xn--80atb.net Open in urlscan Pro Puny
как.net IDN
185.45.66.104 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xn--80atb.net/
Effective URL:
https://xn--80atb.net/
Submission Tags: falconsandbox
Submission: On May 16 via api (May 16th 2022, 2:00:40 am UTC) from US — Scanned from DE

Summary HTTP 137 Redirects Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 25 domains to perform 137 HTTP transactions. The main IP is 185.45.66.104, located in Bulgaria and belongs to SUPERHOSTING_AS, BG. The main domain is xn--80atb.net.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on January 19th 2022. Valid for: a year.

This is the only time xn--80atb.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	185.45.66.104 185.45.66.104	201200 (SUPERHOST...) (SUPERHOSTING_AS)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:b600:14:6bfc:5740:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	52.218.197.72 52.218.197.72	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:206... 2600:9000:206f:ae00:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
3 8	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3 5	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
9	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
137	32

22 185.45.66.104 (Bulgaria) 1 redirects

ASN201200 (SUPERHOSTING_AS, BG)
PTR: host-185-45-66-104.superhosting.bg

xn--80atb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:b600:14:6bfc:5740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.ywxi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.197.72 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:ae00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.236.247 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.244 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 tpc.googlesyndication.com — Cisco Umbrella Rank: 130	463 KB
22	xn--80atb.net 1 redirects xn--80atb.net	2 MB
20	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 cm.g.doubleclick.net — Cisco Umbrella Rank: 212 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 284	133 KB
10	criteo.net static.criteo.net — Cisco Umbrella Rank: 621 pix.eu.criteo.net — Cisco Umbrella Rank: 7541 csm.eu.criteo.net — Cisco Umbrella Rank: 7580	32 KB
9	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 264	255 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530	5 KB
4	gstatic.com www.gstatic.com	26 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	148 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 240	3 KB
3	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12919 ads.eu.criteo.com — Cisco Umbrella Rank: 7544 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9487	54 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 612	1 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7678	914 B
2	amazonaws.com s3-us-west-2.amazonaws.com	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	107 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1439	297 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 354	459 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1524	350 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 947	356 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1128	463 B
1	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1382	690 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 789	645 B
1	ywxi.net cdn.ywxi.net — Cisco Umbrella Rank: 9898	5 KB
137	25

	Domain	Requested by
23	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
22	xn--80atb.net	1 redirects xn--80atb.net
20	pagead2.googlesyndication.com	xn--80atb.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net xn--80atb.net
9	s0.2mdn.net	xn--80atb.net s0.2mdn.net googleads.g.doubleclick.net
8	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
7	static.criteo.net	ads.eu.criteo.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads4.g.doubleclick.net	xn--80atb.net
2	image6.pubmatic.com	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	s3-us-west-2.amazonaws.com	cdn.ywxi.net
2	www.googletagmanager.com	xn--80atb.net www.googletagmanager.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	ssum-sec.casalemedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	pix.eu.criteo.net	ads.eu.criteo.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	secure-gl.imrworldwide.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.ywxi.net	xn--80atb.net
137	34

This site contains no links.

Subject Issuer	Validity	Valid
xn--80atb.net RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-01-19` - `2023-01-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.ywxi.net Amazon	`2021-08-04` - `2022-09-02`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-12-17` - `2022-11-29`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://xn--80atb.net/
Frame ID: C421D929FFE6B07BD6AC161B1F84D4C8
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/zrt_lookup.html
Frame ID: 03D72BAD444EE77F9972A1D2394BB722
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4356309995287631&output=html&adk=1812271804&adf=3025194257&lmt=1652640329&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxn--80atb.net%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652666434644&bpp=3&bdt=260&idt=136&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4252270126518&frm=20&pv=2&ga_vid=1676580250.1652666435&ga_sid=1652666435&ga_hid=1894430574&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C21066433%2C31060566%2C31067488&oid=2&pvsid=1347893098220694&pem=291&tmod=829330227&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=151
Frame ID: 7177FBF711C469123BB26CFB8D2EE9D7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4356309995287631&output=html&h=280&slotname=6733042739&adk=1821822062&adf=1733352677&pi=t.ma~as.6733042739&w=362&fwrn=4&fwrnh=100&lmt=1652640329&rafmt=1&psa=0&format=362x280&url=https%3A%2F%2Fxn--80atb.net%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652666434647&bpp=2&bdt=263&idt=158&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4252270126518&frm=20&pv=1&ga_vid=1676580250.1652666435&ga_sid=1652666435&ga_hid=1894430574&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C21066433%2C31060566%2C31067488&oid=2&pvsid=1347893098220694&pem=291&tmod=829330227&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IK0jVcvsS8&p=https%3A//xn--80atb.net&dtd=163
Frame ID: E0D6CA6FA3EFA27D7273E52DEB8E8D67
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4356309995287631&output=html&h=280&adk=258217118&adf=1121205982&pi=t.aa~a.329332565~rp.4&w=410&fwrn=4&fwrnh=100&lmt=1652640329&rafmt=1&to=qs&pwprc=5316912879&psa=0&format=410x280&url=https%3A%2F%2Fxn--80atb.net%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652666435138&bpp=1&bdt=754&idt=1&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df128d0cb8b2cad60-226cf9e795cd0007%3AT%3D1652666434%3ART%3D1652666434%3AS%3DALNI_MY97-E3xBNrnvyIOl4sakNcaLS7Ow&prev_fmts=0x0%2C362x280&nras=2&correlator=4252270126518&frm=20&pv=1&ga_vid=1676580250.1652666435&ga_sid=1652666435&ga_hid=1894430574&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1086&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C21066433%2C31060566%2C31067488&oid=2&pvsid=1347893098220694&pem=291&tmod=829330227&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=gHL576W8AA&p=https%3A//xn--80atb.net&dtd=14
Frame ID: 17FA410D10C31A3543D8517BD3101F5D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1
Frame ID: A13EC4C114193F7F0964AC7A5EE5E4C2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1
Frame ID: 377C42FF273441C134DEC97025D6832C
Requests: 14 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoGwQgANE50IFUk3AAYQMgfBlfjc-fJRM9qepg&u=%7C%2F1YwmRlT%2BJ2cCzI%2BELzDsBLP9kpGPAkr8D3oc93mheQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_DbRb0OfWH5Kqy_xY9C_7PZy7UnAbeyX_09gwFAh5ytPcN6gGOUiNkLXFpbC0aUcw5AHUDmS4Nomaf5S66XBneebCmoveNcJNaMHn5vRbEYQ2EkFHh7XyjeHT6GLmsBnBaov_k_pmqmWO5VmZ816l_wem9NnuzeX1bOHXGxwpEJHPu0MrRuuVBZ_Y78DjqUfCJDzq06iNMyhpqGHv7XaeCpbgR7GsTUAgWEozTMbvNvGnIS9Jh-1Sj6piRFp5tZ8MSTAds0Fv7yPleKWcZbZwpoH8cUVyRDcgkzKsZPdIq6OWgEdq9125YuILahn_8QzdCWCVC4DXFt2IKkEEreRFKbRS5kFGgJ3aRqUsk_X5aRS--tIiDcilo1WpBtONliGVsL83OiqT2j8b0inDSC2f8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-a_FQrCBYp2nNLeS1fAPsqCYqAbJntKxXPXqoYaIAcCNtwEQASAAYJUCggEXY2EtcHViLTQzNTYzMDk5OTUyODc2MzGgAdW20uoDyAEJqQI7gUlmmHexPqgDAaoExQFP0FY4zUt6e3Yw_1dgoo6e1EfCJVKCuKmAEOheFUku_vyJGA3RSc9NwlCoirb-O3OzL4GI-pxO9JbzAOtGBEGZHL0Jr_Vg2DfNeLpge8Pcimy6RiQPH5NaJ3SEpSpc-bgiyBaXLiEj3iNHmjKx3iOQAWbIRFVV-zoDHPY-PitQ_pSQmcFDkoryv9ct1k2WZ9yIWd3FXuNLWH3g-QZDg2A1bZN2Op-PF5TjMq_eybtks3YC6l7Lh4yEZZbdBo9FokbWWg1sQYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0aPTUYUzKg3zwCw8ZPmmivLldFBg%26client%3Dca-pub-4356309995287631%26adurl%3D
Frame ID: 3BC17D4C4F0912C27F65CD6B72725624
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/error_handler.js
Frame ID: 78BC2DF147BB89270F05F808E810FB59
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js
Frame ID: 1AFB1D134B8DAF474CEA28016DA2A6C4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js
Frame ID: B75D6508A42DF38A202267F2A4178E78
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGL7AjccBMAE&v=APEucNX_MvejV2ZCaFhgAO57X-Ktp0o53NuT1XLmjN-diMsaOxPEsJJmpMjAtghPBi0I8A6OMhdmdcE6RHrB0n1dPhVwkxxvY1F9BZjGru6JuLqA85eRHjJx3k0hvUf1KTD7vyub3ouCoy5dC7QHBHEwSxTb9C7Vw7Ggakl6XpSPAsOjdpQdxC4
Frame ID: E43DD0A37D5A0635CAE1BA46CE35797C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AlE2wVisAPj29uWYPo6wbGelisaIXOpqTW4vULqtjfltTNPk7S-2guxBaD35kL9EF2u1hyh9WA-1zY-Qs9ihwmDoeArvjwOmSJss8XjXBcO9E8McpvUKSkH7wi_mAsBNQ7zbmEuN6diP1SnjBGQHuAv4eqrQ&dbm_d=AKAmf-AMnT7Nfo7IHjha_tsxWZpfoO7ICXyfTj8SZ5FWu1uMlSafnwVyL2Mwy7u2soKHLFnFjIw63PXtT6IRWo1wLxRo73_ZWZX6xFL8hy83yRbZcQZRs5c9VyyjNPvYO4eKxRAj_fvNR4q9cPpSGaUqW4rEqV9hMFzQdA_mNmtJ2iy26r9dOWd7Z686tG_2tRGLZRqc0Y_p90uHyqCEincmjyvKCfSTEpw9OJOTf97JSoqW-T4MmbVF-i-0bfCra5xyX-KZCN1nMgCyI7LPYI971yQakyeSpAhIBoXnJQDY5uXU15g4oYipv5whM5jRbg8Cq7XNnWZBP395JFFTzcVRxPzS1bPS_JiMy2OFWpJmn_9MG-blfPR4U5BU_AxN-q3Eh5SmV1YI_H-2sxHuSuKtj9urW0lJ-KRByGSYvQKZ8QPARXzPkh_wtrfnIq825XlHnUu-AtqNfI0Em0Nzic8jeK9Tqfv3zNEmCd0zIne0EmqLp8D5FoUEecrufYUmLFqveG7A7Ym1Uir8DFjmxwMC6wPz71K5V7aqNOMm3iY-MQFTOljPTNWp7zz84TOzKk88ZvJ-HM-my4k6sMLClDHAGWSQPMI8j5_QzFaIP3M44OfgSy6S-_lSYMLXYiKNv7Fcu6GcAxJDu6bSR81GZ9Zs_PMaGRTNdV8_Wakev6RCWHtD-Nrwhl5mom8IN8w6J7D2g7CQAqzKFTWoElCM2tvWAgA3a2BbU3WeSs-T0oa0H7DmyiUGvTH7uEZFSEoLIoG4vlZUTQ7FmusxtMDOB_jzSqQJXFtldib9ILyyHxtEjKWV9afigGCBTruWQ3-cw101R5obznhejy4didrKEt5PNnzZlNlE8V4h9AOueeTaQVhPqMIABhapnoFoub-AnAEO7Qo8vX_nFW4I4yM8fZzvwxHiTzbQTR1MZ1c6gilOBrYSHNJLbG0Z0HLVTvV57K5SqLN-SLkpi1XKWuh4PHyHYVq52zEnPVYARWlRAuMu-R8Dcwkzl2ZbefSWGUMgoxIOHL9nyhh_O6JkShc5e9CUicb6e5C__KExZH_ArEhOqsfv_lwkn_eKTRpoaJqcXRPtPXljiBWLIhBCqixecXE_5D32lVOGr3X4lbzDdVKbDKJV_m7z3HxJUwFC6D2RwJyLEBVt26YMWj1oQjGVgLm2eLv5eQbRDc_HExC9l_WWxcGtPrkJOfEBDJhLTi59RX0wyKE--6B_v88Nsxt4YdXazi1-pFqm5NABezZ1efIwQR7P77376BKuPHnTiDO9VJxGYLxzuWEp22suyKupro2cbEekMzFEwzA11lizugrSjBeRbweXF7lhJcVhJB0mVkTqfG9SB0LNDu0Xzyha8OaWGw7eK3BQuMyU08TQ3D9-8cj2BpoxZQ-5WpS0kemVaNQyTmJNudob1pnDCOu5a4xwT2qNVB92CzI6LliBbBAq6S--ryKfK__trbO5CpbBVbYZkXsyhbhTGIbJkiw4IhkPIRVimFVQ7AJbgnjgsqvQEh3N4AlmSYJqN47PQ1wg4xRTuBMjs5HJTkG3gkEuSwWnnOYkMv0-BEy5SYLr6sjLyACy-ugyTcILrDxrJ-95qRKqicGVnzs533YT9-_W0HIJrb4rHRAjdZAhifwp8FCcwhWAAmQuGOrD0ewIirXF4MUfXbHAsAUGEBEZ1b8bbX0Kwv5LVoEZ1yiMekZbPTJKRW0AZjnt7LcaqtxQlc5NS3VM5U_3FFBkB0jGqejt16csb9U1Id-FjOl5v05w-M6izRWBhOGDUWa-uyP93eKChJsMhPBlpQcfKl1R0ogqquHHeqx_RZy6n0R0Lajcu-2_AntbnPWgTFWz4kbwM1TGNdjOfXO-s0UkOCpIoRbt7nMRCTE3nttZi8tMpT2qBxiH8R0urqm2uEWCEiYROjaNkGlIoDlqtaPN34MkbRh4wrITrv08N7r8QxTsWlVfyd603QLyuyl8qlbf2dnk5DjdAhmWUQjc5r-EOqj3t-bOZK9yE4qdOedWu5P7U5BMPUSslgkprcawvYjmKMMvK1PYvp3Qe5YJHRYgoMd_T-1q6PYO61R0VQ2rshIyGRTczjFid7lji9L-OZQ3meoXw1uBahPT4EUwG5AeVL-kF0UeNnje1K4JnT98sjfOYRmedzWaeMzPNQNarfpl-FwvUXYAtSi1izVsIE5kFdaBurV4rSWJpUTxl7NtFhXjkhKGdTz5awg0oeWwTjyauobGq-DiMUkO_6_qb3kFZ_NCtxte5OKrWUObwV7SdzBwj-a-xpQp52cJbm215j61N3NdOT9WB4UEuVhB0H5fYNCueQUaqJ5PmSYg4GbLQYO4KRmbkyJY8jD3qkKbesXM2J-5HSvU7W9OA_eWMGxflUFtW3E6LZamC1hcj3wyuC5jRREecnoi3PycRJ5X5nauCEUD3yOiecszBmSvAeq5C6vCDMBXDbTsWsR6irE3cxWmba1S0RuOjQipUylXchAN6n2yXKkEDA-8cjbcUCbY4pD6yS2mFIx-uHXlkuZvUan5nIldty0-8rCEznv4BA2J37YHMzxwZTEAd671nxxTc5eXMuCMKbhmfbo5YMY3HiwPgdfFClkwSbYwBrAw2Tai0tddRlYpHZ_H0VU9Xz4Rp_z9jfu_7ijq-Jnt5yvmPyAoASBjzGDKuRtI4laIzX3UJbViNM-IDMAj_AQC6yErB3PIramNLPMkfW8gXOgq3uabZBoPN-vnk_lSMbDR4gA-xcaIRGROG_plCQdMZdrmwPX6m0A0Wt5RYSb3_k4VK_h6iFxmOZ_y_-HlQkmQxqKF1kEQS23kNbhJEKeuuO2UXykLzP__50zgSmc-TLorZdfPaj_h3YTnMp3VmkALw-sTzl1bqGpMawt8oJt1aoLAb_MG1sWI3tEBchVtSAuclGs1uORPK9yockF8SrOk8woaZGgc7FHPqnWBx2j5W__-BCfXbaRbKLfLXLMM--Xo0xcoIhu-Uw_4V-9Sc-sv_ZZKk2OEfdqe7rTxErKzuiIGjMx_Xw67eidZ3d2JCITJYP8CJadJVx36k5RtrJ27hVf-QZt1pmwvgHDrt9XuvJPFC66V5j07ZA70MIEOAWMQFgwII-batBRCwQt4UZvpDcl_yuqiHLWiDPSJB4gNMvL5zwyalMnIROFgIzCghUQHpo_VLufcF1RrIFJhFaNXYqN1HAUW9jBmGKhURrpO7QGbu43SVmd5GY5KOZGfENcqG3qweEEZ88mlNZGQNHRFK6WOmgANxmrFQ1LMWfeMRw4M3Uu6V7U0aSNck7GVD-Kyx9o1tcqTo0aiHQfAg_Z1WuqQKOu--4BazteUl1JsbbL1gXyWEu9UoX2IVqBMUb9YRA4zbhU0qTCumCNs3MePlQduQxPYlOFIROqMaXJIfFr_j8fGc6HM3TlAEHOt5VFD3aP6uQ7ySP5WPgXDoR6RirxbW1tYUh6I0KGghxcIQ2jrkGoIhDLZ5WgPTf9O8QNvULfiOKbW09---thE7-SpMhM&cid=CAASJeRosXjOQMGKXA6-RQrimG-_85u2-xYUX0GnC1dkXole5Wx2a-8&rfl=2%2Chttps%253A%252F%252Fxn--80atb.net%252F%240
Frame ID: B577665708F7F33CD6EBD42A303E4E9D
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EC5EA6682686C7A871EBF836FCFE6509
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D53476F6B2B094282274E04717FF38F9
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9208292/1648720984847/mazda_300x250.html
Frame ID: F58AC1D520C7692A10EB5C08187B6DBE
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js
Frame ID: 96A01493DAA757655925D2E51E1FAC09
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AC6C54A92087C4A673DB5218A24C21F6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E4D90C8CC39D43808F7BC115EBBE8957
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Как?NET - Всички отговори на "Как?"

