5KZdP8-xKYTbwhGFZLuknGbR7d5QRrv9LMU1z9UFL_BEz_QzbkGTWD54g_QtGrIdhIZfADMmCnWCQ2EPbX3d7gesQJkQNk7rGcE7ztYSgCZPyiUfIn3ULmpUlpwT25FnwhSrXwflWDCkZu5TWOtvReoIt38qKkiKd7FpBtEUKaDifPymHFCp1Po7yPE84FZhehUjfsGuvnoHhcmBW_pX7NPluLjPURf8i8fXKTs9TJ2AEoGzsdftKyFEf_fuf24ErrMYXXxYFQFrfFF2_QhD3_mp9URWe92Mb-E2MBhhR6FmfJUBtgdYlcrHLQ_aeWDZbqE2oJIVYZXNFfGdmVHz3glBwA7g1OgMJ329QmjhnW-zMrAZ-6c842doAnkDmvgDPSG052ja0JbYyB3k4xtUfXR77aeh0ZBPL2fwhRTW0Q11HasG6rKAeskf0u8-qtWywn8KED4BBFXYiAlUf9RWIzDytIBe6fYKUstKhdUd6hYD3mjB6xt664gF_7-l_57PjhquS5AwOzXRLjgoaO70-EwzjaNcZltNuZ_kC4TAsXOgSoQkn0nVy9Z8y2OQpXsggvtTEnvCJnWXoa8-Sx_ubgL29DZwjeoZrp49pti6mvINP3E8yfwlF_6sqmKa52rBh-9Dx8w93ceu-qYwKa2icbRZTNgZIGkYlhkmi5I1QPLE3acVOSF8iUDp0P64tMkzS0z3fpFwSBmOQnUR7Vp5bVgBcEfEdrgvhQ_uSHlXKlo6w8GknLg6e7LLxAUpuzRT6YnyBqleVvRfXhVy9Z260IqAAg3f06RRvECnUKU-gLZvmc__l6jEc0xaEdWSQ9kPH2g2bmgjdMRpMfGG_sQ-i2pcn4-7eJvEGGIOz8GtM8ONv5-594jjunvOxuLxkzZ-xnhD7mHAhJfjlNRexZni8E6rsdwB1mL90QpjJei12rUeMaw4yIrU3u9Q9DB61q6hsOA4RtYG4SGCRKGq0oWC8wbinrXP2cNzaY1OG-M4EyWNI_hdgO13FmBJXJUzP3-QZPd1eFo-D3Zd4EKKHDjknRgOgmNPrd5Cq0uB6k2pa4uVtKXlEKOK9vfWCgugxSYTLprIfjORzZuHcc5fWg5brRxHMhPgjbb1fyGj-QjnrllMU85YabiyKWD2T3PWzLflSyQ7X6AQXOFVbuy52jsIhwrtyLFPN22Rw9ttYMdTVrpsX07IK2UA6HuS7ngVamG3RPQTss8rl7eHr_V0j-rzGWxEFrROLwoCrO7ebVYrmIfhroUBcsAjZmnv6GL-RtUmpNQCBI4aCPUZorHYBQoHJHUWR56ALM1u6oHeVzvCdw5C1uzyr9sHQIK2iKaqulZfmM_79N1GaXFJpfEFIu8yrmUxCjXJygyAUTI6H1JDqi3o4ZnZl0nsmdvcnS9FV01q8bdsXszzy9_N6S_2I2g7Jq8YzWLMQKQbyWS6w3ReT3XjGJwzNLeIy86IVUZe1r-7skvynp4JaMDz_2S6bdyaS8Sytx_4b0vCYXIFX-Ap26sdDirgsXvfG8gc2lvooQ44oFQ5OWRKiXSzUba4UG0cVU5lFUMDGmylD61GP1IhkObxjFUuHzA5PrR4DyVaVyVZRaHFZFj8kqSu8b-Sqt50Bt1dMKHbWCYRplEn46_x_Y5ZFmgJzUcQy1TYfjbKgSwt7BaQmStGmKN2xjSP2fPQ8Qm5SD2qo9ObCIpMq4B9638mf56FRVa4auYK7Ui5HCnNOrxODc-nXAEtLYzfJXSlf8kC5rsZL-hWp6Gv1ARR4B0Umc5fxiEncv8qBMgz93byDZZUuaRd1sNbvZ10qackoj8by0mPqBYfEhRf4VQ3HiAr2F3F3HOGb_Uehf4uI4cje3vxuiyoz8IaMOYB5HRdGKqQ7CZpt4oonjHHZLv6unM25mOHm1upc52AGwRI46lTcM5ud3TDj3UmAEK7q7xkshlQgy_ES2ol1VYOqX6SftrimAfmLIgscHVnk4h7lM-37PYd_0tU6OwOgYQy-c3cLFofE6ChmBX8HorXurfsCuXFUe8BJ2Cu2nbBIje8uA9njE1G77KkZWUsxwZWZtw-7ldD9U6_n1JPDcyYl0D4VYVBPb-bQ7Cl9KBXtpSvAvHkZ2zr2yVk27DQ6euz3NatT-RyHbUZ8j8Eu4e3ZVZ1JiW49MJbiICs68Rk8k1BMExX04IoC1s8BStufDlISq3NIKE2mS_ERfJvunj4hfzZPJkQI_MA3EzeKT4pu5toKi3rZjxKYn_Q7piAFRaaJJC0siWEYsD2xeXC8GxN_IcUnrfySxLH3GjNuuyVEYm8oE7nVMP8jSmlgi-Rx15b0NwagLK5dK2fOMJFxnEXfze-bCnm1smQbMsw9VOh_QhxPOXYkqX8oC6SN_l8dO0ArZu7at5cdagSIEMybDE96gfSxvYN_f5OFXKTgAckXhsx71kuOMsMGwQANtr9eks3EzGWTjhbxsfi5HPP8QOERGtZ_1ZWRjnZ2I3fCN57toSqDrMtxLcqM_hqAJEMNoYZwoCRXSzouLNBsaGFoReDGd1yoUQ_cmTKeXQjcK3S9Zx_c_aT-GX0dsb-A5KvNyINtQ3IrNBDx5pdBW2VjaVd4Dzmjy5MdmoCJPiccuUQwdj-BQ4NAEPNOQ9PtkhnYXGeWz5DX0l6xf-1XogYZOycpQcwabBC420Jbc9jZjH8kILGdiOn9nB-rvyqZ0tt-A-j0vs5nuw7BbNGJXK92oEGw95CtqSW1loPz9IZbUHhXrG1j0XxTXESF5fGhv4tLhUsClqx82_XWT64LIh1o53mJ8QSsQzRpVLXOB8PNCDDhYGwK2d6cFr3IXHNkObyfVlbhDFroNgXKVQn94D0Wdn8nd3AuACe2Cmj3pTO9juXoXs5Q84mAOKIJSkTUfyZ79YcEwPPzcpbF8XdPOYBkCgl0W6t0TEaYWZtNgolQbzENHnhm-SNU5uN0xMDCEGSUG2SdvVVT7wOR_jQJO34OIFLFvpxGzhtFLaCrvW8M-T3r1Us-Y4lk7Aj_nW_dSN8YrHXtbrmfI4aven5oZZ5ie0uzueS_k9A2_0PItc8biQQpgyJi__Uaacsra63K6X5oSixn2xX2ZKhKmKvaDIzOFVUjMEzjydKve7D1d0dcAaGucdwvqC400UCtpkbHGnigobuqUMiOjYQ46HaNmJrtpp838qWe_TahTTOu6u_PNQzFrhHuNfB7seh2u2RPzaVqVHpmfRTjzd3W8eErsdEjHtA5f9pnkgmmZIrYAyuD2r3mL1OplGcbFqsryGM9kkOusprz9LtCzo17AxnAik7H2NmEYVHTGiUcupRrx96JybUMdAWjopoosyOam-SGenVI3MMYdMIz_OdOSVGS_XhdWIfSOczdaHcaukwq2L196fkGu-HzwsIzmIWbbFow&cid=CAQSTgDICaaNYCscH_ot6cFosQGZcU4NX_PxNtWQlEp5E6BWhLBP--u3rGXsC8zkwFlH5Is5OU5bPJf0U8tRGFIjSuECqi7pO8BmPXlpVjCXrRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2F114117.com%2F&ds=l&xdt=1&iif=1&cor=10796326558105643000&adk=1726166463&idt=208&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 01:57:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 01:57:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 8E10 31 KB
12 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 20:42:27 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8E10 41 KB
14 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 398144
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 18:05:08 GMT

GET
H2 200 B30443038.380370236 Show response
ad.doubleclick.net/ddm/pfadx/N7657.3553448DISPLAYVIDEO360/ Frame 6308 42 KB
17 KB 93ms
49ms XHR
text/xml 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/pfadx/N7657.3553448DISPLAYVIDEO360/B30443038.380370236?ves=dGltZXN0YW1wOiAxNzAyNDU2ODUyNzg0CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzc1F1N1lWb1pEMllnanUxb21XWVNiVWhBaUxCaEpGb0RhY1lTamRBYU1fNE8xd0FfX2VZUGtSU3BRc3ZmQWxaaC1ZZlJWbWJOcUlKZHdSbkJjQkhHU2ZtSjFjalE5aFRIb0dnTU5qd2d0ajk0N09IeWpEOWU3Y1ZnQjF2UkMtZ2hNeWdZbDJ6UUl4a2JhSTJOTmlvYVFkeUd0d3pucF9rdjFJUDVzTGYzSlVWaWdmZHlaZkdTMHJZNm9xRW9IclRQSWFBWkVKNHNzWERPNVg3bXUydXpxX2FJenpvbzUyeTRiRXJXcXJxWGhMc0lPVVVCYno2ZXhOY09VQ2lmXzNZNC1KdW45RUhrV2FFbFVTVmJWd2dhMFd6bHBSWnZxQy1pdG1hTFNMRnVpTDZ2dGxRUTlrTkg2VTY0WnZRZ0VLZlhaR2NPNW5PRUdSYWxmLXJOLVVqN2E4aTJ3MklLd1hKdlNzaGRRUHpTVlFwRVcyUU9IMlgzUGtLbFhsMkE3amllTnhnUkJIN1BmcWpWY2RCMXl1cEtmaC1Jc3RSNkc4YWt2TTZyNFp3Y1V4T0s0cUhBempNM1BUbmcybFJSWUpUNXJCUjl5cHpzZXNEeEhYUnhRZTl0NFFKR2FYa0RFTjhsU2pzQThDMGc4LWRNSDdVOGgtaDkwQjhJYnViMlZoZllxc1ZiZUJfeVZVdGdLMXBIMDFxR0VsVkxTa1YxMk44OC1EQlVjQndBX3Zyd01UX1M1U09UYUpNZnRVcnNZVFlSc3IxcEhpY1ZjSjRkQUlYaU5rUHFNSmRyX3E3QWVsTjFobDFzRkExZjctaHdwNTFRT25lWVBrYVktRjZJNEVtS2V3TmE5T3FaUDVIQUFqa1llTTZzczlhM25nM2VOTFdmSG9jZlJVTm80MnNMWVloM1BJUGNVdmdpbmEwRWtUUUh4cFVCNlA4cEx0blZtc2w0RG1WZ1MtVHJrcUltOXByQ0ZZdWFEbEEtTmw3NWhoMm5rcVVrY0VaVmgyZEEzT2lhNnNhQlFjZXpFVS1IcTBzem1IX0hKeHFyZmcyMENsbm54Ym1lYnRLbTFQRFpBbDBVMGJDYWtuYjVFaEM3cGpkdFdZNlhGYWliaGhnTjBBOWxjU2xVZk1KaDg0MUxweDFDWDNEeDBrZWpGSzJYNUExWDJWUlhEa2lYbjVGQWdqcDQxZUhXQjZjWTlrdXVaYWFTbVhBS3dWMG5uZEFMRzlDWlp1aDFxdFZQd3QzUW92OUxudlBlMm1Kdm1vZ0FnOS1jd0xTN0UtaU9VOU5VeGpRVVdMQmpZbHNRd3hVUXVfVFhxckVrQUh3S2l0bXdIemhIb2ZuSVA5d0NkZGdhMmJSNFB0Sm80bUprdWdQSFFVMUpoLXRuZFM3anpraFY0NzlXcVlYeTd4VmdrODBsRlRyZDA0UXBQaTN4MGRra1pKQUw2bFYxQTU0NzRWdmEzMGUtNlprZ2Nfa3Z6VVA3Q29UM2htaUF2M2M5NGZLY0V1MHlaTWpsOTRsYktKZUFxNGJZeldJRGt5cVJidDlqRWxKckFraUZJTDdMdExBZnJTY1pSdjhnaEtxN1VFaWlwaXFYUl9OeDgtRGpNOTB0V19fNktxQ29la2lidkRzMktHS3NUaU9HZlFBOHRiS1c4emt4TWJwYWxmZm1qSi1wOUlBVkUtSjA5S2d4a0tGUXpkTzVqcFVaQTRJc2hDN2cmc2FpPUFNZmwtWVRsUkY0c0prU3preVZjYmMxMmhfSkZCUTJjNHFHWmliVlk1dW5aa2htWW1tMzlGbUhXcEdfd3ZNMlBMRHJ5dWV3dU92dWhGaGNVTkJJaVJRRUtSUlhWQ1RxTFBUZmEzbVN0bFNmb2wzaG5yVHRMMXdGbFk2RjM2bmEySUFmNjBBUkRaazAzME5ndFlLT3NvOUNkY2JLOHlzMTV1LWJyNTVvVDNjRGRhSnl3Tk5QZzhiRnE3ZmNuSFotcUM0LXVTU3JkaHB1bDdxWDI0Sm9ZWm1JdkIzZTBIYnYxT2NnYy1JWk9vb21XTU9QMG41bnI2bVpZNkhQbGhRVXVXbm5fYlNhT1NzTW5Xa2J6NHFhelgwN1REWE1FODhLOEpCM0c3TnlZUkstUHRUUW0tUjF4eUh3JnNpZz1DZzBBcktKU3pKaVBBLU93QWFLUUVBRSZjcnk9MSZmYnNfYWVpZD0lNUJnd19mYnNhZWlkJTVEJnVybGZpeD0xJmFkdXJsPWh0dHBzOi8vd3d3LmVhLmNvbS9nYW1lcy9lYS1zcG9ydHMtZmMvZmMtMjQvZmVhdHVyZXMlM0Z1dG1fY2FtcGFpZ24lM0RGQ19icmRfd3dfbTZfcHJnbXZfZHYzNjBfbWYlMjZ1dG1fc291cmNlJTNEZHYzNjAlMjZ1dG1fbWVkaXVtJTNEdmlkZW8lMjZjaWQlM0Q3MzU5OCUyNnRzJTNEMTY1Mjg5MDE0MTU5MyUyNmRjbGlkJTNEJTI1ZWRjbGlkISIK&dc_cid=206232047&dc_adid=572228367;sz=0x0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text%2Fxml;dc_sdkv=h.0.0.0;dc_osd=2;dc_frm=2;dc_sdr=1;dc_ref=https://114117.com/;nel=0;vis=1;dc_sdki=445;dc_eid=420706098%2C44752538%2C44807614%2C44807615%2C75259414;ord=[timestamp]

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f6.1e100.net

Software

cafe /

Resource Hash

5a762b86914363e55272219ce2cacecf3abfb67991fcbe286257f01a9ef85616

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16479
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame CAF7
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1627455/73523873/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2223032880768124&ias_chanId=1&ias_placementId=20487174429&bidurl=https://114117.com/&ias_...
https://static.adsafeprotected.com/4.js?xsId=ABAjH0injzg91sM49liQmtRSg2oi&ias_xappb=&adContainerId=brand_safety_FG55ZY-bKayb9u8P4aOMwAg&cbFunctionName=goog_wrapCb_FG55ZY-bKayb9u8P4aOMwAg&true_pb=

1 KB
1 KB

25ms
25ms

Script
application/javascript

2600:9000:2127:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?xsId=ABAjH0injzg91sM49liQmtRSg2oi&ias_xappb=&adContainerId=brand_safety_FG55ZY-bKayb9u8P4aOMwAg&cbFunctionName=goog_wrapCb_FG55ZY-bKayb9u8P4aOMwAg&true_pb=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2600:9000:2127:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:45:50 GMT
x-amz-version-id: dZV1qYWLtZJQETG4KzZq1jUYDpTMrU_G
content-encoding: gzip
via: 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 482104
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Thu, 07 Dec 2023 18:45:48 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: rjA_ZXx7oredbu42FVZ_9_hdL8sw-w-bJVMBVK6aODyUM9GMHIe8lg==