Page URL History Show full URLs

http://xn--80atb.net/ HTTP 301
https://xn--80atb.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

137
Requests

95 %
HTTPS

58 %
IPv6

25
Domains

34
Subdomains

32
IPs

6
Countries

3330 kB
Transfer

5624 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xn--80atb.net/ HTTP 301
https://xn--80atb.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEFc3YNfGQUmfCOvn7KCUE&google_cver=1

Request Chain 95

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YoGwQ7ZqSXZf5Hz5LOBrzwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEFc3YNfGQUmfCOvn7KCUE&google_cver=1

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG3V3V2NlAsqI0e1SnzsLmM&google_cver=1

Request Chain 97

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk2MTI5MjA0MzcwOTg1MDIwNg%3D%3D

Request Chain 108

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIkXqS749wOUhL9Ju4MTkGE&google_cver=1&google_push=AYg5qPILKFZHsuxLu29wK3td9bZepXm4ynUBaQq2esKsh1bw1GoaaMlEDWlfMLnR7kjPs1OL4wuKK-g_zGc5cp45gYlXf4_Q9w HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIkXqS749wOUhL9Ju4MTkGE&google_cver=1&google_push=AYg5qPILKFZHsuxLu29wK3td9bZepXm4ynUBaQq2esKsh1bw1GoaaMlEDWlfMLnR7kjPs1OL4wuKK-g_zGc5cp45gYlXf4_Q9w&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ex_cRKF4Sl-dExueCMJsLA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPILKFZHsuxLu29wK3td9bZepXm4ynUBaQq2esKsh1bw1GoaaMlEDWlfMLnR7kjPs1OL4wuKK-g_zGc5cp45gYlXf4_Q9w

Request Chain 109

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMo0UNLYvof6hX3X0f4vESA&google_cver=1&google_push=AYg5qPLx9xq_d2dci8jn7EZppxJbzB5DxbbEkOeOIYj1GO9kwkCoZOHnN_YmC0KeSYBZNB5v5rIzBK-GdaJWvrXaeklPedIeZg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM4MlhCODctMjEtSUJENw==&google_push=AYg5qPLx9xq_d2dci8jn7EZppxJbzB5DxbbEkOeOIYj1GO9kwkCoZOHnN_YmC0KeSYBZNB5v5rIzBK-GdaJWvrXaeklPedIeZg

Request Chain 110

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBLKchIKFcjQiXKxs-CiiAk&google_cver=1&google_push=AYg5qPJ1zHwAowwVljsKsVRXPKgGWj2QnyXXTRGiEbYDgl1tzporCXX-d-doqDXvXQRcQHtRBcvHpbYh_zFxnskoOFyPipE3Cg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoGwQ7ZqSXZf5Hz5LOBrzwAABGcAAAIB&google_push=AYg5qPJ1zHwAowwVljsKsVRXPKgGWj2QnyXXTRGiEbYDgl1tzporCXX-d-doqDXvXQRcQHtRBcvHpbYh_zFxnskoOFyPipE3Cg&google_cver=1&google_gid=CAESEBLKchIKFcjQiXKxs-CiiAk

137 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
xn--80atb.net/
Redirect Chain

http://xn--80atb.net/
https://xn--80atb.net/

68 KB
11 KB

378ms
297ms

Document
text/html

185.45.66.104
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80atb.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.45.66.104 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host-185-45-66-104.superhosting.bg
Software: Apache /
Resource Hash: 08c9732005a18c069ac56e8416a9cdfe5a25e14266e4b199bf461efdd5e9bfad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 16 May 2022 02:00:38 GMT
expires: Mon, 13 Jun 2022 02:00:38 GMT
last-modified: Sun, 15 May 2022 18:45:29 GMT
server: Apache
vary: User-Agent
wpo-cache-status: cached

Redirect headers

Cache-Control: max-age=2419200
Connection: Keep-Alive
Content-Length: 230
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 16 May 2022 02:00:38 GMT
Expires: Mon, 13 Jun 2022 02:00:38 GMT
Keep-Alive: timeout=5, max=100
Location: https://xn--80atb.net/
Server: Apache

GET
H2 200 ratemypost.ttf
xn--80atb.net/wp-content/plugins/rate-my-post/public/css/fonts/ 5 KB
3 KB 36ms
36ms Font
font/ttf 185.45.66.104
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80atb.net/wp-content/plugins/rate-my-post/public/css/fonts/ratemypost.ttf
Requested by: Host: xn--80atb.net
URL: https://xn--80atb.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.45.66.104 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host-185-45-66-104.superhosting.bg
Software: Apache /
Resource Hash: 40d4cb30d26c1301383bc7445dd80bf4e3279374d2ff74c771aa4c3db182358f

Request headers

Referer: https://xn--80atb.net/
Origin: https://xn--80atb.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:38 GMT
content-encoding: gzip
last-modified: Sun, 06 Feb 2022 17:23:02 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: font/ttf
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 3002
expires: Mon, 13 Jun 2022 02:00:38 GMT

GET
H2 200 wpo-minify-header-df8342a0.min.css
xn--80atb.net/wp-content/cache/wpo-minify/1652305154/assets/ 217 KB
61 KB 76ms
75ms Stylesheet
text/css 185.45.66.104
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80atb.net/wp-content/cache/wpo-minify/1652305154/assets/wpo-minify-header-df8342a0.min.css
Requested by: Host: xn--80atb.net
URL: https://xn--80atb.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.45.66.104 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host-185-45-66-104.superhosting.bg
Software: Apache /
Resource Hash: dcda86e6b7471d29fe0cc8436f47e6192ed682d9ae708b180e0afbdfe543150a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:38 GMT
content-encoding: gzip
last-modified: Wed, 11 May 2022 22:05:33 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public
accept-ranges: bytes
expires: Mon, 13 Jun 2022 02:00:38 GMT

GET
H2 200 wpo-minify-header-7e6b175a.min.js Show response
xn--80atb.net/wp-content/cache/wpo-minify/1652305154/assets/ 102 KB
35 KB 42ms
41ms Script
application/javascript 185.45.66.104
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80atb.net/wp-content/cache/wpo-minify/1652305154/assets/wpo-minify-header-7e6b175a.min.js
Requested by: Host: xn--80atb.net
URL: https://xn--80atb.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.45.66.104 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host-185-45-66-104.superhosting.bg
Software: Apache /
Resource Hash: ba2f047ad6fec52b469aaccf98c4778379da03bf5b93ffb3c5d8c4610b4126d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:38 GMT
content-encoding: gzip
last-modified: Wed, 11 May 2022 21:39:36 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: private
accept-ranges: bytes
content-length: 35461
expires: Mon, 13 Jun 2022 02:00:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 62ms
26ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-211247320-1

Requested by

Host: xn--80atb.net
URL: https://xn--80atb.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b25e6de1d07250efb88580cd9c740677dbe3e8f5effd8816a319bf55b30cae25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39197
x-xss-protection: 0
last-modified: Mon, 16 May 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 16 May 2022 02:00:34 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
56 KB 67ms
33ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4356309995287631

Requested by

Host: xn--80atb.net
URL: https://xn--80atb.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cedff46494c3a2adb5426100a40d96d4147b3daa69435c4952e80a84f6235ee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--80atb.net/
Origin: https://xn--80atb.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56439
x-xss-protection: 0
server: cafe
etag: 157747680731894649
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 16 May 2022 02:00:34 GMT

GET
H2 200 %D0%BA%D0%B0%D0%BA-%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B8-%D1%85%D1%80%D0%B0%D0%BD%D0%BE%D1%81%D0%BC%D0%B8%D0%BB%D0%B0%D1%82%D0%B5%D0%BB%D0%BD%D0%B0%D1%82%D0%B0-%D1%81%D0%B8%D1%81%D1%82%D0%B5%D0%BC%D...
xn--80atb.net/wp-content/uploads/2022/04/ 102 KB
103 KB 36ms
36ms Image
image/jpeg 185.45.66.104
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80atb.net/wp-content/uploads/2022/04/%D0%BA%D0%B0%D0%BA-%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%B8-%D1%85%D1%80%D0%B0%D0%BD%D0%BE%D1%81%D0%BC%D0%B8%D0%BB%D0%B0%D1%82%D0%B5%D0%BB%D0%BD%D0%B0%D1%82%D0%B0-%D1%81%D0%B8%D1%81%D1%82%D0%B5%D0%BC%D0%B0.jpg
Requested by: Host: xn--80atb.net
URL: https://xn--80atb.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.45.66.104 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host-185-45-66-104.superhosting.bg
Software: Apache /
Resource Hash: 3381b416ff59f92760b6087c1680287eddffabec2f918574a6cdc10124d6bda7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:38 GMT
last-modified: Thu, 12 May 2022 19:44:41 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
content-length: 104867
expires: Mon, 13 Jun 2022 02:00:38 GMT

GET
H2 200 wpo-minify-footer-dcdd1eb9.min.js Show response
xn--80atb.net/wp-content/cache/wpo-minify/1652305154/assets/ 36 KB
9 KB 37ms
36ms Script
application/javascript 185.45.66.104
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80atb.net/wp-content/cache/wpo-minify/1652305154/assets/wpo-minify-footer-dcdd1eb9.min.js
Requested by: Host: xn--80atb.net
URL: https://xn--80atb.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.45.66.104 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host-185-45-66-104.superhosting.bg
Software: Apache /
Resource Hash: 2cf8702b2c326cdf37cf07528047c30b46c67fe23680fa7bfee134f8d716b0c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:38 GMT
content-encoding: gzip
last-modified: Wed, 11 May 2022 22:05:33 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: private
accept-ranges: bytes
content-length: 9204
expires: Mon, 13 Jun 2022 02:00:38 GMT

GET
H2 200 genericons-neue.svg
xn--80atb.net/wp-content/themes/donovan/assets/icons/ 27 KB
8 KB 67ms
67ms Other
image/svg+xml 185.45.66.104
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80atb.net/wp-content/themes/donovan/assets/icons/genericons-neue.svg
Requested by: Host: xn--80atb.net
URL: https://xn--80atb.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.45.66.104 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host-185-45-66-104.superhosting.bg
Software: Apache /
Resource Hash: 1ef564b89fc8b8baa6609f30535c85a5f7e793f16879169cbf7a8987fd85405d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:38 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 11:17:37 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 8122
expires: Mon, 13 Jun 2022 02:00:38 GMT

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
xn--80atb.net/wp-content/fonts/raleway/ 21 KB
21 KB 62ms
62ms Font
font/woff2 185.45.66.104
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80atb.net/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
Requested by: Host: xn--80atb.net
URL: https://xn--80atb.net/wp-content/cache/wpo-minify/1652305154/assets/wpo-minify-header-df8342a0.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.45.66.104 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host-185-45-66-104.superhosting.bg
Software: Apache /
Resource Hash: 1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394

Request headers

Referer: https://xn--80atb.net/wp-content/cache/wpo-minify/1652305154/assets/wpo-minify-header-df8342a0.min.css
Origin: https://xn--80atb.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:38 GMT
last-modified: Thu, 14 Oct 2021 11:32:10 GMT
server: Apache
vary: User-Agent
content-type: font/woff2
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 21028
expires: Mon, 13 Jun 2022 02:00:38 GMT

GET
H2 200 6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
xn--80atb.net/wp-content/fonts/quicksand/ 13 KB
14 KB 61ms
61ms Font
font/woff2 185.45.66.104
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80atb.net/wp-content/fonts/quicksand/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkP8o58a-wg.woff2
Requested by: Host: xn--80atb.net
URL: https://xn--80atb.net/wp-content/cache/wpo-minify/1652305154/assets/wpo-minify-header-df8342a0.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.45.66.104 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host-185-45-66-104.superhosting.bg
Software: Apache /
Resource Hash: 9e56d22c4c632bd0b72bbaf1fed2472ddb3707287435fe92bb00ec97f13ca8f9

Request headers

Referer: https://xn--80atb.net/wp-content/cache/wpo-minify/1652305154/assets/wpo-minify-header-df8342a0.min.css
Origin: https://xn--80atb.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:38 GMT
last-modified: Thu, 14 Oct 2021 11:32:08 GMT
server: Apache
vary: User-Agent
content-type: font/woff2
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 13776
expires: Mon, 13 Jun 2022 02:00:38 GMT

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCMPrEHJA.woff2
xn--80atb.net/wp-content/fonts/raleway/ 12 KB
12 KB 57ms
57ms Font
font/woff2 185.45.66.104
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80atb.net/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCMPrEHJA.woff2
Requested by: Host: xn--80atb.net
URL: https://xn--80atb.net/wp-content/cache/wpo-minify/1652305154/assets/wpo-minify-header-df8342a0.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.45.66.104 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host-185-45-66-104.superhosting.bg
Software: Apache /
Resource Hash: a9f2a909ac4d2fedc21a48f016776d87cf11297ffeba9755a6cf88694ecbbf28