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:52 GMT
server: nginx
x-server-name: app19.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?xsId=ABAjH0injzg91sM49liQmtRSg2oi&ias_xappb=&adContainerId=brand_safety_FG55ZY-bKayb9u8P4aOMwAg&cbFunctionName=goog_wrapCb_FG55ZY-bKayb9u8P4aOMwAg&true_pb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame C40A 91 KB
23 KB 78ms
24ms Script
application/javascript 2600:9000:2127:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 7201903
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: WJeOR9kZs1gcJRC04aYjqr_WsOEO095FivHqdunr23I1FlfVZLbwzQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CAF7 43 B
215 B 560ms
186ms Image
image/gif 2600:1f13:800:7781:5f9f:1259:c76c:3ebc
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=ded35227-5934-3125-892d-db907e205a1e&tv=%7Bc:wFu5UM,pingTime:-3,time:47,type:v,im:%7BpBlk:28%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:13%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:47,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B42~0%5D,as:%5B42~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYj5smV+11%7C121%7C122%7C13%7C1411%7C1412%7C151*.1627455-73523873%7C1511%7C1512%7C1513%7C1611%7C17%7C18%7C19,idMap:151*,rmeas:1,rend:0,renddet:IMG.us,siq:14%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:53 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CAF7 43 B
216 B 553ms
184ms Image
image/gif 2600:1f13:800:7781:5f9f:1259:c76c:3ebc
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=ded35227-5934-3125-892d-db907e205a1e&tv=%7Bc:wFu5UQ,pingTime:-6,time:51,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:51,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYj5smV+11%7C121%7C122%7C13%7C1411%7C1412%7C151*.1627455-73523873%7C1511%7C1512%7C1513%7C1611%7C17%7C18%7C19,idMap:151*,rmeas:1,rend:0,renddet:IMG.us,siq:14%7D&tpiLookup=ao:114117.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:53 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17864851622750576224/ Frame E11F 6 KB
2 KB 14ms
14ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca212a6d45038b16f7e2ee85414d0f67362985095eac9dc26a34e96d1ea529b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 115876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1847
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 00:29:36 GMT
expires: Wed, 11 Dec 2024 00:29:36 GMT
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8E10 0
0 62ms
61ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstEVVAU8mHgeARXhbxDcan6Bukzz-whGVJL3Ju2I2IojzhcXG4PwgTIJ3aipV8zbGsEslX7ZDOHvIMG0VsY40ADGVGF44G0kiJ9UJdwsaO0kfYTgFHn-wPaq2WfP0aLur4StLlnnteNWkh28NKmcjPWbFKrB3oaXiDV1ZrIqdF2XspI0xB8bQw6QLoPDgUCfbcmwfIwg01L0thg8vnqppBUpXkLPpTwISWLXIwK-9eua6Gd8TH0dpCjWkN_5MvuFKH9TPTvT_EQ4f-iMl3PMxpeSS9qV7btrYHpYZxx5IFLxm-O_mb48EEpBlJD12U6jn4QZLbt8608JbIl5OxAiK7UBeLSymDNzb9MDu_gADRY3Z8d2Nbv84AGKHwQ58593BN5iGh7dRLOVfeASqo7rlJWXpEUUQfqS8st2mjokUu4E0OK7_TFBUHqOU_K7s74NAUcarZXVZAlIh3neRGPA1gjS6VwRmTHMLj1lIYuOspVOO3sc8H09Wye25_7ZbSfMB-XP4aETetlIKBWXDFvUmW42_uIqGVqvnuzc6jn6tey-4_NxbmJG3hIV3dT1K03KN1mQsCiPM1Hdhuvomacm1vNXELw1JnfC0Xq3udB6nLXcva8IbKsKHoKVbuPZC-wDUZu1rv8fu-peVb-zi9VdX4O3CI7r9BFP175isnNF41hWmHOedVtl-M6CTCXxxdO_B9o1uoIRjGjCe2q1wDHI7fFy1STkujmUBQN_hc2jcdXUIGbLHzIhOW5fvOMf0WZJEbqQHzuv8v2HXy7U5OyF7zzrEcyZd3n1Jcwg8BqmmB1UQ2rwTTTrkww3tnTqSOf9bLHOa0AdvmFAM7bm3GF0dzv5Pz5jhV0yK6Umoqjs9HKkiHdlMo2kMktQ5FVPLxOVwSUkIFZZMkNFDiGPGb7hg8Gv6gpZcGdCIB4NDtsRIJCepTYkRmS4cWjhMB3EqBpGcU3hbSoycPnZgexdFggrkEvna0NCCaaVbOeRMH3_X8SQvd36nEYbyGXg02JQTqoJqEZQlB3M5I3zFA5w--OmN3UJ1rgNAQkRw_xjxWWOHOonHLHHomVBpgUmt_9co9ca-kyZQfoqpHJrmT_KePbkTlveBfxRJnHJ0DYZJ8T2b1Tjd6WCDcf9NIberzOx3uqDe_oGpvIfs8FGse2bCgttKnZfUdR4_2T5yh-x7OfFq8pmjQ4-wFCpIJDI9zgKDvXV6TgqNV4lCld9sbBp5oKb-UCLVJ3s2MSmxh1Cs9keRHgwtSDIS_hdT3Y_ysbmlvd2T0oR_VLXuGGJg&sai=AMfl-YT5qLJXfjqtwkjZvQGdYNVFMIO2gYySUNuvczkbtdcfTAkD25kd5rGOTGj3qlOcye2VIBpgiYpfN1ldvFPttjFVB50mj2HjT4bAtB15IzydlB4VljWq_s6bYIch-m_gDg1vmm0UVcbMqrTOf2-nB0J8_WrFb_4d_f_Bsk6o6l0kQOH3gzNbBZU0ECet9Q5u9tKmyDY87BQ952la2G6MuZc2AAwSywz1q_3CpEQby-7Ctfckb8nfRDSmwniEzPiHdaATeIGt7o3ylkgc4n49JX-ZR6OWovzU1UZnZQ&sig=Cg0ArKJSzEKS9Grprzv-EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=78&cbvp=1&cstd=78&cisv=r20231207.52897&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Dec 2023 08:40:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CAF7 43 B
215 B 724ms
365ms Image
image/gif 2600:1f13:800:7781:5f9f:1259:c76c:3ebc
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=ded35227-5934-3125-892d-db907e205a1e&tv=%7Bc:wFu5V1,pingTime:-2,time:62,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:368,beZ:368,mfA:370,cmA:371,inA:371,inZ:373,prA:374,prZ:376,si:381,poA:382,bl:395,poZ:395,cmZ:395,mfZ:395,loA:418,loZ:420,ltA:430,ltZ:430%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:13%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:62,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B57~0%5D,as:%5B57~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYj5smV+11%7C121%7C122%7C13%7C1411%7C1412%7C151*.1627455-73523873%7C1511%7C1512%7C1513%7C1611%7C17%7C18%7C19,idMap:151*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:14,sinceFw:47,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:53 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 3DA8 38 KB
13 KB 14ms
13ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 84446
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 09:13:27 GMT
expires: Wed, 11 Dec 2024 09:13:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 8E10
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1627455/73523873/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2223032880768124&ias_chanId=1&ias_placementId=20487175905&bidurl=https://114117.com/&ias_...
https://static.adsafeprotected.com/4.js?xsId=ABAjH0i6rv1rLW1hrpNGto9WffXf&ias_xappb=&adContainerId=brand_safety_FG55ZfScNMSu9u8PgsWXyAM&cbFunctionName=goog_wrapCb_FG55ZfScNMSu9u8PgsWXyAM&true_pb=

1 KB
1 KB

31ms
31ms

Script
application/javascript

2600:9000:2127:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?xsId=ABAjH0i6rv1rLW1hrpNGto9WffXf&ias_xappb=&adContainerId=brand_safety_FG55ZfScNMSu9u8PgsWXyAM&cbFunctionName=goog_wrapCb_FG55ZfScNMSu9u8PgsWXyAM&true_pb=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2600:9000:2127:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:45:50 GMT
x-amz-version-id: dZV1qYWLtZJQETG4KzZq1jUYDpTMrU_G
content-encoding: gzip
via: 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 482104
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Thu, 07 Dec 2023 18:45:48 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: n-fSL6reRY86ec3XwViS8PcOhDBhAM44KR3T-dxsXHx5JFietuX4eg==

Redirect headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:53 GMT
server: nginx
x-server-name: app13.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?xsId=ABAjH0i6rv1rLW1hrpNGto9WffXf&ias_xappb=&adContainerId=brand_safety_FG55ZfScNMSu9u8PgsWXyAM&cbFunctionName=goog_wrapCb_FG55ZfScNMSu9u8PgsWXyAM&true_pb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 0B6D 91 KB
23 KB 24ms
24ms Script
application/javascript 2600:9000:2127:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 7201903
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: jAoeGx0G12K8696PCBjy1dTkFuGJiKPjW1Vhz_u8qV46-95l8MpRqg==

GET
H3 200 style.css
s0.2mdn.net/sadbundle/17864851622750576224/css/ Frame E11F 5 KB
2 KB 14ms
13ms Stylesheet
text/css 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d74871f1d66e7c0230449ab708d05f088e33d578275cfbc2e0d95529b689cfcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 03:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18311
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 12 Dec 2024 03:35:42 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame E11F 70 KB
25 KB 15ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1042234
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25267
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-62b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piCWm37EimKTHRdsUTU%2BlZI%2BhnSuN299umneOMn53Ma8%2BhWB5of0d7l4UPwhd8k5tynA6waZSLG5XNI%2BKqXbu1CLWqTFov1FumfGs7%2FJh9u4BBqKDeeybWB3L53%2BqvmrUZs1JR8WbK1pKgZS7%2Bi%2BOM2w"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 834ce7a38bff9a30-FRA
expires: Mon, 02 Dec 2024 08:40:53 GMT

GET
H2 200 CustomEase.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame E11F 7 KB
4 KB 14ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1134378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3299
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-ce3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBp8vsBy9Rmy2bGEI1PyGqyjaweK10a0iSa4XSo6q%2F2WoCM7Vm7FYVhCD2Fn25ibs8%2F%2F052jCiZ%2F5NYCnryzgN%2FJMHcCZ20KYU%2BhFKglcuDuYgQ%2FkwSf%2BMYXfgsYgjYkfoK2sVpGoQ6gzasBOlT6owsG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 834ce7a38c009a30-FRA
expires: Mon, 02 Dec 2024 08:40:53 GMT

GET
H3 200 dyson.svg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame E11F 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/dyson.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:02:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85115
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1076
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 09:02:18 GMT

GET
H3 200 rtbIcon.svg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame E11F 2 KB
800 B 17ms
16ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/rtbIcon.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 02:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108403
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 771
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 02:34:10 GMT

GET
H3 200 dyson-v15s-submarine-stack.svg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame E11F 13 KB
4 KB 13ms
13ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/dyson-v15s-submarine-stack.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12ff2ec39651e02b34ee26ae91b66614f3b981e5b8db58feb16115c2b6b201f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84483
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3980
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 09:12:50 GMT

GET
H3 200 1-min.jpg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame E11F 31 KB
31 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/1-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dee119ee49ab8771cf531190b1b186a092c709f799baf9ab566a3ca9778ea0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 04:42:51 GMT
x-content-type-options: nosniff
age: 100682
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31326
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 04:42:51 GMT

GET
H3 200 2-min.jpg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame E11F 21 KB
21 KB 23ms
23ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/2-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d66ba6bc03128cc3ce96e393fc2b3f7c8bd2e73af8258ae6d6a5e6f2efb9848

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:59:06 GMT
x-content-type-options: nosniff
age: 85307
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21613
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 08:59:06 GMT

GET
H3 200 3-min.jpg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame E11F 25 KB
25 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/3-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de63bf5ecaf8695bae42a604e9808a63c55b0d62bdb3b4462c1530950772fc27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:56:47 GMT
x-content-type-options: nosniff
age: 85446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25605
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 08:56:47 GMT

GET
H3 200 4-min.jpg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame E11F 30 KB
30 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/4-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

263403e6cea55abd488e73b1a3ed6fac18d6b3136572570953b3392504715123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 05:08:38 GMT
x-content-type-options: nosniff
age: 99135
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30924
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 05:08:38 GMT

GET
H3 200 arrow.svg
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame E11F 192 B
190 B 26ms
26ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 19:57:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132195
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 161
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 19:57:38 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/17864851622750576224/script/ Frame E11F 4 KB
973 B 21ms
21ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/script/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e24e46459c7d6e73401ab03d015d9819826b4d7e01d5dacb37c0264ebf8f069a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130346
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 944
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 20:28:27 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8E10 43 B
215 B 486ms
185ms Image
image/gif 2600:1f13:800:7781:5f9f:1259:c76c:3ebc
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=26517e08-e256-07cb-181e-7c8b104b36ea&tv=%7Bc:wFu5VX,pingTime:-3,time:48,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:48,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B43~0%5D,as:%5B43~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYj5so5+11%7C121%7C122%7C13%7C1411%7C1412%7C1511%7C15121%7C1513%7C1514%7C161*.1627455-73523873%7C1611%7C1612%7C1613%7C17%7C18%7C19,idMap:161*,rmeas:1,rend:0,renddet:IMG.us,siq:22%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:53 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 csi
csi.gstatic.com/ Frame 6308 0
17 B 17ms
17ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lq3iuqtx&c=2021923299463&slotId=1010961649731.5&qqid=CMvt4v6BjIMDFZ-60QQdMrMOuw&fb=outstream-lima&vmfc=13&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:53 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 6308 41 KB
15 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:29:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389475
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 20:29:38 GMT

HEAD
H/1.1

200
OK

file.mp4
r5---sn-5goeenes.c.2mdn.net/videoplayback/id/779251d464fbd7d5/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240784/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 6308
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/779251d464fbd7d5/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240784/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r5---sn-5goeenes.c.2mdn.net/videoplayback/id/779251d464fbd7d5/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240784/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

167ms
32ms

Fetch
video/mp4

2a00:1450:400f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-5goeenes.c.2mdn.net/videoplayback/id/779251d464fbd7d5/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240784/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/752ABF26D97179A24574D33CD39CC41FDCFEC9AC.3D71B4D3E05CFDB0C90C848F12B9040C2908665F/key/cms1/cms_redirect/yes/mh/wP/mip/2a00:c98:2050:a007:2::5/mm/42/mn/sn-5goeenes/ms/onc/mt/1702456232/mv/u/mvi/5/pl/57/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:400f::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 08:40:53 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4289511
Last-Modified: Tue, 05 Dec 2023 16:11:25 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 13 Dec 2023 08:40:53 GMT