Request headers

Referer: https://xn--80atb.net/wp-content/cache/wpo-minify/1652305154/assets/wpo-minify-header-df8342a0.min.css
Origin: https://xn--80atb.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:38 GMT
last-modified: Thu, 14 Oct 2021 11:32:09 GMT
server: Apache
vary: User-Agent
content-type: font/woff2
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 11820
expires: Mon, 13 Jun 2022 02:00:38 GMT

GET
H2 200 %D0%B4%D0%BE%D0%B1%D1%80%D0%B0%D1%82%D0%B0-%D1%87%D1%80%D0%B5%D0%B2%D0%BD%D0%B0-%D1%84%D0%BB%D0%BE%D1%80%D0%B0.jpg
xn--80atb.net/wp-content/uploads/2022/05/ 131 KB
132 KB 42ms
41ms Image
image/jpeg 185.45.66.104
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80atb.net/wp-content/uploads/2022/05/%D0%B4%D0%BE%D0%B1%D1%80%D0%B0%D1%82%D0%B0-%D1%87%D1%80%D0%B5%D0%B2%D0%BD%D0%B0-%D1%84%D0%BB%D0%BE%D1%80%D0%B0.jpg
Requested by: Host: xn--80atb.net
URL: https://xn--80atb.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.45.66.104 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host-185-45-66-104.superhosting.bg
Software: Apache /
Resource Hash: e2dc0fcb9e5adf509cc0ce2492214c047251e22bf7b980f5eb1abd6cdb8026f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:38 GMT
last-modified: Thu, 12 May 2022 19:34:24 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
content-length: 134523
expires: Mon, 13 Jun 2022 02:00:38 GMT

GET
H2 200 %D0%BA%D0%B0%D0%BA-%D0%B4%D0%B0-%D1%81%D0%BF%D1%80%D0%B5%D0%BC-%D0%BA%D0%B8%D1%81%D0%B5%D0%BB%D0%B8%D0%BD%D0%B8%D1%82%D0%B5.jpg
xn--80atb.net/wp-content/uploads/2022/04/ 113 KB
114 KB 41ms
41ms Image
image/jpeg 185.45.66.104
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80atb.net/wp-content/uploads/2022/04/%D0%BA%D0%B0%D0%BA-%D0%B4%D0%B0-%D1%81%D0%BF%D1%80%D0%B5%D0%BC-%D0%BA%D0%B8%D1%81%D0%B5%D0%BB%D0%B8%D0%BD%D0%B8%D1%82%D0%B5.jpg
Requested by: Host: xn--80atb.net
URL: https://xn--80atb.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.45.66.104 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host-185-45-66-104.superhosting.bg
Software: Apache /
Resource Hash: 60f8278b2706adb0674834fc7e8532f77dce39f7432b5b10c79050fb2cc1d93b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:38 GMT
last-modified: Wed, 11 May 2022 20:58:31 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
content-length: 115546
expires: Mon, 13 Jun 2022 02:00:38 GMT

GET
H2 200 %D0%BA%D0%B0%D0%BA-%D0%B4%D0%B0-%D1%81%D0%B5-%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%B8%D0%BC-%D1%81-%D0%B3%D0%B0%D0%B4%D0%B5%D0%BD%D0%B5%D1%82%D0%BE-%D0%B8-%D0%BF%D0%BE%D0%B2%D1%80%D1%8A%D1%89%D0%B0%D0%...
xn--80atb.net/wp-content/uploads/2022/04/ 96 KB
96 KB 42ms
41ms Image
image/jpeg 185.45.66.104
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80atb.net/wp-content/uploads/2022/04/%D0%BA%D0%B0%D0%BA-%D0%B4%D0%B0-%D1%81%D0%B5-%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%B8%D0%BC-%D1%81-%D0%B3%D0%B0%D0%B4%D0%B5%D0%BD%D0%B5%D1%82%D0%BE-%D0%B8-%D0%BF%D0%BE%D0%B2%D1%80%D1%8A%D1%89%D0%B0%D0%BD%D0%B5%D1%82%D0%BE.jpg
Requested by: Host: xn--80atb.net
URL: https://xn--80atb.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.45.66.104 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host-185-45-66-104.superhosting.bg
Software: Apache /
Resource Hash: d1cd8fed65fbdff9ac11abbcc76e82500d345535c4c75ec715531b0a1e277e8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:38 GMT
last-modified: Wed, 11 May 2022 20:51:32 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
content-length: 97948
expires: Mon, 13 Jun 2022 02:00:38 GMT

GET
H2 200 %D0%BA%D0%B0%D0%BA-%D0%B4%D0%B0-%D1%81%D0%BF%D1%80%D0%B5%D0%BC-%D0%BA%D0%B0%D1%88%D0%BB%D0%B8%D1%86%D0%B0%D1%82%D0%B0-%D0%B7%D0%B0-%D0%B5%D0%B4%D0%B8%D0%BD-%D0%B4%D0%B5%D0%BD.jpg
xn--80atb.net/wp-content/uploads/2022/04/ 77 KB
78 KB 42ms
41ms Image
image/jpeg 185.45.66.104
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80atb.net/wp-content/uploads/2022/04/%D0%BA%D0%B0%D0%BA-%D0%B4%D0%B0-%D1%81%D0%BF%D1%80%D0%B5%D0%BC-%D0%BA%D0%B0%D1%88%D0%BB%D0%B8%D1%86%D0%B0%D1%82%D0%B0-%D0%B7%D0%B0-%D0%B5%D0%B4%D0%B8%D0%BD-%D0%B4%D0%B5%D0%BD.jpg
Requested by: Host: xn--80atb.net
URL: https://xn--80atb.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.45.66.104 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host-185-45-66-104.superhosting.bg
Software: Apache /
Resource Hash: 49aba63a177219c7547c53f31d8974c8aab29bf58acd414f2afb4602bb597dea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:38 GMT
last-modified: Tue, 03 May 2022 12:25:57 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
content-length: 79347
expires: Mon, 13 Jun 2022 02:00:38 GMT

GET
H2 200 1.js Show response
cdn.ywxi.net/js/ 19 KB
5 KB 51ms
8ms Script
text/javascript 2600:9000:2057:b600:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ywxi.net/js/1.js

Requested by

Host: xn--80atb.net
URL: https://xn--80atb.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:b600:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

ee01d40bfdd77aba5652b3ff93095712b618a6a2cc2637828bd875979cfe9cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 01:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache: Hit from cloudfront
content-length: 4567
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: DFroWQGhnFSOi6GFLWwXZt5RLGZmuUPUVNOtgkDhTsXHTZlaW2O5lA==
expires: Mon, 16 May 2022 02:55:11 GMT

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCMPrEHJA.woff2
xn--80atb.net/wp-content/fonts/raleway/ 12 KB
12 KB 65ms
64ms Font
font/woff2 185.45.66.104
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80atb.net/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCMPrEHJA.woff2
Requested by: Host: xn--80atb.net
URL: https://xn--80atb.net/wp-content/cache/wpo-minify/1652305154/assets/wpo-minify-header-df8342a0.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.45.66.104 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host-185-45-66-104.superhosting.bg
Software: Apache /
Resource Hash: 55116c79e34650467da74d03d5ef451cff3667e2a0dc9b0a5177b754cd1bd739

Request headers

Referer: https://xn--80atb.net/wp-content/cache/wpo-minify/1652305154/assets/wpo-minify-header-df8342a0.min.css
Origin: https://xn--80atb.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:38 GMT
last-modified: Thu, 14 Oct 2021 11:32:10 GMT
server: Apache
vary: User-Agent
content-type: font/woff2
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 11880
expires: Mon, 13 Jun 2022 02:00:38 GMT

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2
xn--80atb.net/wp-content/fonts/raleway/ 21 KB
21 KB 65ms
64ms Font
font/woff2 185.45.66.104
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--80atb.net/wp-content/fonts/raleway/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2
Requested by: Host: xn--80atb.net
URL: https://xn--80atb.net/wp-content/cache/wpo-minify/1652305154/assets/wpo-minify-header-df8342a0.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.45.66.104 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host-185-45-66-104.superhosting.bg
Software: Apache /
Resource Hash: 0d3b3a3f34ffd3526eea2f77aebe34caa8e86c59002dfd89aa834b0986feeaa2

Request headers

Referer: https://xn--80atb.net/wp-content/cache/wpo-minify/1652305154/assets/wpo-minify-header-df8342a0.min.css
Origin: https://xn--80atb.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:38 GMT
last-modified: Thu, 14 Oct 2021 11:32:10 GMT
server: Apache
vary: User-Agent
content-type: font/woff2
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 21352
expires: Mon, 13 Jun 2022 02:00:38 GMT

GET
H2 200 %D1%85%D1%80%D0%B0%D0%BD%D0%B8%D1%82%D0%B5%D0%BB%D0%BD%D0%BE-%D0%BE%D1%82%D1%80%D0%B0%D0%B2%D1%8F%D0%BD%D0%B5.jpg
xn--80atb.net/wp-content/uploads/2022/04/ 111 KB
112 KB 58ms
57ms Image
image/jpeg 185.45.66.104
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80atb.net/wp-content/uploads/2022/04/%D1%85%D1%80%D0%B0%D0%BD%D0%B8%D1%82%D0%B5%D0%BB%D0%BD%D0%BE-%D0%BE%D1%82%D1%80%D0%B0%D0%B2%D1%8F%D0%BD%D0%B5.jpg
Requested by: Host: xn--80atb.net
URL: https://xn--80atb.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.45.66.104 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host-185-45-66-104.superhosting.bg
Software: Apache /
Resource Hash: 13b4b0098867c64fcc1c5d00a82706b4a14c5e7ca545e80e08bd0123d7d0487c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:38 GMT
last-modified: Fri, 29 Apr 2022 14:07:05 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
content-length: 114061
expires: Mon, 13 Jun 2022 02:00:38 GMT

GET
H2 200 %D0%BA%D0%B0%D0%BA-%D0%B4%D0%B0-%D1%81%D0%BF%D1%80%D0%B5%D0%BC-%D0%BA%D1%8A%D1%80%D0%BA%D0%BE%D1%80%D0%B5%D0%BD%D0%B5%D1%82%D0%BE-%D0%BD%D0%B0-%D1%87%D0%B5%D1%80%D0%B2%D0%B0%D1%82%D0%B0.jpg
xn--80atb.net/wp-content/uploads/2022/04/ 82 KB
83 KB 59ms
59ms Image
image/jpeg 185.45.66.104
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80atb.net/wp-content/uploads/2022/04/%D0%BA%D0%B0%D0%BA-%D0%B4%D0%B0-%D1%81%D0%BF%D1%80%D0%B5%D0%BC-%D0%BA%D1%8A%D1%80%D0%BA%D0%BE%D1%80%D0%B5%D0%BD%D0%B5%D1%82%D0%BE-%D0%BD%D0%B0-%D1%87%D0%B5%D1%80%D0%B2%D0%B0%D1%82%D0%B0.jpg
Requested by: Host: xn--80atb.net
URL: https://xn--80atb.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.45.66.104 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host-185-45-66-104.superhosting.bg
Software: Apache /
Resource Hash: 6ad4a59149602ca1b8c56bf597726acfa8e67278fd04e5f63502d4e1776e3c03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:38 GMT
last-modified: Wed, 20 Apr 2022 10:11:16 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
content-length: 84134
expires: Mon, 13 Jun 2022 02:00:38 GMT

GET
H2 200 %D0%BA%D0%B0%D0%BA-%D1%81%D0%B5-%D0%BB%D0%B5%D0%BA%D1%83%D0%B2%D0%B0-%D0%B4%D0%B8%D0%B0%D1%80%D0%B8%D1%8F.png
xn--80atb.net/wp-content/uploads/2022/04/ 949 KB
951 KB 60ms
59ms Image
image/png 185.45.66.104
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80atb.net/wp-content/uploads/2022/04/%D0%BA%D0%B0%D0%BA-%D1%81%D0%B5-%D0%BB%D0%B5%D0%BA%D1%83%D0%B2%D0%B0-%D0%B4%D0%B8%D0%B0%D1%80%D0%B8%D1%8F.png
Requested by: Host: xn--80atb.net
URL: https://xn--80atb.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.45.66.104 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host-185-45-66-104.superhosting.bg
Software: Apache /
Resource Hash: 6e82f77a5aff7e7354f849289a5e7da584996e9c4f883b5ecf50bc90e7710b35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:38 GMT
last-modified: Wed, 20 Apr 2022 06:36:42 GMT
server: Apache
vary: User-Agent
content-type: image/png
cache-control: public
accept-ranges: bytes
content-length: 972170
expires: Mon, 13 Jun 2022 02:00:38 GMT

GET
H2 200 %D0%BA%D0%B0%D0%BA-%D0%B4%D0%B0-%D0%BF%D0%BE%D0%B4%D0%BE%D0%B1%D1%80%D0%B8%D0%BC-%D1%85%D1%80%D0%B0%D0%BD%D0%BE%D1%81%D0%BC%D0%B8%D0%BB%D0%B0%D0%BD%D0%B5%D1%82%D0%BE.jpg
xn--80atb.net/wp-content/uploads/2022/03/ 87 KB
87 KB 57ms
57ms Image
image/jpeg 185.45.66.104
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80atb.net/wp-content/uploads/2022/03/%D0%BA%D0%B0%D0%BA-%D0%B4%D0%B0-%D0%BF%D0%BE%D0%B4%D0%BE%D0%B1%D1%80%D0%B8%D0%BC-%D1%85%D1%80%D0%B0%D0%BD%D0%BE%D1%81%D0%BC%D0%B8%D0%BB%D0%B0%D0%BD%D0%B5%D1%82%D0%BE.jpg
Requested by: Host: xn--80atb.net
URL: https://xn--80atb.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.45.66.104 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host-185-45-66-104.superhosting.bg
Software: Apache /
Resource Hash: 1e456f58d6067276c6256254a3b85639de34387f2e74b7a375148f054a7201ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:38 GMT
last-modified: Tue, 19 Apr 2022 06:34:12 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
content-length: 89208
expires: Mon, 13 Jun 2022 02:00:38 GMT

GET
H2 200 %D0%BA%D0%B0%D0%BA-%D0%B4%D0%B0-%D1%81%D0%B5-%D0%BE%D1%81%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B8%D0%BC-%D0%BE%D1%82-%D0%B3%D0%B0%D0%B7%D0%BE%D0%B2%D0%B5%D1%82%D0%B5-%D0%B2-%D0%BA%D0%BE%D1%80%D0%B5%D0%...
xn--80atb.net/wp-content/uploads/2022/04/ 113 KB
114 KB 59ms
59ms Image
image/jpeg 185.45.66.104
SUPERHOSTING_AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xn--80atb.net/wp-content/uploads/2022/04/%D0%BA%D0%B0%D0%BA-%D0%B4%D0%B0-%D1%81%D0%B5-%D0%BE%D1%81%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B8%D0%BC-%D0%BE%D1%82-%D0%B3%D0%B0%D0%B7%D0%BE%D0%B2%D0%B5%D1%82%D0%B5-%D0%B2-%D0%BA%D0%BE%D1%80%D0%B5%D0%BC%D0%B0.jpg
Requested by: Host: xn--80atb.net
URL: https://xn--80atb.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.45.66.104 , Bulgaria, ASN201200 (SUPERHOSTING_AS, BG),
Reverse DNS: host-185-45-66-104.superhosting.bg
Software: Apache /
Resource Hash: 5c86b1be9e368e5e8f6df666149f73f91e057f7a38c3b74228ccc83b14065645