Redirect headers

date: Wed, 13 Dec 2023 08:40:53 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 653
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r5---sn-5goeenes.c.2mdn.net/videoplayback/id/779251d464fbd7d5/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240784/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/752ABF26D97179A24574D33CD39CC41FDCFEC9AC.3D71B4D3E05CFDB0C90C848F12B9040C2908665F/key/cms1/cms_redirect/yes/mh/wP/mip/2a00:c98:2050:a007:2::5/mm/42/mn/sn-5goeenes/ms/onc/mt/1702456232/mv/u/mvi/5/pl/57/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8E10 43 B
215 B 650ms
367ms Image
image/gif 2600:1f13:800:7781:5f9f:1259:c76c:3ebc
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=26517e08-e256-07cb-181e-7c8b104b36ea&tv=%7Bc:wFu5Wd,pingTime:-6,time:64,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:64,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B59~0%5D,as:%5B59~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYj5so5+11%7C121%7C122%7C13%7C1411%7C1412%7C1511%7C15121%7C1513%7C1514%7C161*.1627455-73523873%7C1611%7C1612%7C1613%7C17%7C18%7C19,idMap:161*,rmeas:1,rend:0,renddet:IMG.us,siq:22%7D&tpiLookup=ao:114117.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:53 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CAF7 0
0 52ms
51ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstlcLxEyKeTV-MIg3cwQly-oAEJvjp8CTVGQ_d7Upp4sCzk1Ck5dUcxZQx9I_3MsCNuKJrSOPQXr6MRcCV3Yx-Ie3erOdtMMIJrOdsdwT2Vfn7XhQO0GsxmTEKNsBRXavPRy1zmnVvkpOw_bvzWRcoQ3P7tS5w9-4PeV_nJhfb-MOrlJmeGtb6kU8qZAQPh7sbnfHB2W-7Dx-VXyBaJkrQsXINmwi6nHMs_DZ2pc52QFnbaQiMkC5vQFKwZXSg6IfUlK5pzyvIKyI8T72QxkzfYYn0vnTaHaACCzKHd8lEvG3qqeg6sRpBsySsbD0HGKOqXuqXampxg5kxYHig357g16z7XzujrQtBt0h8raDi00y23804Kx8HeM1Z51m4DXuQUNz9pDHMKvQuU5-sjMNMj5rpYVpun_umGZB0GHIyt6-nY5xFNyFcSg-efzBL_8ay_E-zsWdLEd_oUq8bUjVIIDeEukkaj7RYjs0tOJmnYlPm0Ny07ro4whydaPy2pQxGMwPEmCcy9Lt3PkZuoRcoJJ_kEZkUuJHu7gJ84BfYWvmFnDndJuUPqNLfSx5tYsyp3dDHTDyu15UiIMjnHygTq1C-ojbuTCpIaU6S8-1c2rUjVEN_Pr7fQAE5cfrvsrZ8bGeBFsuC6Y70Se0zQg79eMM54CzICA_lrgJXL42QUGEV5bfRIO-Vxp_Tv-BVwkIDPIecSRDuXR2uuMEX-YY6waUGkQIuB1ftOBlC4ltDeKFYBHRvwefomQbyXU4LN9Mmrz1nUPPXfHwzfojpRXCNi35f77UZSRiAMzVkHLu_6iwL5q0PgpejjcmcJgUHcheMRsd21t_DfC4CUU8DmdwPDpcRWbwF1mxTe4nqjdrboJWPQMMNCQuQNVa1uNpGRFwrmz_L6r8PeTEWRYXA1qCDvD1ZELyO4wqMVXEmwX3Fafw0LWmAfBeVi1h7Ho4tIC3dbgMNSvFpSOmGs-N07M-vIeWthj37IIagiD835UHIgweQ2gmnvhd8Sz6AndSdFtJ_RcvU0JsuNKX5Mo8CTtDHsFPPhJ8-YeTXNOw7KjJ95KRq6elxI2-SOsYplBCh31AD1v8OVxIF1vDcHYU-5i6u55SJUGjQRJWIhBjmKb1AV4uYHx2Y8U--kvxUUJxdDhC5YsnIdX7G4K-KcA9e-qtEKnmC0gIFFne3HYSv4qGv9n833VZiQo1SoAWazExZPvE9lH0E4mX8-CBC2El6URPIN-Sm0Ryqrl7YpbDImmFi_LL8n6Jl0HGNdsTJm20xHGWytE91NnDtPYw&sai=AMfl-YQ6Ax5aQuma0fpQqAvS7jJxO3wzkNOSH_PmFETBeM3Uruu9AyMfTT-GCtKww1RGBpKl_4Ac8vZf_RMB6QpG7__hD95u_1Hgvy24b7JVL3-qsHxXkVvSvsbBi8OZPtbUWHUVFGgn1wG8GQFBTsM_827DTYkkEB6DfcHtn9UbqCzJRxYG9c87gxUC-7SROYdW-QSHCfnlm7EgtuokBBgCjMR_zQURFKn0T3AgO3j5MPk2iG5MFHQ2PdPOmLFOBtzwdq-AjKvX1U18s6bdO6T9obbber3RcZlle_ZJ1A&sig=Cg0ArKJSzP8al0iS5fYBEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=330&vt=11&dtpt=224&dett=3&cstd=104&cisv=r20231207.49284&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8E10 43 B
215 B 460ms
185ms Image
image/gif 2600:1f13:800:7781:5f9f:1259:c76c:3ebc
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=26517e08-e256-07cb-181e-7c8b104b36ea&tv=%7Bc:wFu5Wo,pingTime:-2,time:75,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:426,beZ:427,mfA:429,cmA:430,inA:430,inZ:432,prA:432,prZ:441,si:446,poA:448,poZ:462,cmZ:462,mfZ:462,loA:490,loZ:492,ltA:501,ltZ:501%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:19%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:75,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B70~0%5D,as:%5B70~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYj5smV+11%7C121%7C122%7C13%7C1411%7C1412%7C151.1627455-73523873%7C1511%7C15121%7C1513%7C1514%7C161*.1627455-73523873%7C1611%7C1612%7C1613%7C17%7C18%7C19,idMap:161*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:22,sinceFw:53,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:53 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 3DA8 39 KB
15 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 19:12:54 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 8FB5 23 KB
8 KB 13ms
13ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 93871
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 06:36:22 GMT
expires: Wed, 11 Dec 2024 06:36:22 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CC8 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BMN41FG55ZY-bKayb9u8P4aOMwAgAAAAAOAHgBAI&bg=!FxSlFFvNAAY3kmNgF5I7ADQBe5WfOP5Y59jPC6rUUyQIZZgV8WdG9_nyC7isuBA5ewQ3ZQpFEitGfm_LJl2MF_ru0ahFAgAAAJBSAAAAAmgBB5kDPnPj-kGutR7PLbjw6B70emMUQ2pEca7YgyWK0ppF-kgvZdaEmlPI2sGRnpylMkGQLU6xhqtfq2gMIII8yCIxhCttU780mkxuWimZbtEfo4I1fl_vqCWXnLiR6gDwDd79WbHHZWgewfEHDPa6hyzvWv6g4p5Pv8ap5PS4CJnNCmJwXk96jeFO1okNEjnOphCtqES04FNGrDvElxYOJYVzDDi198l2MB6Kux8m-Tebo0GIlSELb3l-oOdQXf02IApgv1B3jLYzIzDggOf4kXYqwss6WShKDMWKWdahwoeZC1GAZcFwgZ0FVvIg8jq8MuN6PYvw10nICErstt8iuublFq0XclVX1Att2H_QXIPnkNbewBKqvIfRXCSTm06FO0mI8ONI9Ant4vQXtzum9mN4V6rfOKzU-EDkBX7NLOoZyJB5vpe-utkHBcTsct-q4r6wCCdqdnHNftSplEF7Y9KcS7G0YoDY9ldmK30l06avaOE1ZlhRn6dSC54iGzyt--wiy2XOU_bJzoJZq00dkeGKNuS8YJM9DgIHfMVaw59kRICNzu0t4q1fum1CoW4agcnS42uk8I8OB0uQlZwVQMU1Rft-YFSQGvd9Vs6rso8CuCUuWeBO_nvY5r38KmTlWrWTaliQx9oX2i0qtLQ9tTrWySt9R5pjhcQwCKDU2AW4j0fdfYJeCJy0Z6joPPA8WSPHJalCfNDMOmwKKi9Kh8hua8O3IxAy5u0Oq4oy7fzuBEeNqxzxV4WriI3okG2n1etyHR6-tVUvE3CXyj663vpeTdNvI_wvTcaFEfSrdmYqrwUbAic8fZnmYnUiyQeUti4BInYH2UeUOcvq0_IR1x-2EAyXCzsjA2-QCbMXgCixhKHYPbpxDebq8awvOGnwVuKLqbWoTLSyqm2AZ4Dp_542p109O2AkNAbTyteLwzn0UJaYt1ik1o--6TSag56Y3l4iwz9Hqf--epkBYJv84LegYmhNknYPV1P4CYJssrBVa7XrOZ_GgqTwjVsKdVqudusauuIl9twzIaQpY5KIlf_Bnb1CiaOkV4ZT2xR4iEI1SsJc2N-ImNNllrU91NScFRy1fqcns5cQPxY6816zk6Lw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CAF7 43 B
215 B 407ms
187ms Image
image/gif 2600:1f13:800:7781:5f9f:1259:c76c:3ebc
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=ded35227-5934-3125-892d-db907e205a1e&tv=%7Bc:wFu5Xg,time:201,type:e,im:%7BpWait:34%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:201,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B196~0%5D,as:%5B196~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tYj5smV+11%7C121%7C122%7C13%7C1411%7C1412%7C151*.1627455-73523873%7C1511%7C1512%7C1513%7C161.1627455-73523873%7C1611%7C17%7C18%7C19,idMap:151*,rmeas:1,rend:0,renddet:IMG.us,siq:14,sis:156%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:53 GMT
server: nginx
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8E10 0