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:38 GMT
last-modified: Thu, 14 Apr 2022 07:40:46 GMT
server: Apache
vary: User-Agent
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
content-length: 116155
expires: Mon, 13 Jun 2022 02:00:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 52ms
12ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-211247320-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1544
date: Mon, 16 May 2022 01:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 16 May 2022 03:34:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8EXRVRK6GL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-211247320-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a1b3d59fd33bf6373ad0d1ce340b8f239c0a4e943e03d105bb9441ec7eac2206

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:34 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69495
x-xss-protection: 0
expires: Mon, 16 May 2022 02:00:34 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/ 308 KB
110 KB 95ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4356309995287631&plah=xn--80atb.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4356309995287631

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

772df963d8b9fd3e9277a6c8fda76f359f583053a48bccacf02472cd171410fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112595
x-xss-protection: 0
server: cafe
etag: 616062139323646971
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 16 May 2022 02:00:34 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/ Frame 03D7 10 KB
5 KB 97ms
23ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220511/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4356309995287631

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--80atb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28035
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 May 2022 18:13:19 GMT
etag: 1428802124239944296
expires: Sun, 29 May 2022 18:13:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 403
Forbidden client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/xn--80atb.net/ 243 B
818 B 669ms
171ms XHR
application/xml 52.218.197.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/xn--80atb.net/client.json?source=jsmain
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.197.72 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 992e6395cebed89b062242353c0231dc071c6d93b4ece0bc33ac9818b7a41c38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 16 May 2022 02:00:35 GMT
Server: AmazonS3
x-amz-request-id: T5GSZ1GGE58Q0TYK
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/xml
Access-Control-Allow-Origin: https://xn--80atb.net
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 60
Transfer-Encoding: chunked
x-amz-id-2: Ij8j+A8IZDks1LvXOVfvlFeRW1UsXyzGlyUVjFGZ6Y0M+KlveWDg6i39Bhot1Qbj2WQSEWxS9aM=

GET
H/1.1 403
Forbidden client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/xn--80atb.net/ 243 B
818 B 672ms
174ms XHR
application/xml 52.218.197.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/xn--80atb.net/client.json?source=jsinline
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.197.72 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: c10ad47bba38f141fea853b12712a7307c3f0a0a5573ed29f101daa1c35c579e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Mon, 16 May 2022 02:00:34 GMT
Server: AmazonS3
x-amz-request-id: T5GTWR148X4GWQDS
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/xml
Access-Control-Allow-Origin: https://xn--80atb.net
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 60
Transfer-Encoding: chunked
x-amz-id-2: r8lCFod8/wJQicF3ccqhvKhVZ397a3GNw1/wROC+l6qSczcs3KbOo7A/NwJtE+jFkFEuRctyH5g=

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 69ms
20ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-8EXRVRK6GL&gtm=2oe5b0&_p=1894430574&_z=ccd.tbB&cid=1676580250.1652666435&gdid=dZTNiMT&ul=en-us&sr=1600x1200&_s=1&sid=1652666434&sct=1&seg=0&dl=https%3A%2F%2Fxn--80atb.net%2F&dt=%D0%9A%D0%B0%D0%BA%3FNET%20-%20%D0%92%D1%81%D0%B8%D1%87%D0%BA%D0%B8%20%D0%BE%D1%82%D0%B3%D0%BE%D0%B2%D0%BE%D1%80%D0%B8%20%D0%BD%D0%B0%20%22%D0%9A%D0%B0%D0%BA%3F%22&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8EXRVRK6GL&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 02:00:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xn--80atb.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 51ms
21ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1894430574&t=pageview&_s=1&dl=https%3A%2F%2Fxn--80atb.net%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%B0%D0%BA%3FNET%20-%20%D0%92%D1%81%D0%B8%D1%87%D0%BA%D0%B8%20%D0%BE%D1%82%D0%B3%D0%BE%D0%B2%D0%BE%D1%80%D0%B8%20%D0%BD%D0%B0%20%22%D0%9A%D0%B0%D0%BA%3F%22&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAAC~&jid=839574713&gjid=704294155&cid=1676580250.1652666435&tid=UA-211247320-1&_gid=284128034.1652666435&_r=1&gtm=2ou5b0&did=dZTNiMT&gdid=dZTNiMT&z=887758058

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xn--80atb.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 16 May 2022 02:00:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xn--80atb.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 217 B
645 B 72ms
22ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=xn--80atb.net&callback=_gfp_s_&client=ca-pub-4356309995287631

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4356309995287631&plah=xn--80atb.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

cac8cc840dd1954272503aea01859f5eab079ddfb08c1f1764bbdaf6a03c1fb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 68ms
22ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=xn--80atb.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 May 2022 02:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 69ms
23ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xn--80atb.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 May 2022 02:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7177 253 KB
65 KB 301ms
273ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4356309995287631&output=html&adk=1812271804&adf=3025194257&lmt=1652640329&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxn--80atb.net%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652666434644&bpp=3&bdt=260&idt=136&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4252270126518&frm=20&pv=2&ga_vid=1676580250.1652666435&ga_sid=1652666435&ga_hid=1894430574&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C21066433%2C31060566%2C31067488&oid=2&pvsid=1347893098220694&pem=291&tmod=829330227&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=151

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8159ddf3511a81365c561745abc43b890d1c126dc62a769d0bba67632b9f33ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--80atb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 66321
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 May 2022 02:00:35 GMT
expires: Mon, 16 May 2022 02:00:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E0D6 23 KB
9 KB 407ms
392ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4356309995287631&output=html&h=280&slotname=6733042739&adk=1821822062&adf=1733352677&pi=t.ma~as.6733042739&w=362&fwrn=4&fwrnh=100&lmt=1652640329&rafmt=1&psa=0&format=362x280&url=https%3A%2F%2Fxn--80atb.net%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652666434647&bpp=2&bdt=263&idt=158&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4252270126518&frm=20&pv=1&ga_vid=1676580250.1652666435&ga_sid=1652666435&ga_hid=1894430574&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C21066433%2C31060566%2C31067488&oid=2&pvsid=1347893098220694&pem=291&tmod=829330227&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IK0jVcvsS8&p=https%3A//xn--80atb.net&dtd=163

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

863bd708065b32d071b55aceff66475036ec1d687db55b98d9c341e243c567d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--80atb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9700
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 May 2022 02:00:35 GMT
expires: Mon, 16 May 2022 02:00:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/ 146 KB
52 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205100101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c07bb4bda3f5f667b6124138285cf123e527f4790ea2637989d210515d1dad7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52974
x-xss-protection: 0
server: cafe
etag: 9842031120389082875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 May 2022 02:00:35 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 54ms
24ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=xn--80atb.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 May 2022 02:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 54ms
24ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xn--80atb.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 May 2022 02:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 17FA 21 KB
10 KB 403ms
403ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4356309995287631&output=html&h=280&adk=258217118&adf=1121205982&pi=t.aa~a.329332565~rp.4&w=410&fwrn=4&fwrnh=100&lmt=1652640329&rafmt=1&to=qs&pwprc=5316912879&psa=0&format=410x280&url=https%3A%2F%2Fxn--80atb.net%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652666435138&bpp=1&bdt=754&idt=1&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df128d0cb8b2cad60-226cf9e795cd0007%3AT%3D1652666434%3ART%3D1652666434%3AS%3DALNI_MY97-E3xBNrnvyIOl4sakNcaLS7Ow&prev_fmts=0x0%2C362x280&nras=2&correlator=4252270126518&frm=20&pv=1&ga_vid=1676580250.1652666435&ga_sid=1652666435&ga_hid=1894430574&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1086&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C21066433%2C31060566%2C31067488&oid=2&pvsid=1347893098220694&pem=291&tmod=829330227&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=gHL576W8AA&p=https%3A//xn--80atb.net&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

062d46b227ccfe76e8e216755c6bea6602eca606503fac2c17b26d502151a4de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--80atb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 10529
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 May 2022 02:00:35 GMT
expires: Mon, 16 May 2022 02:00:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/ Frame A13E 10 KB
4 KB 14ms
13ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--80atb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24455
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 May 2022 19:13:00 GMT
etag: 1428802124239944296
expires: Sun, 29 May 2022 19:13:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/ Frame 377C 10 KB
4 KB 13ms
13ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--80atb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24455
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 May 2022 19:13:00 GMT
etag: 1428802124239944296
expires: Sun, 29 May 2022 19:13:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame E0D6 3 KB
1 KB 62ms
26ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4356309995287631&output=html&h=280&slotname=6733042739&adk=1821822062&adf=1733352677&pi=t.ma~as.6733042739&w=362&fwrn=4&fwrnh=100&lmt=1652640329&rafmt=1&psa=0&format=362x280&url=https%3A%2F%2Fxn--80atb.net%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652666434647&bpp=2&bdt=263&idt=158&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4252270126518&frm=20&pv=1&ga_vid=1676580250.1652666435&ga_sid=1652666435&ga_hid=1894430574&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C21066433%2C31060566%2C31067488&oid=2&pvsid=1347893098220694&pem=291&tmod=829330227&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IK0jVcvsS8&p=https%3A//xn--80atb.net&dtd=163

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 01:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 May 2022 01:40:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E0D6 121 KB
37 KB 56ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37626
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652269989122821"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 16 May 2022 02:00:35 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame E0D6 15 KB
7 KB 49ms
14ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 01:55:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6412
x-xss-protection: 0
server: cafe
etag: 1643562372680595834
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 May 2022 01:55:39 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame A13E 4 KB
1 KB 73ms
22ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 May 2022 00:50:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 16 May 2022 02:00:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 May 2022 02:00:35 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A13E 205 B
742 B 48ms
13ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 23:51:14 GMT
x-content-type-options: nosniff
age: 7761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 15 May 2023 23:51:14 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A13E 604 B
695 B 48ms
13ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 19:29:04 GMT
x-content-type-options: nosniff
age: 23491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 15 May 2023 19:29:04 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame A13E 19 KB
8 KB 60ms
28ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 01:44:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8280
x-xss-protection: 0
server: cafe
etag: 1405619832300133377
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 May 2022 01:44:51 GMT

GET
H2 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 377C 7 KB
3 KB 57ms
27ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a769936af844dea88b7d829670c48811b6ecc9f47575331da26fef27bcad3b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 18:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3256
x-xss-protection: 0
server: cafe
etag: 15417618671789030767
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 May 2022 18:00:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 377C 4 KB
691 B 70ms
23ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4c8133f9ff3d5ddfa526a8a06252211430b695a31b8a02cdbaf4e538a8080610

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 May 2022 00:10:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 16 May 2022 02:00:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 May 2022 02:00:35 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 377C 2 KB
984 B 56ms
28ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 01:08:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3097
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 May 2022 01:08:58 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 377C 19 KB
8 KB 44ms
15ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 01:50:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7989
x-xss-protection: 0
server: cafe
etag: 11406487492938680093
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 May 2022 01:50:34 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 377C 3 KB
1 KB 55ms
27ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 01:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 May 2022 01:40:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 377C 121 KB
37 KB 64ms
36ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37626
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652269989122821"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 16 May 2022 02:00:35 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 377C 15 KB
6 KB 45ms
17ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 01:55:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6412
x-xss-protection: 0
server: cafe
etag: 1643562372680595834
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 May 2022 01:55:39 GMT

GET
H2 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 377C 30 KB
12 KB 45ms
14ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 12:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Thu, 05 May 2022 20:56:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Aug 2022 12:17:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E0D6 0
0 56ms
56ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0yk_QrCBYp2nNLeS1fAPsqCYqAbJntKxXPXqoYaIAcCNtwEQASAAYJUCggEXY2EtcHViLTQzNTYzMDk5OTUyODc2MzGgAdW20uoDyAEJqQI7gUlmmHexPqgDAaoEwgFP0FY4zUt6e3Yw_1dgoo6e1EfCJVKCuKmAEOheFUku_vyJGA3RSc9NwlCoirb-O3OzL4GI-pxO9JbzAOtGBEGZHL0Jr_Vg2DfNeLpge8Pcimy6RiQPH5NaJ3SEpSpc-bgiyBaXLiEj3iNHmjKx3iOQAWbIRFVV-zoDHPY-PitQ_pSQmcFDkoryv9ct1k2WZ9yIWd3FXuNLWH3g-QYBgUGn6hzqKSATAzczDwkmwK9uBXws8tx_T7EilynDKpfACMLF5YAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDM1NjMwOTk5NTI4NzYzMRgA&sigh=PH8n4UhZSKU&uach_m=[UACH]&cid=CAQSGwCNIrLMc-dVTh89lXKUMtXrXCG8-TJ_nxcswRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4356309995287631&output=html&h=280&slotname=6733042739&adk=1821822062&adf=1733352677&pi=t.ma~as.6733042739&w=362&fwrn=4&fwrnh=100&lmt=1652640329&rafmt=1&psa=0&format=362x280&url=https%3A%2F%2Fxn--80atb.net%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652666434647&bpp=2&bdt=263&idt=158&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4252270126518&frm=20&pv=1&ga_vid=1676580250.1652666435&ga_sid=1652666435&ga_hid=1894430574&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1110&ady=863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C21066433%2C31060566%2C31067488&oid=2&pvsid=1347893098220694&pem=291&tmod=829330227&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IK0jVcvsS8&p=https%3A//xn--80atb.net&dtd=163
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 16 May 2022 02:00:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 16 May 2022 02:00:35 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame E0D6 0
0 52ms
18ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMz6ROoCmAKdg2ICAgAAAMuFxwUhXsy-EEKwgWJuQdnBeJE1NR3xgwASAAA&wp=YoGwQgANE50IFUk3AAYQMgfBlfjc-fJRM9qepg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:34 GMT
server: Kestrel
server-processing-duration-in-ticks: 548423
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 3BC1 167 KB
54 KB 161ms
129ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YoGwQgANE50IFUk3AAYQMgfBlfjc-fJRM9qepg&u=%7C%2F1YwmRlT%2BJ2cCzI%2BELzDsBLP9kpGPAkr8D3oc93mheQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_DbRb0OfWH5Kqy_xY9C_7PZy7UnAbeyX_09gwFAh5ytPcN6gGOUiNkLXFpbC0aUcw5AHUDmS4Nomaf5S66XBneebCmoveNcJNaMHn5vRbEYQ2EkFHh7XyjeHT6GLmsBnBaov_k_pmqmWO5VmZ816l_wem9NnuzeX1bOHXGxwpEJHPu0MrRuuVBZ_Y78DjqUfCJDzq06iNMyhpqGHv7XaeCpbgR7GsTUAgWEozTMbvNvGnIS9Jh-1Sj6piRFp5tZ8MSTAds0Fv7yPleKWcZbZwpoH8cUVyRDcgkzKsZPdIq6OWgEdq9125YuILahn_8QzdCWCVC4DXFt2IKkEEreRFKbRS5kFGgJ3aRqUsk_X5aRS--tIiDcilo1WpBtONliGVsL83OiqT2j8b0inDSC2f8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-a_FQrCBYp2nNLeS1fAPsqCYqAbJntKxXPXqoYaIAcCNtwEQASAAYJUCggEXY2EtcHViLTQzNTYzMDk5OTUyODc2MzGgAdW20uoDyAEJqQI7gUlmmHexPqgDAaoExQFP0FY4zUt6e3Yw_1dgoo6e1EfCJVKCuKmAEOheFUku_vyJGA3RSc9NwlCoirb-O3OzL4GI-pxO9JbzAOtGBEGZHL0Jr_Vg2DfNeLpge8Pcimy6RiQPH5NaJ3SEpSpc-bgiyBaXLiEj3iNHmjKx3iOQAWbIRFVV-zoDHPY-PitQ_pSQmcFDkoryv9ct1k2WZ9yIWd3FXuNLWH3g-QZDg2A1bZN2Op-PF5TjMq_eybtks3YC6l7Lh4yEZZbdBo9FokbWWg1sQYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0aPTUYUzKg3zwCw8ZPmmivLldFBg%26client%3Dca-pub-4356309995287631%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9029e95b1d067186841899adaa38b2cbbbc24f56dadf8536f3a6d978a4256993

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 16 May 2022 02:00:33 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=hMTpO0Gp0Md8QpBxoyLBeCviDT_nD9qAdKljDvf2YtFXAhrT4Ql45IpxHQ-ufb5VywiOT4cdIXx4qt3g9DoR7olekHIm-KP9ToKRsjGerztNvNOeQESFw8lEm_DW92SMfJEBNxxiF8c9vaScujyt3ZMk1aLC5sqKZuEUHJywxmVxTZQh2USDbVMHUY7xwuxoIXdvXP8wI3MhW_riKD2LD-J9k0Ugzt_PxK1W5YZN1pX0Z_qPij7er0rBuaVS3tCJbdYqWg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 113791758
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 377C 0
0 55ms
55ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1ZGXQrCBYpruM4Wl9u8P1t6amA_l7NSRaozPzPesDMCNtwEQASCzoMiPAWCVAqABkrPR_QPIAQmpAjuBSWaYd7E-qAMByAPLBKoE5AFP0OZuvTRUkg2pyAFzqSSGXPra8gjZu_xoN4QrDyW_cWaFFOOAH7NAVHLgR-adOJRwT33rbPrUhPj2IH0iy6K_CyQPjLqiTpXvYo67jvVbuCfyS1iIQx_96b1WhZK91VLvHZAsd04pXXZOvQ_aNbCXWnaRVe8VAVcHZsG3yYa54YlY1IIfB8cRpuumiU4_KfPAaZtUu8wzelsBjZ7Uuf4VurKHMTTlSS_U3F_K95KY84qARfxnv8GFoWMWEVCW-aBVomADym_5dpI5vQ9bSF3lw4-60EbRVtYDgdxrBWHReWCnM4zABOOl-PuoA5IFBAgEGAGSBQQIBRgEoAYugAfWzK4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQpfkY0ggJCIDhgBAQARgfgAoByAsB2BMNiBQW0BUBmBYBgBcBshccChoIABIUcHViLTQzNTYzMDk5OTUyODc2MzEYAA&sigh=xEaWo3qxEPY&uach_m=[UACH]&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 16 May 2022 02:00:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/7066486029309785409/ Frame 377C 43 KB
43 KB 44ms
14ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7066486029309785409/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b8de5854836eaf6ff8fb124a2ff0082d921deb863a2d7b151e18b7182e9ddff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 08:04:40 GMT
x-content-type-options: nosniff
age: 64555
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43523
x-xss-protection: 0
last-modified: Sat, 14 May 2022 19:50:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 15 May 2023 08:04:40 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16385136710667525777/ Frame 377C 3 KB
3 KB 43ms
13ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16385136710667525777/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79594a90580bfbfa578a563cf7b34e1ad1d54bec99451021aa9f7a392f1b1186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 13:15:26 GMT
x-content-type-options: nosniff
age: 477909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3294
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 06:22:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 May 2023 13:15:26 GMT

GET
DATA 200
OK truncated
/ Frame E0D6 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43f9de164e18bdb46331e06833edb5db817094b479f9276157395a1fe70b1188

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 78BC 7 KB
3 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a769936af844dea88b7d829670c48811b6ecc9f47575331da26fef27bcad3b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 18:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3256
x-xss-protection: 0
server: cafe
etag: 15417618671789030767
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 May 2022 18:00:53 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 78BC 8 KB
892 B 49ms
22ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 May 2022 01:34:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 16 May 2022 02:00:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 May 2022 02:00:35 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 78BC 2 KB
904 B 25ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 01:08:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3097
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 May 2022 01:08:58 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame 78BC 19 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 01:50:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 601
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7989
x-xss-protection: 0
server: cafe
etag: 11406487492938680093
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 May 2022 01:50:34 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 78BC 3 KB
1 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 01:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 May 2022 01:40:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 78BC 121 KB
37 KB 62ms
34ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37626
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652269989122821"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 16 May 2022 02:00:35 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame 78BC 15 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 01:55:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6412
x-xss-protection: 0
server: cafe
etag: 1643562372680595834
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 May 2022 01:55:39 GMT

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 78BC 30 KB
12 KB 44ms
14ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 12:17:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 481390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Thu, 05 May 2022 20:56:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Aug 2022 12:17:25 GMT

GET
DATA 200
OK truncated
/ Frame 377C 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35ede4fde1511ab310a0042c5dd883130e46eec8144939ea42018beba4aaf50e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js Show response
pagead2.googlesyndication.com/bg/ Frame 1AFB 35 KB
13 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 03:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 May 2023 03:41:15 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 3BC1 2 KB
1 KB 39ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoGwQgANE50IFUk3AAYQMgfBlfjc-fJRM9qepg&u=%7C%2F1YwmRlT%2BJ2cCzI%2BELzDsBLP9kpGPAkr8D3oc93mheQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_DbRb0OfWH5Kqy_xY9C_7PZy7UnAbeyX_09gwFAh5ytPcN6gGOUiNkLXFpbC0aUcw5AHUDmS4Nomaf5S66XBneebCmoveNcJNaMHn5vRbEYQ2EkFHh7XyjeHT6GLmsBnBaov_k_pmqmWO5VmZ816l_wem9NnuzeX1bOHXGxwpEJHPu0MrRuuVBZ_Y78DjqUfCJDzq06iNMyhpqGHv7XaeCpbgR7GsTUAgWEozTMbvNvGnIS9Jh-1Sj6piRFp5tZ8MSTAds0Fv7yPleKWcZbZwpoH8cUVyRDcgkzKsZPdIq6OWgEdq9125YuILahn_8QzdCWCVC4DXFt2IKkEEreRFKbRS5kFGgJ3aRqUsk_X5aRS--tIiDcilo1WpBtONliGVsL83OiqT2j8b0inDSC2f8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-a_FQrCBYp2nNLeS1fAPsqCYqAbJntKxXPXqoYaIAcCNtwEQASAAYJUCggEXY2EtcHViLTQzNTYzMDk5OTUyODc2MzGgAdW20uoDyAEJqQI7gUlmmHexPqgDAaoExQFP0FY4zUt6e3Yw_1dgoo6e1EfCJVKCuKmAEOheFUku_vyJGA3RSc9NwlCoirb-O3OzL4GI-pxO9JbzAOtGBEGZHL0Jr_Vg2DfNeLpge8Pcimy6RiQPH5NaJ3SEpSpc-bgiyBaXLiEj3iNHmjKx3iOQAWbIRFVV-zoDHPY-PitQ_pSQmcFDkoryv9ct1k2WZ9yIWd3FXuNLWH3g-QZDg2A1bZN2Op-PF5TjMq_eybtks3YC6l7Lh4yEZZbdBo9FokbWWg1sQYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0aPTUYUzKg3zwCw8ZPmmivLldFBg%26client%3Dca-pub-4356309995287631%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:35 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 11 May 2023 02:00:35 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3BC1 2 KB
1 KB 40ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:35 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 11 May 2023 02:00:35 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 3BC1 308 B
636 B 37ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:35 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 11 May 2023 02:00:35 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 3BC1 507 B
835 B 38ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:35 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Thu, 11 May 2023 02:00:35 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 3BC1 0
690 B 165ms
100ms Image
text/plain 2600:9000:206f:ae00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1652666432
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoGwQgANE50IFUk3AAYQMgfBlfjc-fJRM9qepg&u=%7C%2F1YwmRlT%2BJ2cCzI%2BELzDsBLP9kpGPAkr8D3oc93mheQ%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86_DbRb0OfWH5Kqy_xY9C_7PZy7UnAbeyX_09gwFAh5ytPcN6gGOUiNkLXFpbC0aUcw5AHUDmS4Nomaf5S66XBneebCmoveNcJNaMHn5vRbEYQ2EkFHh7XyjeHT6GLmsBnBaov_k_pmqmWO5VmZ816l_wem9NnuzeX1bOHXGxwpEJHPu0MrRuuVBZ_Y78DjqUfCJDzq06iNMyhpqGHv7XaeCpbgR7GsTUAgWEozTMbvNvGnIS9Jh-1Sj6piRFp5tZ8MSTAds0Fv7yPleKWcZbZwpoH8cUVyRDcgkzKsZPdIq6OWgEdq9125YuILahn_8QzdCWCVC4DXFt2IKkEEreRFKbRS5kFGgJ3aRqUsk_X5aRS--tIiDcilo1WpBtONliGVsL83OiqT2j8b0inDSC2f8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-a_FQrCBYp2nNLeS1fAPsqCYqAbJntKxXPXqoYaIAcCNtwEQASAAYJUCggEXY2EtcHViLTQzNTYzMDk5OTUyODc2MzGgAdW20uoDyAEJqQI7gUlmmHexPqgDAaoExQFP0FY4zUt6e3Yw_1dgoo6e1EfCJVKCuKmAEOheFUku_vyJGA3RSc9NwlCoirb-O3OzL4GI-pxO9JbzAOtGBEGZHL0Jr_Vg2DfNeLpge8Pcimy6RiQPH5NaJ3SEpSpc-bgiyBaXLiEj3iNHmjKx3iOQAWbIRFVV-zoDHPY-PitQ_pSQmcFDkoryv9ct1k2WZ9yIWd3FXuNLWH3g-QZDg2A1bZN2Op-PF5TjMq_eybtks3YC6l7Lh4yEZZbdBo9FokbWWg1sQYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0aPTUYUzKg3zwCw8ZPmmivLldFBg%26client%3Dca-pub-4356309995287631%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ae00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 02:00:35 GMT
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: kThLsw_IaNxPAKxfmt75rwyFxDEEC6XhPYqQqyZcf9u7M-D06hHsEA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 3BC1 43 B
348 B 57ms
18ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=yLSioaIgar3PdS5R9BM-mVDRxQUbQeRGLfY-zp9V5i5HcHL9zXvdpGqM11uT6drn22G3KrPYMvQx5UpAyiiAlfgg9TjORyW1233UUDdc_9MJUnKuGzxt8iZ8KLDVaYEvUgxakaiNHbXvp3zZZDtXXinbhzWUJoAocuUe67yTadPz0CuFEaYKI84UUCadqvzO_NizRdpFkj3D19hyaPwtQ4k4JqP4-2fH3ACp2Xz0nhOUyBAEurtQNIpeKUlWlNHYEe7uGPTpMuV7bPlVTTGvlM2tqUpUsz7pMJLsObkii8oZaTb6acuk7WcZAwhA-YPhiWlqTu7l6TQmO_-cXFn4A3jQdX2POjRJulqaP4Q8BMW_fuvF6ZQYGdRQImNTytQYLzYXcknA_TkpPYjXdKyg-joTyX5wxFm0GISuIqvaKVquVU8sUl4CWFWV4EsIznPHHS5Ysg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 02:00:35 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2852136
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 3BC1 12 KB
6 KB 16ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:35 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 11 May 2023 02:00:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3BC1 19 KB
19 KB 62ms
26ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=116&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=720&s=aIeEv2ep51vshJaeJ205O3XK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

83b19de212ca6202b9339b9c3ad8b16c1775d34cc7663631c12cffbdcdacb8e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:34 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29027584
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 19171
expires: Mon, 17 Apr 2023 01:13:39 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 3BC1 0
128 B 57ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=hMTpO0Gp0Md8QpBxoyLBeCviDT_nD9qAdKljDvf2YtFXAhrT4Ql45IpxHQ-ufb5VywiOT4cdIXx4qt3g9DoR7olekHIm-KP9ToKRsjGerztNvNOeQESFw8lEm_DW92SMfJEBNxxiF8c9vaScujyt3ZMk1aLC5sqKZuEUHJywxmVxTZQh2USDbVMHUY7xwuxoIXdvXP8wI3MhW_riKD2LD-J9k0Ugzt_PxK1W5YZN1pX0Z_qPij7er0rBuaVS3tCJbdYqWg&sds=2&rev=81468.6&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 16 May 2022 02:00:34 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3BC1 2 KB
1 KB 12ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:35 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 11 May 2023 02:00:35 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 3BC1 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:35 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 11 May 2023 02:00:35 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 78BC 0
20 B 46ms
46ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=26&version=r20220511&sample=0.01