0 53ms
52ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstEVVAU8mHgeARXhbxDcan6Bukzz-whGVJL3Ju2I2IojzhcXG4PwgTIJ3aipV8zbGsEslX7ZDOHvIMG0VsY40ADGVGF44G0kiJ9UJdwsaO0kfYTgFHn-wPaq2WfP0aLur4StLlnnteNWkh28NKmcjPWbFKrB3oaXiDV1ZrIqdF2XspI0xB8bQw6QLoPDgUCfbcmwfIwg01L0thg8vnqppBUpXkLPpTwISWLXIwK-9eua6Gd8TH0dpCjWkN_5MvuFKH9TPTvT_EQ4f-iMl3PMxpeSS9qV7btrYHpYZxx5IFLxm-O_mb48EEpBlJD12U6jn4QZLbt8608JbIl5OxAiK7UBeLSymDNzb9MDu_gADRY3Z8d2Nbv84AGKHwQ58593BN5iGh7dRLOVfeASqo7rlJWXpEUUQfqS8st2mjokUu4E0OK7_TFBUHqOU_K7s74NAUcarZXVZAlIh3neRGPA1gjS6VwRmTHMLj1lIYuOspVOO3sc8H09Wye25_7ZbSfMB-XP4aETetlIKBWXDFvUmW42_uIqGVqvnuzc6jn6tey-4_NxbmJG3hIV3dT1K03KN1mQsCiPM1Hdhuvomacm1vNXELw1JnfC0Xq3udB6nLXcva8IbKsKHoKVbuPZC-wDUZu1rv8fu-peVb-zi9VdX4O3CI7r9BFP175isnNF41hWmHOedVtl-M6CTCXxxdO_B9o1uoIRjGjCe2q1wDHI7fFy1STkujmUBQN_hc2jcdXUIGbLHzIhOW5fvOMf0WZJEbqQHzuv8v2HXy7U5OyF7zzrEcyZd3n1Jcwg8BqmmB1UQ2rwTTTrkww3tnTqSOf9bLHOa0AdvmFAM7bm3GF0dzv5Pz5jhV0yK6Umoqjs9HKkiHdlMo2kMktQ5FVPLxOVwSUkIFZZMkNFDiGPGb7hg8Gv6gpZcGdCIB4NDtsRIJCepTYkRmS4cWjhMB3EqBpGcU3hbSoycPnZgexdFggrkEvna0NCCaaVbOeRMH3_X8SQvd36nEYbyGXg02JQTqoJqEZQlB3M5I3zFA5w--OmN3UJ1rgNAQkRw_xjxWWOHOonHLHHomVBpgUmt_9co9ca-kyZQfoqpHJrmT_KePbkTlveBfxRJnHJ0DYZJ8T2b1Tjd6WCDcf9NIberzOx3uqDe_oGpvIfs8FGse2bCgttKnZfUdR4_2T5yh-x7OfFq8pmjQ4-wFCpIJDI9zgKDvXV6TgqNV4lCld9sbBp5oKb-UCLVJ3s2MSmxh1Cs9keRHgwtSDIS_hdT3Y_ysbmlvd2T0oR_VLXuGGJg&sai=AMfl-YT5qLJXfjqtwkjZvQGdYNVFMIO2gYySUNuvczkbtdcfTAkD25kd5rGOTGj3qlOcye2VIBpgiYpfN1ldvFPttjFVB50mj2HjT4bAtB15IzydlB4VljWq_s6bYIch-m_gDg1vmm0UVcbMqrTOf2-nB0J8_WrFb_4d_f_Bsk6o6l0kQOH3gzNbBZU0ECet9Q5u9tKmyDY87BQ952la2G6MuZc2AAwSywz1q_3CpEQby-7Ctfckb8nfRDSmwniEzPiHdaATeIGt7o3ylkgc4n49JX-ZR6OWovzU1UZnZQ&sig=Cg0ArKJSzEKS9Grprzv-EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=280&vt=11&dtpt=202&dett=3&cstd=78&cisv=r20231207.52897&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: 114117.com
URL: https://114117.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 08:40:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 8FB5 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 19:12:54 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DA8 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B1i5wFG55ZfScNMSu9u8PgsWXyAMAAAAAOAHgBAI&bg=!GhmlGVbNAAY3kmNgF5I7ADQBe5WfOIFkOPWA3zc-a9CXDc5-ijZATX1bbolGx41gTP8vFQINxsXnaDJCgd_QaNC-2agjAgAAAEBSAAAAAWgBB5kDOvXRxLd58XMgxq9xdXC533BWfB7RfwCMlSX_rxT9r7_c8EcOR1P6edvSEfa9J6A0eSepMRJs_GwsrTlHMIsIFe_in9t0TCB9ZtwR3B8ZIlx-SWfIyk7zwyh-zs2SVqJ8Q0X0gkF5Vrrur_juwZMHGn6aIpfqT48cmyh3PH-U68t4MzyWl3SHGnrCZv7VmHGITMthb1pUS9n3kaP2G8vU5FdSKItM7CGnrVKMwokxuf4tKo3_nUkOESNaY03s-8zqtgmknvHJg2naF0Y9xLra4G2oEHrSOBlU0Epcp6gkMW4acT0KNPAhF6euLOqYP4OU5qqIOtLtTHYxcd5EHxrd7rLFd6CWbCLgu1zP3uPjKmZgqFhNzP7XgyzVAEkOSteDJZqUTUXKF5F_FF5zjjsCwde9aZLJDDlZgP0-YGimMT_n7CKd_nm_fiEf_RxaQbd75zN96XhDofX82_12iwEbK6OFc9xKPzaB5s03TeJPAFfTOBNYqo_hWxZ7urMfBC1K2XpRi7MdljZ9o7PedD4r7MamnIkLpMppwxfogmJTTztNHxz54cwasPSH1FKtudgVaZuE-ymoQQ_Cw5epsd86C9jD9jHapuCIFu4BQ6KyXdCuo19hD5Qa-NnnTQb78urciBKDjv71-7ATBsEgWuNjyGVXQNWw1QO1-4ZMNTcEacHaGVPQbHrVks-YHke_Hl-Wzz81kCAKlBZnHJAippX1aHHkFPUYTHDwAmcg4hHmUA7AgDT8fDDaBnwD6in9Liaan0P4RL4TFuM7KLz3TEMm-hHA8kpXq1EOqkHpuphvgvuc1utjyKhcl1AUtF5M5w0cR6bMI7iZJa38BiQBTOovI-H2hnDbIj09F7qJRuqRiMwN4oRAB7FsIFGHgPq4HQ-b-69RkCbgZozq_6MPPh8ydKU8O1oiHuXMO5OiIAT8tmsxEzVHdk_Uk7zSk7Xtz9egcNuC_L5cezMX8CiVEb0BbCpLxykviAZ4o1D7BnziyTCPBlgzWIq8KpgMreHI5nIbwy6MobXW60QHxPcu0Mjq53uKVNHn_QFzSIW-HjeNJUa5153wj5iDrblgotARCmf9eYJFbStbXH0QUQ4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FB5 0
20 B 54ms
53ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Brn5VFG55Zc7qLsWO9fgPh52N2AMAAAAAOAHgBAI&bg=!QkGlQQ7NAAY3kmNgF5I7ADQBe5WfOLJ0eyalIUI6xbIMFZfjHjXa5EKNn7f6Hs1uULMQT5xk3aEYvgTNJlSem-m-UX5hAgAAADZSAAAAAWgBB5kDJoqS70fIhgNS7s5z2ioKXkOewkTthlyJ74ztv5JWXFk877WmC8O8j7qhoWwvP6AO5lMYm0_v4VtEaggY8ufqY2135NFkEJIho-bAIyWot-1OlaGQCMss5PhbnxV8pqDyvw-WF2xO22OTf0CLEe5UPywCj_r_DTWBecjTQTlGlOAQNo4LiweBcpf0JDHqGy4aysob_2wM86TTUu4ynnmrrV8LRKZ1yfuFYIMXHoC7WQntEgnt4eVfjShVtnNwdCKwelOyQwTEPs9RNAkHKSmKG1SFvRlR8hAN48bRqjgbSoUmd0myko_Mrok0pwebtCYhTu7mxTn8-QBQtRPo_Hk9zv5ifr2KtykhIlw3RWSBEY-zbmI0-4_vE7jp738-aasyPtnc4ZegupdqPkQh0-CXOqQhc_6K-VlZjmsoQ-z1rDLDbR-i7yTcy8rh4iWlDpBqkozF1JMXXUfWHBiofnWbYd7H14LkEVrU6uGnsLDLkLVvSvaw-ujr256zNdDjEmZ_m8FHHBgyCPAA2BupCEwBV_HdbLVMSs1HzYacgVlhigY2ycpUDQg7kZx7Y2qBl6qeUmd79UmGcuvDdy08xo7oDmtn3kAeFWIOcTKS2YSXi8VXzZMKymATa4TQVgkCBdylM1eSbcIgbK2_sw-U2fO9aoiNqoe-VAZKEUnkvTSxNfUiQ_FMc4MRXxmd_m4767s9tVberyA6UZ68ZzkaHZ27YpCT8NGIPBME-8te82Znh22EZbusUDSViL7jjrZ1sfn1RDat2MR9j9i6MnKWdk2d-ZZg5_grWLir9jyJU3eBdQg4Y7xTpWi-qe15Qg3Prtc_wK1x_XRjafKt-uM7hreFEnctBaFwyQNO7ECQRf1uSdURs4ggeVJe_lx5D9hIA-IvF7zUWHtKnn8klTEVU9pvnpC2C42AOO53sh39qibCSya3VJFVqDvPTk4m457qknbypqshJ8mCbstOtfPxgQyMNJOyckHBNDh5QHqpEW0ksm_hVpmDJBVUa2QkH-pj08tTgtsmPRjdiEH2qO3HaEO9h7RKQmqHOFXqQFeXP9Z6iSIzxjTf1Rj5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CAF7 43 B
215 B 368ms
368ms Image
image/gif 2600:1f13:800:7781:5f9f:1259:c76c:3ebc
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=ded35227-5934-3125-892d-db907e205a1e&tv=%7Bc:wFu60O,pingTime:-10,time:421,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjcxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1702456853354%7C%7Ce2bb146f0052912fc8a815748e64a0aa%7C%7C81fa84b75a8024ba76b34e57df459f31%7C%7C904c7c799faf79eb6764efabd3d8cda1%7C%7C5a16fafa69c9f51c7cef3f979dd96761%7C%7C9639f10f3c81d382091113e452b73b79%7C%7C1edb24265aeb1f678f8687134cf696db%7C%7C9bc8dcdd81aa0a26feacb9e2676388b4%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:53 GMT
server: nginx
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8E10 43 B
215 B 356ms
356ms Image
image/gif 2600:1f13:800:7781:5f9f:1259:c76c:3ebc
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=26517e08-e256-07cb-181e-7c8b104b36ea&tv=%7Bc:wFu611,pingTime:-10,time:362,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjcxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1702456853367%7C%7C23db42d949ecaf5ebc8d183b6dfe593c%7C%7C81fa84b75a8024ba76b34e57df459f31%7C%7C6d265666db3ef25af73cef31d457b5ef%7C%7C3a800353e40936c3c22db93c53cf8c47%7C%7C018fe81f5241ac4e21fd5d9cc7be97f7%7C%7C75f319f9cbb9ee006085f525998c8b05%7C%7Cf4683d6b2ddd16dcb805fef6d14cb5da%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:53 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 206 file.mp4
r5---sn-5goeenes.c.2mdn.net/videoplayback/id/779251d464fbd7d5/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240784/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 6308 100 KB
0 82ms
43ms Media
video/mp4 2a00:1450:400f::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range: bytes=0-