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/load_preloaded_resource_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 02:00:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js Show response
pagead2.googlesyndication.com/bg/ Frame B75D 35 KB
13 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 03:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 May 2023 03:41:15 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E43D 624 B
297 B 24ms
23ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGL7AjccBMAE&v=APEucNX_MvejV2ZCaFhgAO57X-Ktp0o53NuT1XLmjN-diMsaOxPEsJJmpMjAtghPBi0I8A6OMhdmdcE6RHrB0n1dPhVwkxxvY1F9BZjGru6JuLqA85eRHjJx3k0hvUf1KTD7vyub3ouCoy5dC7QHBHEwSxTb9C7Vw7Ggakl6XpSPAsOjdpQdxC4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4356309995287631&output=html&h=280&adk=258217118&adf=1121205982&pi=t.aa~a.329332565~rp.4&w=410&fwrn=4&fwrnh=100&lmt=1652640329&rafmt=1&to=qs&pwprc=5316912879&psa=0&format=410x280&url=https%3A%2F%2Fxn--80atb.net%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652666435138&bpp=1&bdt=754&idt=1&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df128d0cb8b2cad60-226cf9e795cd0007%3AT%3D1652666434%3ART%3D1652666434%3AS%3DALNI_MY97-E3xBNrnvyIOl4sakNcaLS7Ow&prev_fmts=0x0%2C362x280&nras=2&correlator=4252270126518&frm=20&pv=1&ga_vid=1676580250.1652666435&ga_sid=1652666435&ga_hid=1894430574&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1086&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C21066433%2C31060566%2C31067488&oid=2&pvsid=1347893098220694&pem=291&tmod=829330227&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=gHL576W8AA&p=https%3A//xn--80atb.net&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4356309995287631&output=html&h=280&adk=258217118&adf=1121205982&pi=t.aa~a.329332565~rp.4&w=410&fwrn=4&fwrnh=100&lmt=1652640329&rafmt=1&to=qs&pwprc=5316912879&psa=0&format=410x280&url=https%3A%2F%2Fxn--80atb.net%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652666435138&bpp=1&bdt=754&idt=1&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df128d0cb8b2cad60-226cf9e795cd0007%3AT%3D1652666434%3ART%3D1652666434%3AS%3DALNI_MY97-E3xBNrnvyIOl4sakNcaLS7Ow&prev_fmts=0x0%2C362x280&nras=2&correlator=4252270126518&frm=20&pv=1&ga_vid=1676580250.1652666435&ga_sid=1652666435&ga_hid=1894430574&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1086&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C21066433%2C31060566%2C31067488&oid=2&pvsid=1347893098220694&pem=291&tmod=829330227&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=gHL576W8AA&p=https%3A//xn--80atb.net&dtd=14
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 May 2022 02:00:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B577 81 KB
33 KB 96ms
96ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AlE2wVisAPj29uWYPo6wbGelisaIXOpqTW4vULqtjfltTNPk7S-2guxBaD35kL9EF2u1hyh9WA-1zY-Qs9ihwmDoeArvjwOmSJss8XjXBcO9E8McpvUKSkH7wi_mAsBNQ7zbmEuN6diP1SnjBGQHuAv4eqrQ&dbm_d=AKAmf-AMnT7Nfo7IHjha_tsxWZpfoO7ICXyfTj8SZ5FWu1uMlSafnwVyL2Mwy7u2soKHLFnFjIw63PXtT6IRWo1wLxRo73_ZWZX6xFL8hy83yRbZcQZRs5c9VyyjNPvYO4eKxRAj_fvNR4q9cPpSGaUqW4rEqV9hMFzQdA_mNmtJ2iy26r9dOWd7Z686tG_2tRGLZRqc0Y_p90uHyqCEincmjyvKCfSTEpw9OJOTf97JSoqW-T4MmbVF-i-0bfCra5xyX-KZCN1nMgCyI7LPYI971yQakyeSpAhIBoXnJQDY5uXU15g4oYipv5whM5jRbg8Cq7XNnWZBP395JFFTzcVRxPzS1bPS_JiMy2OFWpJmn_9MG-blfPR4U5BU_AxN-q3Eh5SmV1YI_H-2sxHuSuKtj9urW0lJ-KRByGSYvQKZ8QPARXzPkh_wtrfnIq825XlHnUu-AtqNfI0Em0Nzic8jeK9Tqfv3zNEmCd0zIne0EmqLp8D5FoUEecrufYUmLFqveG7A7Ym1Uir8DFjmxwMC6wPz71K5V7aqNOMm3iY-MQFTOljPTNWp7zz84TOzKk88ZvJ-HM-my4k6sMLClDHAGWSQPMI8j5_QzFaIP3M44OfgSy6S-_lSYMLXYiKNv7Fcu6GcAxJDu6bSR81GZ9Zs_PMaGRTNdV8_Wakev6RCWHtD-Nrwhl5mom8IN8w6J7D2g7CQAqzKFTWoElCM2tvWAgA3a2BbU3WeSs-T0oa0H7DmyiUGvTH7uEZFSEoLIoG4vlZUTQ7FmusxtMDOB_jzSqQJXFtldib9ILyyHxtEjKWV9afigGCBTruWQ3-cw101R5obznhejy4didrKEt5PNnzZlNlE8V4h9AOueeTaQVhPqMIABhapnoFoub-AnAEO7Qo8vX_nFW4I4yM8fZzvwxHiTzbQTR1MZ1c6gilOBrYSHNJLbG0Z0HLVTvV57K5SqLN-SLkpi1XKWuh4PHyHYVq52zEnPVYARWlRAuMu-R8Dcwkzl2ZbefSWGUMgoxIOHL9nyhh_O6JkShc5e9CUicb6e5C__KExZH_ArEhOqsfv_lwkn_eKTRpoaJqcXRPtPXljiBWLIhBCqixecXE_5D32lVOGr3X4lbzDdVKbDKJV_m7z3HxJUwFC6D2RwJyLEBVt26YMWj1oQjGVgLm2eLv5eQbRDc_HExC9l_WWxcGtPrkJOfEBDJhLTi59RX0wyKE--6B_v88Nsxt4YdXazi1-pFqm5NABezZ1efIwQR7P77376BKuPHnTiDO9VJxGYLxzuWEp22suyKupro2cbEekMzFEwzA11lizugrSjBeRbweXF7lhJcVhJB0mVkTqfG9SB0LNDu0Xzyha8OaWGw7eK3BQuMyU08TQ3D9-8cj2BpoxZQ-5WpS0kemVaNQyTmJNudob1pnDCOu5a4xwT2qNVB92CzI6LliBbBAq6S--ryKfK__trbO5CpbBVbYZkXsyhbhTGIbJkiw4IhkPIRVimFVQ7AJbgnjgsqvQEh3N4AlmSYJqN47PQ1wg4xRTuBMjs5HJTkG3gkEuSwWnnOYkMv0-BEy5SYLr6sjLyACy-ugyTcILrDxrJ-95qRKqicGVnzs533YT9-_W0HIJrb4rHRAjdZAhifwp8FCcwhWAAmQuGOrD0ewIirXF4MUfXbHAsAUGEBEZ1b8bbX0Kwv5LVoEZ1yiMekZbPTJKRW0AZjnt7LcaqtxQlc5NS3VM5U_3FFBkB0jGqejt16csb9U1Id-FjOl5v05w-M6izRWBhOGDUWa-uyP93eKChJsMhPBlpQcfKl1R0ogqquHHeqx_RZy6n0R0Lajcu-2_AntbnPWgTFWz4kbwM1TGNdjOfXO-s0UkOCpIoRbt7nMRCTE3nttZi8tMpT2qBxiH8R0urqm2uEWCEiYROjaNkGlIoDlqtaPN34MkbRh4wrITrv08N7r8QxTsWlVfyd603QLyuyl8qlbf2dnk5DjdAhmWUQjc5r-EOqj3t-bOZK9yE4qdOedWu5P7U5BMPUSslgkprcawvYjmKMMvK1PYvp3Qe5YJHRYgoMd_T-1q6PYO61R0VQ2rshIyGRTczjFid7lji9L-OZQ3meoXw1uBahPT4EUwG5AeVL-kF0UeNnje1K4JnT98sjfOYRmedzWaeMzPNQNarfpl-FwvUXYAtSi1izVsIE5kFdaBurV4rSWJpUTxl7NtFhXjkhKGdTz5awg0oeWwTjyauobGq-DiMUkO_6_qb3kFZ_NCtxte5OKrWUObwV7SdzBwj-a-xpQp52cJbm215j61N3NdOT9WB4UEuVhB0H5fYNCueQUaqJ5PmSYg4GbLQYO4KRmbkyJY8jD3qkKbesXM2J-5HSvU7W9OA_eWMGxflUFtW3E6LZamC1hcj3wyuC5jRREecnoi3PycRJ5X5nauCEUD3yOiecszBmSvAeq5C6vCDMBXDbTsWsR6irE3cxWmba1S0RuOjQipUylXchAN6n2yXKkEDA-8cjbcUCbY4pD6yS2mFIx-uHXlkuZvUan5nIldty0-8rCEznv4BA2J37YHMzxwZTEAd671nxxTc5eXMuCMKbhmfbo5YMY3HiwPgdfFClkwSbYwBrAw2Tai0tddRlYpHZ_H0VU9Xz4Rp_z9jfu_7ijq-Jnt5yvmPyAoASBjzGDKuRtI4laIzX3UJbViNM-IDMAj_AQC6yErB3PIramNLPMkfW8gXOgq3uabZBoPN-vnk_lSMbDR4gA-xcaIRGROG_plCQdMZdrmwPX6m0A0Wt5RYSb3_k4VK_h6iFxmOZ_y_-HlQkmQxqKF1kEQS23kNbhJEKeuuO2UXykLzP__50zgSmc-TLorZdfPaj_h3YTnMp3VmkALw-sTzl1bqGpMawt8oJt1aoLAb_MG1sWI3tEBchVtSAuclGs1uORPK9yockF8SrOk8woaZGgc7FHPqnWBx2j5W__-BCfXbaRbKLfLXLMM--Xo0xcoIhu-Uw_4V-9Sc-sv_ZZKk2OEfdqe7rTxErKzuiIGjMx_Xw67eidZ3d2JCITJYP8CJadJVx36k5RtrJ27hVf-QZt1pmwvgHDrt9XuvJPFC66V5j07ZA70MIEOAWMQFgwII-batBRCwQt4UZvpDcl_yuqiHLWiDPSJB4gNMvL5zwyalMnIROFgIzCghUQHpo_VLufcF1RrIFJhFaNXYqN1HAUW9jBmGKhURrpO7QGbu43SVmd5GY5KOZGfENcqG3qweEEZ88mlNZGQNHRFK6WOmgANxmrFQ1LMWfeMRw4M3Uu6V7U0aSNck7GVD-Kyx9o1tcqTo0aiHQfAg_Z1WuqQKOu--4BazteUl1JsbbL1gXyWEu9UoX2IVqBMUb9YRA4zbhU0qTCumCNs3MePlQduQxPYlOFIROqMaXJIfFr_j8fGc6HM3TlAEHOt5VFD3aP6uQ7ySP5WPgXDoR6RirxbW1tYUh6I0KGghxcIQ2jrkGoIhDLZ5WgPTf9O8QNvULfiOKbW09---thE7-SpMhM&cid=CAASJeRosXjOQMGKXA6-RQrimG-_85u2-xYUX0GnC1dkXole5Wx2a-8&rfl=2%2Chttps%253A%252F%252Fxn--80atb.net%252F%240

Requested by

Host: xn--80atb.net
URL: https://xn--80atb.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93fb5dbc01cf842637124a4543730b20ab94375ad8bb476b23f49c217d74e97a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4356309995287631&output=html&h=280&adk=258217118&adf=1121205982&pi=t.aa~a.329332565~rp.4&w=410&fwrn=4&fwrnh=100&lmt=1652640329&rafmt=1&to=qs&pwprc=5316912879&psa=0&format=410x280&url=https%3A%2F%2Fxn--80atb.net%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652666435138&bpp=1&bdt=754&idt=1&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df128d0cb8b2cad60-226cf9e795cd0007%3AT%3D1652666434%3ART%3D1652666434%3AS%3DALNI_MY97-E3xBNrnvyIOl4sakNcaLS7Ow&prev_fmts=0x0%2C362x280&nras=2&correlator=4252270126518&frm=20&pv=1&ga_vid=1676580250.1652666435&ga_sid=1652666435&ga_hid=1894430574&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1086&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C21066433%2C31060566%2C31067488&oid=2&pvsid=1347893098220694&pem=291&tmod=829330227&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=gHL576W8AA&p=https%3A//xn--80atb.net&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 02:00:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33674
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame B577 3 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 01:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 May 2022 01:40:04 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/ Frame B577 15 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220511/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 01:55:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6412
x-xss-protection: 0
server: cafe
etag: 1643562372680595834
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 May 2022 01:55:39 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B577 0
0 60ms
24ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQSdPNGzNPn2a46S0OsJr9_cQkjpXeh_lPqWiSL0eWjoybHrO2o-ppGzVBanyCdajO1vgI5B1HJmFYJwbcm_ma3DlNP1Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4356309995287631&output=html&h=280&adk=258217118&adf=1121205982&pi=t.aa~a.329332565~rp.4&w=410&fwrn=4&fwrnh=100&lmt=1652640329&rafmt=1&to=qs&pwprc=5316912879&psa=0&format=410x280&url=https%3A%2F%2Fxn--80atb.net%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652666435138&bpp=1&bdt=754&idt=1&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df128d0cb8b2cad60-226cf9e795cd0007%3AT%3D1652666434%3ART%3D1652666434%3AS%3DALNI_MY97-E3xBNrnvyIOl4sakNcaLS7Ow&prev_fmts=0x0%2C362x280&nras=2&correlator=4252270126518&frm=20&pv=1&ga_vid=1676580250.1652666435&ga_sid=1652666435&ga_hid=1894430574&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1086&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C21066433%2C31060566%2C31067488&oid=2&pvsid=1347893098220694&pem=291&tmod=829330227&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=gHL576W8AA&p=https%3A//xn--80atb.net&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B577 121 KB
37 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37626
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652269989122821"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 16 May 2022 02:00:35 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B577 42 B
63 B 47ms
46ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AZxlM346Xtk7MrRgnzI5K8t5WNvs7MTJz7lYsxxYwMtt-R8h8PRaJPLJNxJu-_3vsjFVCqzzVxLXPU0xbci0oYd6nscf_7nTnrpw_ylBBgVWFU0fQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 02:00:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E43D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEFc3YNfGQUmfCOvn7KCUE&google_cver=1

43 B
894 B

12ms
12ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEFc3YNfGQUmfCOvn7KCUE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGL7AjccBMAE&v=APEucNX_MvejV2ZCaFhgAO57X-Ktp0o53NuT1XLmjN-diMsaOxPEsJJmpMjAtghPBi0I8A6OMhdmdcE6RHrB0n1dPhVwkxxvY1F9BZjGru6JuLqA85eRHjJx3k0hvUf1KTD7vyub3ouCoy5dC7QHBHEwSxTb9C7Vw7Ggakl6XpSPAsOjdpQdxC4
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 May 2022 02:00:35 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 16 May 2022 02:00:35 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 May 2022 02:00:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEFc3YNfGQUmfCOvn7KCUE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E43D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YoGwQ7ZqSXZf5Hz5LOBrzwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEFc3YNfGQUmfCOvn7KCUE&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEFc3YNfGQUmfCOvn7KCUE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGL7AjccBMAE&v=APEucNX_MvejV2ZCaFhgAO57X-Ktp0o53NuT1XLmjN-diMsaOxPEsJJmpMjAtghPBi0I8A6OMhdmdcE6RHrB0n1dPhVwkxxvY1F9BZjGru6JuLqA85eRHjJx3k0hvUf1KTD7vyub3ouCoy5dC7QHBHEwSxTb9C7Vw7Ggakl6XpSPAsOjdpQdxC4
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 May 2022 02:00:35 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 16 May 2022 02:00:35 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 May 2022 02:00:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELEFc3YNfGQUmfCOvn7KCUE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E43D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG3V3V2NlAsqI0e1SnzsLmM&google_cver=1

43 B
1014 B

13ms
13ms

Image
image/gif

185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEG3V3V2NlAsqI0e1SnzsLmM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGL7AjccBMAE&v=APEucNX_MvejV2ZCaFhgAO57X-Ktp0o53NuT1XLmjN-diMsaOxPEsJJmpMjAtghPBi0I8A6OMhdmdcE6RHrB0n1dPhVwkxxvY1F9BZjGru6JuLqA85eRHjJx3k0hvUf1KTD7vyub3ouCoy5dC7QHBHEwSxTb9C7Vw7Ggakl6XpSPAsOjdpQdxC4

Protocol

HTTP/1.1

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 16 May 2022 02:00:35 GMT
X-Proxy-Origin: 37.58.58.251; 37.58.58.251; 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 90bf724e-9a4e-412e-9d90-bb0c7c750482
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 May 2022 02:00:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEG3V3V2NlAsqI0e1SnzsLmM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E43D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk2MTI5MjA0MzcwOTg1MDIwNg%3D%3D

170 B
243 B

24ms
24ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk2MTI5MjA0MzcwOTg1MDIwNg%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 02:00:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 16 May 2022 02:00:35 GMT
X-Proxy-Origin: 37.58.58.251; 37.58.58.251; 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b56547d3-ffe6-4585-92d0-b734fbdcad1a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk2MTI5MjA0MzcwOTg1MDIwNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_obb_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame B577 119 KB
42 KB 63ms
14ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Requested by