Response headers

expires: Wed, 13 Dec 2023 08:40:53 GMT
date: Wed, 13 Dec 2023 08:40:53 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4289510/4289511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4289511
last-modified: Tue, 05 Dec 2023 16:11:25 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 49ms
49ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3092998501295535&bg=!YmGlYS7NAAY3kmNgF5I7ADQBe5WfOFcpwaK_PtkLm2LoAJEuusBbGIZgDfSzHUTr2yuzZ0zYS-x4DsF__Fs2pnzl-F5iAgAAAKhSAAAAAmgBBwoAeUEkC8qdeiIRO9-Ho2JCkRGU20YhiMarK9eYACWTlmMeAGWChlyYnV6u7EkikG70rDirPcR5OFTevoqp0MWQkgPJDiPsTLBKrZfD4vyboWA1GE0WZ7iFkPNw30vztBEcYqzoLHIB33sKSed72oQYcALoINHeELwFg2iZAtgxwC65GkxUc6hIRSI5kyYHhpNaI2oeaCoZumXIyte1gCFxZrF6obAXeTfLUSwPyJvDoKz8V-qOxKBpjKipr1Rshvkw3D4ex6Shqkq5dK720WliZxQNfFxyyNH9B93asHRyFsrh_yLi8Do2-MEaktagYxB4XBBaxtJb9DlNJxYXDqpBnUy5p-5mAFfNQ5A4_dRwAy-ygIIHkdanec4w1ET51lLnBepfpa55ekbn5f3GrjFOy8eVZ5dzrPKsGG4BIRaTZbMlLJjyUh8c0673YDQOIa3JA_9brYmOjmUrUg4-_sKPVa3kEA57g2q8iqgmxZQLRx67a97KlrpSwu-1GqMWWrVeVqMcgiWmrpvdLWRGVyTmBoI7DS0WGUkvxMvvnn7ZWV5lOyd1Nmoqf6CQpedtm6x7x_WoM6XfFtHGS8lIqcNPn6Ds6jbfLX_tiPzPoxaq3w4AeUGVvFsosOVh4sdM04nMFA6zjORiLoUwBs-n6h1f95ZoOCcreguyIDLlGISCmJXxmT_p7HANIwiELFzXlOZFiiOPi59YUl8Cws3kNkCWxb4YLgGGR-fkqX4jkGHZJMWnz1G1EZH2EI_RFofm6x2H61qcbPXtZfjgr9D2PmkZ9HJ9dC7iHYDLrcXY3HrI5uVsHVzFGlDXr4DMfyRLf1sGuYFL_wUwKmcKE3IzY4S208xdSZX_ppAoP8bB7lLe1qcKViArg8mlK_LA19I1F4eW9PGob4-6zZZjayuiMwPRlm8BhXxkJmG88Xu0Ris45-ERHUEiO2XjVU2Z52-v3n5DYUQR3ZYi-l7rn9juVhQ-aerTnnM74K1eUSnVvU9F9JXdKa_nPvj2IvxpBtg4Csycy9mURTYchuTyeDUaD9Wnrp_YiYLTAR_Dykps6TTSKfS4df8n2HyLy4d3wkzDnZzv3AG75J3tIxfUj1nia5RGg8-AfWHDoGIYgqIaOU5KthJwjSANLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://114117.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame CAF7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23484176f34335deba18ede80a7fb6cfbd36abde8c6d60d9ca5bdea93067b5b3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 dysonfutura-book.woff
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame 0791 8 KB
8 KB 15ms
14ms Font
font/woff 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/dysonfutura-book.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/css/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:16:33 GMT
x-content-type-options: nosniff
age: 152660
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7928
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 14:16:33 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CAF7 43 B
215 B 184ms
184ms Image
image/gif 2600:1f13:800:7781:5f9f:1259:c76c:3ebc
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=ded35227-5934-3125-892d-db907e205a1e&tv=%7Bc:wFu67j,time:824,type:e,im:%7BpLoad:792%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:824,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B819~0%5D,as:%5B806~0.0,13~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:370,fm:tYj5smV+11%7C121%7C122%7C13%7C1411%7C1412%7C151*.1627455-73523873%7C1511%7C1512%7C1513%7C161.1627455-73523873%7C1611%7C17%7C18%7C19,idMap:151*,rmeas:1,rend:0,renddet:svg.us,siq:14,sis:156%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:53 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
DATA 200
OK truncated
/ Frame 8E10 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3e259e2688be04da70e9e93fe348abbe14828b36c89665a23e41fb5cabfe9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 dysonfutura-book.woff
s0.2mdn.net/sadbundle/17864851622750576224/assets/ Frame E11F 8 KB
8 KB 18ms
17ms Font
font/woff 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17864851622750576224/assets/dysonfutura-book.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17864851622750576224/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17864851622750576224/css/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:16:33 GMT
x-content-type-options: nosniff
age: 152660
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7928
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 14:16:33 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 6308 0
17 B 17ms
17ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lq3iur0i&c=2021923299463&slotId=1010961649731.5&qqid=CMvt4v6BjIMDFZ-60QQdMrMOuw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2085&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1oo~vil.20l&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:53 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CAF7 43 B
215 B 185ms
185ms Image
image/gif 2600:1f13:800:7781:5f9f:1259:c76c:3ebc
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=ded35227-5934-3125-892d-db907e205a1e&tv=%7Bc:wFu6aT,time:1046,type:e,im:%7Bpci:%7Btdr:1004%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1046,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1041~0%5D,as:%5B806~0.0,235~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:186,fm:tYj5smV+11%7C121%7C122%7C13%7C1411%7C1412%7C151*.1627455-73523873%7C1511%7C1512%7C1513%7C161.1627455-73523873%7C1611%7C17%7C18%7C19,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:14,sis:156%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:54 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8E10 43 B
215 B 185ms
184ms Image
image/gif 2600:1f13:800:7781:5f9f:1259:c76c:3ebc
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=26517e08-e256-07cb-181e-7c8b104b36ea&tv=%7Bc:wFu6c9,time:1052,type:e,im:%7Bpci:%7Btdr:1005%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1052,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1047~0%5D,as:%5B755~0.0,292~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:361,fm:tYj5smV+11%7C121%7C122%7C13%7C1411%7C1412%7C151.1627455-73523873%7C1511%7C15121%7C1513%7C1514%7C161*.1627455-73523873%7C1611%7C1612%7C1613%7C17%7C18%7C19,idMap:161*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:22,sis:111%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:5f9f:1259:c76c:3ebc Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:54 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CAF7 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8656958323332&version=m202309260101&ct=76&x=1&cor=3407687908194290000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E10 0
20 B 47ms
47ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1368117836276&version=m202309260101&ct=76&x=1&cor=10796326558105643000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CAF7 42 B
64 B 53ms
52ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstiFOWcAmvfcrHFSy8tRvDHTJ0C_AO9D5-eFUt7h-q8U4bNScamY5tgfAOPfgvn1OdpV5GzNIqVhGX2jmtsnZknlFRQxGJB5YaoYCN6X4AdGqegd0kg8M4xWiXFK8bsIzBk_1Z_94fa271YLy5lia-eHVK5&sai=AMfl-YRGV-PYtCbnddeiuRldLt2HYbbPJscJNX4nBBWgnKptJdFECR9N8HHxx-ihT5fSpKNiqo_NN9JfdviT9VG43yyBYhmaC21G5fT4Xte1urnJUzE2lHkd1uFD7OJQqF0Mca8k4GRt7-Km7htZz2n8&sig=Cg0ArKJSzLrzY4YI13d9EAE&cid=CAQSTgDICaaNYCscH_ot6cFosQGZcU4NX_PxNtWQlEp5E6BWhLBP--u3rGXsC8zkwFlH5Is5OU5bPJf0U8tRGFIjSuECqi7pO8BmPXlpVjCXrRgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702456852566&rpt=256&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8E10 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfHIHxEgd958wYlmsxhGFKeTxiaEWhg_OcNZ9hdLEgUjwhKeNxP2pHwOQf7dzEuX5fqgmHVzGzYNZaUU0FlM4_NAdcG0XoukR-EGjBSDYR7TI_XBM15GPIsf5QOzoVfI5ooZzipRWr3A8ue5ynx1NIbydB&sai=AMfl-YSnBteoEvlcwJnyPjR-3NX3Ee4CsfcG1De1EoELTpC9K2UZue4nk_J4SEXP25cg9t3TgauhAMKpOnRzTAm87mqrynX_LCgZbilRErvfr4w3AyJtvGNUInIhUUoXvJ3wn-1ozRfAwrHibjt7cDAF&sig=Cg0ArKJSzNrWHDsYgJDPEAE&cid=CAQSTgDICaaNYCscH_ot6cFosQGZcU4NX_PxNtWQlEp5E6BWhLBP--u3rGXsC8zkwFlH5Is5OU5bPJf0U8tRGFIjSuECqi7pO8BmPXlpVjCXrRgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702456852579&rpt=344&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MBGKZB3HN2&gtm=45je3bt0v873674707&_p=1702456849839&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=643448232.1702456850&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702456850&sct=1&seg=0&dl=https%3A%2F%2F114117.com%2F&dt=%E9%9B%BB%E8%A9%B1%E5%8D%A0%E3%81%84%E3%82%A4%E3%83%B3%E3%82%B9%E3%83%94%E3%81%AE%E5%8F%A3%E3%82%B3%E3%83%9F%E6%8A%95%E7%A8%BF%E6%8E%B2%E7%A4%BA%E6%9D%BF%20Part1%EF%BD%9C%E9%9B%BB%E8%A9%B1%E5%8D%A0%E3%81%84%E5%8F%A3%E3%82%B3%E3%83%9F%E6%8E%B2%E7%A4%BA%E6%9D%BF%EF%BC%86%E4%BA%BA%E6%B0%97%E5%8D%A0%E3%81%84%E3%83%A9%E3%83%B3%E3%82%AD%E3%83%B3%E3%82%B0%E3%80%8C%E3%82%A6%E3%83%A9%E3%82%B9%E3%83%94%E3%80%8D&en=scroll&epn.percent_scrolled=90&_et=10&tfd=7079
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MBGKZB3HN2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://114117.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Dec 2023 08:40:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://114117.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.114117.com/	1970-01-21 02:30:16	Name: mid Value: 5ea9de6a5b78ff955fc40dba8391aef3
.114117.com/	1970-01-21 02:30:16	Name: _ga Value: GA1.1.643448232.1702456850
.114117.com/	1970-01-21 02:30:16	Name: _ga_MBGKZB3HN2 Value: GS1.1.1702456850.1.0.1702456850.0.0.0
.114117.com/	1970-01-21 02:15:52	Name: __gads Value: ID=8ddba4f2b67a101e:T=1702456850:RT=1702456850:S=ALNI_MbL3LzYHI_FEBWlatz1Ug86bqoUNg
.114117.com/	1970-01-21 02:15:52	Name: __gpi Value: UID=00000d1927088fd8:T=1702456850:RT=1702456850:S=ALNI_MbDfuLcRMZpH1ImXf47ZGLxZdT_sQ
.doubleclick.net/	1970-01-20 16:54:20	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 02:15:52	Name: IDE Value: AHWqTUk_JlFzwWAHe8tZiX7SMPct5uvWy4RiWQ4s8k33KkuRLWrzWE4HsIkqG3klj8g
.googleadservices.com/	1970-01-20 19:03:52	Name: ar_debug Value: 1
.casalemedia.com/	1970-01-21 01:39:52	Name: CMID Value: ZXluFHRViyAXjH9dkWUNGgAA
.casalemedia.com/	1970-01-20 19:03:52	Name: CMPS Value: 3291
.casalemedia.com/	1970-01-20 19:03:52	Name: CMPRO Value: 3291
.adnxs.com/	1970-01-20 19:03:52	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTtf9HsT!]tbPl1M>e)ZlrFUfJ+tGXxo7>4XWXKxV!UYkZwNXuO4pCwZ?P`dW.m>OSpt3If)y3KL9D3I?+J:Qdbz
.adnxs.com/	1970-01-20 19:03:52	Name: uuid2 Value: 4179905550930022627
.doubleclick.net/	1970-01-20 21:13:28	Name: APC Value: AfxxVi6V64vnW3AHw9NpkvjoigZHZP5dZ-sT9meDDhJxAXN0_VoJyQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