Host: xn--80atb.net
URL: https://xn--80atb.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 07:49:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65475
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42405
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 16 May 2022 07:49:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/ Frame B577 8 KB
3 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AlE2wVisAPj29uWYPo6wbGelisaIXOpqTW4vULqtjfltTNPk7S-2guxBaD35kL9EF2u1hyh9WA-1zY-Qs9ihwmDoeArvjwOmSJss8XjXBcO9E8McpvUKSkH7wi_mAsBNQ7zbmEuN6diP1SnjBGQHuAv4eqrQ&dbm_d=AKAmf-AMnT7Nfo7IHjha_tsxWZpfoO7ICXyfTj8SZ5FWu1uMlSafnwVyL2Mwy7u2soKHLFnFjIw63PXtT6IRWo1wLxRo73_ZWZX6xFL8hy83yRbZcQZRs5c9VyyjNPvYO4eKxRAj_fvNR4q9cPpSGaUqW4rEqV9hMFzQdA_mNmtJ2iy26r9dOWd7Z686tG_2tRGLZRqc0Y_p90uHyqCEincmjyvKCfSTEpw9OJOTf97JSoqW-T4MmbVF-i-0bfCra5xyX-KZCN1nMgCyI7LPYI971yQakyeSpAhIBoXnJQDY5uXU15g4oYipv5whM5jRbg8Cq7XNnWZBP395JFFTzcVRxPzS1bPS_JiMy2OFWpJmn_9MG-blfPR4U5BU_AxN-q3Eh5SmV1YI_H-2sxHuSuKtj9urW0lJ-KRByGSYvQKZ8QPARXzPkh_wtrfnIq825XlHnUu-AtqNfI0Em0Nzic8jeK9Tqfv3zNEmCd0zIne0EmqLp8D5FoUEecrufYUmLFqveG7A7Ym1Uir8DFjmxwMC6wPz71K5V7aqNOMm3iY-MQFTOljPTNWp7zz84TOzKk88ZvJ-HM-my4k6sMLClDHAGWSQPMI8j5_QzFaIP3M44OfgSy6S-_lSYMLXYiKNv7Fcu6GcAxJDu6bSR81GZ9Zs_PMaGRTNdV8_Wakev6RCWHtD-Nrwhl5mom8IN8w6J7D2g7CQAqzKFTWoElCM2tvWAgA3a2BbU3WeSs-T0oa0H7DmyiUGvTH7uEZFSEoLIoG4vlZUTQ7FmusxtMDOB_jzSqQJXFtldib9ILyyHxtEjKWV9afigGCBTruWQ3-cw101R5obznhejy4didrKEt5PNnzZlNlE8V4h9AOueeTaQVhPqMIABhapnoFoub-AnAEO7Qo8vX_nFW4I4yM8fZzvwxHiTzbQTR1MZ1c6gilOBrYSHNJLbG0Z0HLVTvV57K5SqLN-SLkpi1XKWuh4PHyHYVq52zEnPVYARWlRAuMu-R8Dcwkzl2ZbefSWGUMgoxIOHL9nyhh_O6JkShc5e9CUicb6e5C__KExZH_ArEhOqsfv_lwkn_eKTRpoaJqcXRPtPXljiBWLIhBCqixecXE_5D32lVOGr3X4lbzDdVKbDKJV_m7z3HxJUwFC6D2RwJyLEBVt26YMWj1oQjGVgLm2eLv5eQbRDc_HExC9l_WWxcGtPrkJOfEBDJhLTi59RX0wyKE--6B_v88Nsxt4YdXazi1-pFqm5NABezZ1efIwQR7P77376BKuPHnTiDO9VJxGYLxzuWEp22suyKupro2cbEekMzFEwzA11lizugrSjBeRbweXF7lhJcVhJB0mVkTqfG9SB0LNDu0Xzyha8OaWGw7eK3BQuMyU08TQ3D9-8cj2BpoxZQ-5WpS0kemVaNQyTmJNudob1pnDCOu5a4xwT2qNVB92CzI6LliBbBAq6S--ryKfK__trbO5CpbBVbYZkXsyhbhTGIbJkiw4IhkPIRVimFVQ7AJbgnjgsqvQEh3N4AlmSYJqN47PQ1wg4xRTuBMjs5HJTkG3gkEuSwWnnOYkMv0-BEy5SYLr6sjLyACy-ugyTcILrDxrJ-95qRKqicGVnzs533YT9-_W0HIJrb4rHRAjdZAhifwp8FCcwhWAAmQuGOrD0ewIirXF4MUfXbHAsAUGEBEZ1b8bbX0Kwv5LVoEZ1yiMekZbPTJKRW0AZjnt7LcaqtxQlc5NS3VM5U_3FFBkB0jGqejt16csb9U1Id-FjOl5v05w-M6izRWBhOGDUWa-uyP93eKChJsMhPBlpQcfKl1R0ogqquHHeqx_RZy6n0R0Lajcu-2_AntbnPWgTFWz4kbwM1TGNdjOfXO-s0UkOCpIoRbt7nMRCTE3nttZi8tMpT2qBxiH8R0urqm2uEWCEiYROjaNkGlIoDlqtaPN34MkbRh4wrITrv08N7r8QxTsWlVfyd603QLyuyl8qlbf2dnk5DjdAhmWUQjc5r-EOqj3t-bOZK9yE4qdOedWu5P7U5BMPUSslgkprcawvYjmKMMvK1PYvp3Qe5YJHRYgoMd_T-1q6PYO61R0VQ2rshIyGRTczjFid7lji9L-OZQ3meoXw1uBahPT4EUwG5AeVL-kF0UeNnje1K4JnT98sjfOYRmedzWaeMzPNQNarfpl-FwvUXYAtSi1izVsIE5kFdaBurV4rSWJpUTxl7NtFhXjkhKGdTz5awg0oeWwTjyauobGq-DiMUkO_6_qb3kFZ_NCtxte5OKrWUObwV7SdzBwj-a-xpQp52cJbm215j61N3NdOT9WB4UEuVhB0H5fYNCueQUaqJ5PmSYg4GbLQYO4KRmbkyJY8jD3qkKbesXM2J-5HSvU7W9OA_eWMGxflUFtW3E6LZamC1hcj3wyuC5jRREecnoi3PycRJ5X5nauCEUD3yOiecszBmSvAeq5C6vCDMBXDbTsWsR6irE3cxWmba1S0RuOjQipUylXchAN6n2yXKkEDA-8cjbcUCbY4pD6yS2mFIx-uHXlkuZvUan5nIldty0-8rCEznv4BA2J37YHMzxwZTEAd671nxxTc5eXMuCMKbhmfbo5YMY3HiwPgdfFClkwSbYwBrAw2Tai0tddRlYpHZ_H0VU9Xz4Rp_z9jfu_7ijq-Jnt5yvmPyAoASBjzGDKuRtI4laIzX3UJbViNM-IDMAj_AQC6yErB3PIramNLPMkfW8gXOgq3uabZBoPN-vnk_lSMbDR4gA-xcaIRGROG_plCQdMZdrmwPX6m0A0Wt5RYSb3_k4VK_h6iFxmOZ_y_-HlQkmQxqKF1kEQS23kNbhJEKeuuO2UXykLzP__50zgSmc-TLorZdfPaj_h3YTnMp3VmkALw-sTzl1bqGpMawt8oJt1aoLAb_MG1sWI3tEBchVtSAuclGs1uORPK9yockF8SrOk8woaZGgc7FHPqnWBx2j5W__-BCfXbaRbKLfLXLMM--Xo0xcoIhu-Uw_4V-9Sc-sv_ZZKk2OEfdqe7rTxErKzuiIGjMx_Xw67eidZ3d2JCITJYP8CJadJVx36k5RtrJ27hVf-QZt1pmwvgHDrt9XuvJPFC66V5j07ZA70MIEOAWMQFgwII-batBRCwQt4UZvpDcl_yuqiHLWiDPSJB4gNMvL5zwyalMnIROFgIzCghUQHpo_VLufcF1RrIFJhFaNXYqN1HAUW9jBmGKhURrpO7QGbu43SVmd5GY5KOZGfENcqG3qweEEZ88mlNZGQNHRFK6WOmgANxmrFQ1LMWfeMRw4M3Uu6V7U0aSNck7GVD-Kyx9o1tcqTo0aiHQfAg_Z1WuqQKOu--4BazteUl1JsbbL1gXyWEu9UoX2IVqBMUb9YRA4zbhU0qTCumCNs3MePlQduQxPYlOFIROqMaXJIfFr_j8fGc6HM3TlAEHOt5VFD3aP6uQ7ySP5WPgXDoR6RirxbW1tYUh6I0KGghxcIQ2jrkGoIhDLZ5WgPTf9O8QNvULfiOKbW09---thE7-SpMhM&cid=CAASJeRosXjOQMGKXA6-RQrimG-_85u2-xYUX0GnC1dkXole5Wx2a-8&rfl=2%2Chttps%253A%252F%252Fxn--80atb.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 01:57:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 May 2022 01:57:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/ Frame B577 25 KB
10 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220511/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 01:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9773
x-xss-protection: 0
server: cafe
etag: 14407402762925951128
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 May 2022 01:58:41 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B577 41 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 22:12:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13698
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 May 2023 22:12:17 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EC5E 1 KB
749 B 13ms
13ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72411
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Mon, 16 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B577 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cdfc0f8612992b3971bed5c716ad30bf8920413a01d9bec986db3eee34a5f37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D534 22 KB
8 KB 13ms
13ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 243492
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 13 May 2022 06:22:23 GMT
expires: Sat, 13 May 2023 06:22:23 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame EC5E 35 B
463 B 35ms
9ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBNK1bjDV9yqCYZb0HGD6g0&google_cver=1&google_push=AYg5qPInAZKFSwO1X6IXBz8v_Fr44Y7THdVkt_gOgK8Q1lpJFLXUkUhi7n44ey3vpoMqA5INOqEiF9mCE9tWNrulx5ay8jBQqg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 02:00:35 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame EC5E 43 B
356 B 59ms
18ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJo3X7Fau7M3rEkp83joj74&google_push=AYg5qPLRMjHELPVwdDgDcvltbSr1__6pyvr6dnVMtmK3KCFY8rH0pxDCagUj0On3J2LT0LJkqKNl5hjYKuThkDC5oZY_YYhxKAY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4356309995287631&output=html&h=280&adk=258217118&adf=1121205982&pi=t.aa~a.329332565~rp.4&w=410&fwrn=4&fwrnh=100&lmt=1652640329&rafmt=1&to=qs&pwprc=5316912879&psa=0&format=410x280&url=https%3A%2F%2Fxn--80atb.net%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652666435138&bpp=1&bdt=754&idt=1&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df128d0cb8b2cad60-226cf9e795cd0007%3AT%3D1652666434%3ART%3D1652666434%3AS%3DALNI_MY97-E3xBNrnvyIOl4sakNcaLS7Ow&prev_fmts=0x0%2C362x280&nras=2&correlator=4252270126518&frm=20&pv=1&ga_vid=1676580250.1652666435&ga_sid=1652666435&ga_hid=1894430574&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1086&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C21066433%2C31060566%2C31067488&oid=2&pvsid=1347893098220694&pem=291&tmod=829330227&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=gHL576W8AA&p=https%3A//xn--80atb.net&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 02:00:35 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame EC5E 43 B
350 B 50ms
18ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEOYHtI7so9mWpGjoe120KN8&google_cver=1&google_push=AYg5qPKHgycLdXZ-gF8R9eOHm0g7ltZJqTxmYiP2LQCTe8vxfLTh9venzdIBK7YsyUxgwvnpEJrXFo9m45eEqUWuNCEIn63Emw4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4356309995287631&output=html&h=280&adk=258217118&adf=1121205982&pi=t.aa~a.329332565~rp.4&w=410&fwrn=4&fwrnh=100&lmt=1652640329&rafmt=1&to=qs&pwprc=5316912879&psa=0&format=410x280&url=https%3A%2F%2Fxn--80atb.net%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652666435138&bpp=1&bdt=754&idt=1&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df128d0cb8b2cad60-226cf9e795cd0007%3AT%3D1652666434%3ART%3D1652666434%3AS%3DALNI_MY97-E3xBNrnvyIOl4sakNcaLS7Ow&prev_fmts=0x0%2C362x280&nras=2&correlator=4252270126518&frm=20&pv=1&ga_vid=1676580250.1652666435&ga_sid=1652666435&ga_hid=1894430574&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1086&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C21066433%2C31060566%2C31067488&oid=2&pvsid=1347893098220694&pem=291&tmod=829330227&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=gHL576W8AA&p=https%3A//xn--80atb.net&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 02:00:35 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 5o5vd94ilcp4h8je26f0a28tv7i8t3b7

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC5E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ex_cRKF4Sl-dExueCMJsLA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

24ms
23ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ex_cRKF4Sl-dExueCMJsLA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPILKFZHsuxLu29wK3td9bZepXm4ynUBaQq2esKsh1bw1GoaaMlEDWlfMLnR7kjPs1OL4wuKK-g_zGc5cp45gYlXf4_Q9w

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 02:00:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ex_cRKF4Sl-dExueCMJsLA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPILKFZHsuxLu29wK3td9bZepXm4ynUBaQq2esKsh1bw1GoaaMlEDWlfMLnR7kjPs1OL4wuKK-g_zGc5cp45gYlXf4_Q9w
date: Mon, 16 May 2022 02:00:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC5E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMo0UNLYvof6hX3X0f4vESA&google_cver=1&google_push=AYg5qPLx9xq_d2dci8jn7EZppxJbzB5DxbbEkOeOIYj1GO9kwkCoZOHnN_YmC0KeSYBZNB5v5rI...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM4MlhCODctMjEtSUJENw==&google_push=AYg5qPLx9xq_d2dci8jn7EZppxJbzB5DxbbEkOeOIYj1GO9kwkCoZOHnN_YmC0KeSYBZNB5v5rIzBK-GdaJWvrXaeklPedIeZg

170 B
188 B

24ms
24ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM4MlhCODctMjEtSUJENw==&google_push=AYg5qPLx9xq_d2dci8jn7EZppxJbzB5DxbbEkOeOIYj1GO9kwkCoZOHnN_YmC0KeSYBZNB5v5rIzBK-GdaJWvrXaeklPedIeZg

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 02:00:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDM4MlhCODctMjEtSUJENw==&google_push=AYg5qPLx9xq_d2dci8jn7EZppxJbzB5DxbbEkOeOIYj1GO9kwkCoZOHnN_YmC0KeSYBZNB5v5rIzBK-GdaJWvrXaeklPedIeZg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EC5E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBLKchIKFcjQiXKxs-CiiAk&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoGwQ7ZqSXZf5Hz5LOBrzwAABGcAAAIB&google_push=AYg5qPJ1zHwAowwVljsKsVRXPKgGWj2QnyXXTRGiEbYDgl1tzporCXX-d-doqDXvXQRcQHtRBcvHpbYh_zFxnskoOF...