114117.com
ad.doubleclick.net
bid.g.doubleclick.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fw.adsafeprotected.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
pagead2.googlesyndication.com
r5---sn-5goeenes.c.2mdn.net
region1.google-analytics.com
s0.2mdn.net
static.adsafeprotected.com
tagm.tchibo.de
tpc.googlesyndication.com
vast.doubleverify.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.36.155
104.18.36.54
104.244.99.125
142.250.110.155
142.250.185.226
142.250.186.98
172.217.18.2
172.217.18.6
2001:4860:4802:32::3
2001:4860:4802:32::36
2600:1f13:800:7781:5f9f:1259:c76c:3ebc
2600:9000:2127:ca00:8:48e:53c0:93a1
2606:4700::6811:190e
2a00:1450:4001:808::2006
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:831::200a
2a00:1450:400f::a
37.252.171.85
63.33.159.19
85.14.248.71
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0a1711dc250384e7138a53edb82ccc8bc63d4ba03013e221c77fe5d168bafc96
0b85a06e2c20946788b31789b77a9b45231e41e1f5b7fe175043fe1645398b03
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb5af18639dfc54932f4340945c1dceeb1e5aac5933b578f2ab597f29137599
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
12ff2ec39651e02b34ee26ae91b66614f3b981e5b8db58feb16115c2b6b201f0
1366d5e5f8bebbe27e2e1086d1ef5132c840d4900a5a61aa94368c745a6094ae
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2288522da7ef2ebb8d83b14a4f6d2a9443080e53f5b49b40ec49c5548497dd24
23484176f34335deba18ede80a7fb6cfbd36abde8c6d60d9ca5bdea93067b5b3
263403e6cea55abd488e73b1a3ed6fac18d6b3136572570953b3392504715123
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3295be5d77ee98e97f84e4e4f07e6305c1df7975ebfaa90ba246d8acd3abf407
35fb8312c8da6e759bc80dd7b88849633ad509cdc3e7072fe87682734f5dd712
3635fb396b7c33b74490109dff4fda392516d4c6a310a1149fc5d32ba0a1f8fa
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3c8d36e671832c1e75c1a303889680c5817e9511aa510b4e8f42560905f4470e
3d66ba6bc03128cc3ce96e393fc2b3f7c8bd2e73af8258ae6d6a5e6f2efb9848
4100e2471f71a611bf39726bd68cc2004e771e5c18bb1e0c45d93413a89cb263
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c01b517c93a5efc775e0c1ab583e7cb29e03450b67c2101dc7a0c2214810985
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5052e6d54b2b5abc0ef0f26e42e1154245aeb0e4f881c066a574082adaf62f5f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a3e259e2688be04da70e9e93fe348abbe14828b36c89665a23e41fb5cabfe9c
5a762b86914363e55272219ce2cacecf3abfb67991fcbe286257f01a9ef85616
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6dee119ee49ab8771cf531190b1b186a092c709f799baf9ab566a3ca9778ea0b
6fc05706471da6b2d576e3ecc4df635592935447482c9aba49166546ab0b8031
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
72a175851bdd43f3470fe4dd9347b21d388ccb90d04b64aa724b9f726ca3a555
72b39991107c87b37f99dc6cb797d747fe9dac3ab7273d79e5b72e87320714db
73ee8ba7cb2d2ddceb473654eb9ade847a4038a3e6ad13a640e136158234f39e
7c4e38babccb76ffae1c97084ef419ab2a59e0018369c9157e91449b56acda71
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
877ae93b74be1ed777306ace4155546fbb76a3d5baa8c1eb8c32817f34c95335
896a4cb8174dacd5f2491a74ea90be28fb3032b68e8578e81b99c1d2e02356c7
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
96e29a5c921fd8ed334a779181743ae18cce1941f948ceb6fed4b5491faecc4e
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a06923797ab5c36e55640eace375224eb48d7f6605ffa754514c0f98b21e3a3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bd5577057e77a4901a240d60194fe02fabf244c05ecd672bf5c0b77ea74d495a
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
ca212a6d45038b16f7e2ee85414d0f67362985095eac9dc26a34e96d1ea529b5
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
cfdc305561d7eb1cfc0346ee81c0007595edebc7417551adbdd6eadbaaed9421
d46eb7315ee6abaeefda409d076567004886e97f10014aadbc65f2e797815251
d47f63d226e204708f690ec0f9256b366c18f78c756d7a950413efa28d490c39
d52a5e7289027ffc3a4ac8545bf9e6e6c491332e39dda46f5750281d165898ee
d74871f1d66e7c0230449ab708d05f088e33d578275cfbc2e0d95529b689cfcd
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
dd62a29e542980034d9edb632282dd081df86babe0b7bdaf8e1a0cb9e21857a3
ddd7805de3552461660bf5c5d29f0ba03fa71755218f54a71da3e58abffdcbbd
de63bf5ecaf8695bae42a604e9808a63c55b0d62bdb3b4462c1530950772fc27
df96dae256b19261cfc38a0a0f290abf488803d4b415219b7e734f5021d3917b
e24e46459c7d6e73401ab03d015d9819826b4d7e01d5dacb37c0264ebf8f069a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef90b41388c1d576f3957fc3a94759cbaa20f780d1257c0b287d8a51302c5ae7
f1eeb7db0708e792d00042d1285fb1c1eb648147c52895d76831ae149740bf7d
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
fa72ab45a1b0f4ea611e81808d322b77278de8c90ff2b3ee494cfa4fd7b6c3b6
fd99a285d81a12f549b741db9604416a669e2ee8accf00cd40c0b0344e9ba63f

114117.com Open in urlscan Pro 104.244.99.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

175 Requests

93 %HTTPS

61 %IPv6

17 Domains

28 Subdomains

28 IPs

4 Countries

2532 kBTransfer

6411 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

175 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

114117.com Open in urlscan Pro
104.244.99.125 Public Scan

Screenshot
Live screenshot

Full Image

175
Requests

93 %
HTTPS

61 %
IPv6

17
Domains

28
Subdomains

28
IPs

4
Countries

2532 kB
Transfer

6411 kB
Size

14
Cookies

175 HTTP transactions
8 data transactions