170 B
188 B

28ms
23ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoGwQ7ZqSXZf5Hz5LOBrzwAABGcAAAIB&google_push=AYg5qPJ1zHwAowwVljsKsVRXPKgGWj2QnyXXTRGiEbYDgl1tzporCXX-d-doqDXvXQRcQHtRBcvHpbYh_zFxnskoOFyPipE3Cg&google_cver=1&google_gid=CAESEBLKchIKFcjQiXKxs-CiiAk

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 02:00:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 16 May 2022 02:00:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YoGwQ7ZqSXZf5Hz5LOBrzwAABGcAAAIB&google_push=AYg5qPJ1zHwAowwVljsKsVRXPKgGWj2QnyXXTRGiEbYDgl1tzporCXX-d-doqDXvXQRcQHtRBcvHpbYh_zFxnskoOFyPipE3Cg&google_cver=1&google_gid=CAESEBLKchIKFcjQiXKxs-CiiAk
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 458
Expires: Mon, 16 May 2022 02:00:35 GMT

GET
H2 200 trk
ag.innovid.com/ Frame EC5E 43 B
297 B 125ms
22ms Image
image/gif 2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESENXZxx_ZQPPhD6E2OGQKEGQ&google_cver=1&google_push=AYg5qPLAQOw839XDEJ0pTASbxnoxyKpfTY3gdmhBHHwFk6IO1ay3T5-3Q1LyYmP534iMfNP_Cb2tEOGJZnv-4H77j3pTqtQ03zc
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4356309995287631&output=html&h=280&adk=258217118&adf=1121205982&pi=t.aa~a.329332565~rp.4&w=410&fwrn=4&fwrnh=100&lmt=1652640329&rafmt=1&to=qs&pwprc=5316912879&psa=0&format=410x280&url=https%3A%2F%2Fxn--80atb.net%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1652666435138&bpp=1&bdt=754&idt=1&shv=r20220511&mjsv=m202205100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df128d0cb8b2cad60-226cf9e795cd0007%3AT%3D1652666434%3ART%3D1652666434%3AS%3DALNI_MY97-E3xBNrnvyIOl4sakNcaLS7Ow&prev_fmts=0x0%2C362x280&nras=2&correlator=4252270126518&frm=20&pv=1&ga_vid=1676580250.1652666435&ga_sid=1652666435&ga_hid=1894430574&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1086&ady=1450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C21066433%2C31060566%2C31067488&oid=2&pvsid=1347893098220694&pem=291&tmod=829330227&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=gHL576W8AA&p=https%3A//xn--80atb.net&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 02:00:35 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EC5E 0
12 B 67ms
21ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KjAv0pxHfVdR9liU4KQ_r6kCnlMgTZt9P0m6s6D-N0oFvU3fapqW37av-JD2N8AFTt_AXU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js Show response
pagead2.googlesyndication.com/bg/ Frame D534 35 KB
13 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 03:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 May 2023 03:41:15 GMT

GET
H3 200 mazda_300x250.html Show response
s0.2mdn.net/9208292/1648720984847/ Frame F58A 7 KB
2 KB 43ms
14ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9208292/1648720984847/mazda_300x250.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fd175e7c7e899a742a3325f60ac7aebf46fa3feb447226a316010b72a0fe707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 38525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 2510
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 15 May 2022 15:18:30 GMT
expires: Mon, 16 May 2022 15:18:30 GMT
last-modified: Thu, 31 Mar 2022 10:03:04 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B577 0
622 B 143ms
94ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstAPHVCyzrvY9V0KOs1mQzt-GRJTj2rf0IWWnzIZaFdvmrEwIk5I9r3R0IDdZG5kCiHo5xkOsK3vpReehs3FZYYd70Gb8ImaLY-re12gL2rfF1Z2EE3LuVkCtykrnG9VErWnXh2MlMvDsuBqYU2e_GyY8H3U673kwc5E_htWqTJmy5WIRNqHxXz9eOiwaivGPd_Y78qioT81ZfVVZ6RTYhyZVRd-OGrCYd7fisHbEhwU95faD48f7hMyjT-6ZcTEOth9wVnITa1CB5GS_gfaU9FlUHisC_yPAtOaklGBgdeDvb6LAkz_gtPtON0z2RN3B9wfVOFlonJ1wZVPhDxMipITZBdtgVkSet5mk3_KbgjSwY-aa5e_BSOwSTD2fWPGQAEgdoVHtl5ijhGQ3LoDV-WGXgsgv1bkxyq2PktXt4vRfNuEB0AA1hjKjLVR6GiWfaS_BJ8SZYMhjZl3HmyPX58EKuf83FPk4D3da2-DVwhahUm108gafjKw8GiTY0nfNfYoeZen-etqDm7XTX9G2Kzp9A52tYwbl6-tZUB5sVwwm0emo0JTSE7O3Gor3RgMalWwtGz2LyWUNDMaVk0wO4TMnAG6KVzBkykXTyvUqc4pHu3p5jMxqUj6bJSA1eCRf-MhM5Y3IXIIVGtPJYVLkcWCSHskJpte2MhIzVie3kpIAqWEM6U0S7qqhe94mjWBxILXzde7G5jOAyJm4BqFHS7cjh6gGOYgbDvdG5TknOQOXjARMCF9QgHjHZs5mkrGv8ZgitK_wb20Gn7BbsVJFXHg7CiHX_kR7HkrwNrDeF5HBqbaBc9poRLkWB6OUjBp-Yv_0josRmJ1VkpUHVgjFfUhEPIz2kelpZHhvAYNQwizkG97IqBqhvJ3dsjYoYrKw5zQe90rflx5ABGotj09Z0gLRP_w4w1HbqsELCJOPgLvg6ZgzXgp3CWqu3IwqpW9yI0N5z2A4z9k8x5GbwUefE74Z0fi_S5dne6-bPRJPg6D7JpJWwfdbh-NHVXGk_ileeTs-PPafzX0ff7-R5eH6eArQoybU_W1QQkkb6DNwYJi7ciTJN404Rp-d9-yKHCH1mB5WIL1j4iBQuPsmI5-QGj3-tcgToB40lTe5dCE9jI0SfRWY5cSV71QFmO5i3EkYA26nmZzGfF3uNIkfVI4omh5ZZiBtiQJJX6ynJVUR3PzOqz9sctD9o1KJoBmRZcBdK4LkeQtVZVbBtQORBTfFpKEedQYltgutE7h2i_L5vzZXWzSc61Dw0osCpvjY0DtlBpoL2pJ9sALpDkarTI6g&sai=AMfl-YRc1D472Cnr-PR7I6ZyYP2vCShWkuBU-vh-ERKx-VkIC-NprHlhLWjiZTb_lxRTvIOzsXyP2HC0uWDSxBrTOOj5H_yAgCj7Ixkr4Gu4g8vNMgyQCIdy-Mwl97h-MMP4b9wKK4R0IeKeDtyHT2bzt8kDZTgbHIz1nESwAd5szojm9Eqc4hep1AJKxiP3s7WguEnhMosfnj8VX--x8RhLoA4I&sig=Cg0ArKJSzM_SFs-6oN0XEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=93&cbvp=1&cstd=89&cisv=r20220511.01019&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: xn--80atb.net
URL: https://xn--80atb.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 16 May 2022 02:00:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame F58A 236 KB
63 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1648720984847/mazda_300x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9208292/1648720984847/mazda_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 16 May 2022 02:00:35 GMT

GET
H3 200 mazda_300x250.js Show response
s0.2mdn.net/9208292/1648720984847/ Frame F58A 52 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9208292/1648720984847/mazda_300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9208292/1648720984847/mazda_300x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3644356858a6fba55cec6771aa6d51ff9ec68089569bb9eeab10d62f3a1c3ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9208292/1648720984847/mazda_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 14:37:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40957
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9280
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 10:03:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 16 May 2022 14:37:58 GMT

GET
H3 200 bg_01.jpg
s0.2mdn.net/9208292/1648720984847/images/ Frame F58A 22 KB
22 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1648720984847/images/bg_01.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be8a4e352ef45cf528d903ebac4eba3dcfd009617c8e6427943d6b00b727e10d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9208292/1648720984847/mazda_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 14:37:41 GMT
x-content-type-options: nosniff
age: 40974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22078
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 10:03:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 16 May 2022 14:37:41 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B577 0
63 B 49ms
49ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstAPHVCyzrvY9V0KOs1mQzt-GRJTj2rf0IWWnzIZaFdvmrEwIk5I9r3R0IDdZG5kCiHo5xkOsK3vpReehs3FZYYd70Gb8ImaLY-re12gL2rfF1Z2EE3LuVkCtykrnG9VErWnXh2MlMvDsuBqYU2e_GyY8H3U673kwc5E_htWqTJmy5WIRNqHxXz9eOiwaivGPd_Y78qioT81ZfVVZ6RTYhyZVRd-OGrCYd7fisHbEhwU95faD48f7hMyjT-6ZcTEOth9wVnITa1CB5GS_gfaU9FlUHisC_yPAtOaklGBgdeDvb6LAkz_gtPtON0z2RN3B9wfVOFlonJ1wZVPhDxMipITZBdtgVkSet5mk3_KbgjSwY-aa5e_BSOwSTD2fWPGQAEgdoVHtl5ijhGQ3LoDV-WGXgsgv1bkxyq2PktXt4vRfNuEB0AA1hjKjLVR6GiWfaS_BJ8SZYMhjZl3HmyPX58EKuf83FPk4D3da2-DVwhahUm108gafjKw8GiTY0nfNfYoeZen-etqDm7XTX9G2Kzp9A52tYwbl6-tZUB5sVwwm0emo0JTSE7O3Gor3RgMalWwtGz2LyWUNDMaVk0wO4TMnAG6KVzBkykXTyvUqc4pHu3p5jMxqUj6bJSA1eCRf-MhM5Y3IXIIVGtPJYVLkcWCSHskJpte2MhIzVie3kpIAqWEM6U0S7qqhe94mjWBxILXzde7G5jOAyJm4BqFHS7cjh6gGOYgbDvdG5TknOQOXjARMCF9QgHjHZs5mkrGv8ZgitK_wb20Gn7BbsVJFXHg7CiHX_kR7HkrwNrDeF5HBqbaBc9poRLkWB6OUjBp-Yv_0josRmJ1VkpUHVgjFfUhEPIz2kelpZHhvAYNQwizkG97IqBqhvJ3dsjYoYrKw5zQe90rflx5ABGotj09Z0gLRP_w4w1HbqsELCJOPgLvg6ZgzXgp3CWqu3IwqpW9yI0N5z2A4z9k8x5GbwUefE74Z0fi_S5dne6-bPRJPg6D7JpJWwfdbh-NHVXGk_ileeTs-PPafzX0ff7-R5eH6eArQoybU_W1QQkkb6DNwYJi7ciTJN404Rp-d9-yKHCH1mB5WIL1j4iBQuPsmI5-QGj3-tcgToB40lTe5dCE9jI0SfRWY5cSV71QFmO5i3EkYA26nmZzGfF3uNIkfVI4omh5ZZiBtiQJJX6ynJVUR3PzOqz9sctD9o1KJoBmRZcBdK4LkeQtVZVbBtQORBTfFpKEedQYltgutE7h2i_L5vzZXWzSc61Dw0osCpvjY0DtlBpoL2pJ9sALpDkarTI6g&sai=AMfl-YRc1D472Cnr-PR7I6ZyYP2vCShWkuBU-vh-ERKx-VkIC-NprHlhLWjiZTb_lxRTvIOzsXyP2HC0uWDSxBrTOOj5H_yAgCj7Ixkr4Gu4g8vNMgyQCIdy-Mwl97h-MMP4b9wKK4R0IeKeDtyHT2bzt8kDZTgbHIz1nESwAd5szojm9Eqc4hep1AJKxiP3s7WguEnhMosfnj8VX--x8RhLoA4I&sig=Cg0ArKJSzM_SFs-6oN0XEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=211&vt=11&dtpt=118&dett=3&cstd=89&cisv=r20220511.01019&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: xn--80atb.net
URL: https://xn--80atb.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 May 2022 02:00:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B577 7 KB
5 KB 52ms
24ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

402d3d8a20168369aca57b0a6c4bdbf2501e180ba28527cc58df52d557461944

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 May 2022 02:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5396
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 53ms
26ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220511&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ca47b8279d5438d480b9f0d0394eef6590163037dcf07f9a4880e9f740edfb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 16 May 2022 02:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10464
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D534 0
20 B 50ms
49ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B04iWQ7CBYviMK9bI7gPqjbSYCQAAAAA4AeAEAg&bg=!fH-lfzvNAAZL3OSAa9w7ACkAdvg8WvO-RXFEfmuiQdc0urf3IxH9x_I5uWQfBallcSR5uNfDdBaM1QIAAABnUgAAAAFoAQcKAHShA8ZvBN_i4913RwUTEdG-mrylktEHx609CEeqUb4yxryXAg_tyOaB8LceJEHaMNq5IT15T6YolLSOGdK6vTQuPKTw_iZMyU7mPvwZmA2QinuPWIqSRUgjiiQmWedFMUeYM3FDai7cSj8UyL349VZ6NuYCiJkC5WbTqdEOpnw93cpu2tryA3kP6qyWn0QEjzFeRuyyriPACMpcuvXPa36aCrI4H3CDVUq0DZwx-OHiJtsjA6aC27NhfxnnCtEJS1soGy7TrIPD1vGqV1LmKGikfoULhJE5GX7Qmr9S3FF2Lma-CX2RxlwSd9Th7t0kOFVxkyBje6-uiacWqYhnRF4AjTzMzhxwlDhZbRYf4F-BGoCFpE-aGzX9IApwioSzFAilPZ90HGvynV1GyZRBK79oMRH837pq-yrUFlyUJ-NlR3vGV2AMLBz5LI6C401dCKftUSLCCgodXwiCHNz1aYwcWP5EzvkGpkXFyeLm8fMCq5gBLaLNPejJ14LZS6A_peTDStL4buaH1PSsN2gMaM36KfEbo5FKbBCpMKNkcWXnbX0zDZHdDweAy4CC7DP9KuYf-e5ktf7NAVl3eJhshKcLG-JSFqVTGZmA3tSxumkPt2WJn7qHVbmAHS3TXrym7g4_a7XUTPoZ3pb3uYjnMtaJC3RZ8XExa23G-dD9irtYLrqkyVn68ohTMbkVqa-JT_62Xw97GvaxqOOATnvHI2HniocoW2anBw1v6kKe109GVgbQlHqHp7QA59Ss14WAcM4yd3q90FeK-Nrs3RaiFD4SjkgRsbQ7AKGRXTtE-6_i3T9IfwLRqXb0IpOcMeqbPQOaQxaiZVfSUy3-telxpEzC_O7gMIwlqG77vWJ5qEv7uHXJQlIqesOzcoN8Q-LacL_tvIHGe117tJuCuj_zE9guadvsj1rL6xDcmRKg0_kNna3GDPBhq_OxisBIdXF7XKrcWTbvdi1Uzq9zweS8QtavnjMz8ngKzkqcaof53O3vOBv8QDBdfvT2GIUdcRYC4pGeRrcCgChKqFpUYBpqIm9MXSgO-VV4kMOS9eU_iAyfoO_dbWilAEacpxgJfjPzK6Gq9BAPpOCvo1Q27cj6MPK03vdBmwkW1Cw92cJ-PR-yUPSHWo1B9fPPr6ZzmQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 02:00:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bg_02.jpg
s0.2mdn.net/9208292/1648720984847/images/ Frame F58A 25 KB
25 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1648720984847/images/bg_02.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7670b5828f5ce9e52a1735a81bc7b7fc816326d111d8d1d3009ca3072fdc89a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9208292/1648720984847/mazda_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 14:37:42 GMT
x-content-type-options: nosniff
age: 40973
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25191
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 10:03:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 16 May 2022 14:37:42 GMT

GET
H3 200 bg_04.jpg
s0.2mdn.net/9208292/1648720984847/images/ Frame F58A 67 KB
67 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1648720984847/images/bg_04.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26263c884c28fc512fb6128b5fc7e39778cf09676c19bb4a818fdf4a406031cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9208292/1648720984847/mazda_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 14:37:42 GMT
x-content-type-options: nosniff
age: 40974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68257
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 10:03:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 16 May 2022 14:37:42 GMT

GET
H3 200 l.png
s0.2mdn.net/9208292/1648720984847/images/ Frame F58A 10 KB
10 KB 14ms
13ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1648720984847/images/l.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

413939ccacc672b52aba0bed5cd542c8f592942200a57a7d6fb1b4a4b31d8bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9208292/1648720984847/mazda_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 14:37:42 GMT
x-content-type-options: nosniff
age: 40974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10355
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 10:03:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 16 May 2022 14:37:42 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B577 17 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 16 May 2022 02:00:36 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 16 May 2022 02:00:36 GMT

GET
H3 200 logo.png
s0.2mdn.net/9208292/1648720984847/images/ Frame F58A 16 KB
16 KB 14ms
13ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9208292/1648720984847/images/logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e38423b55ffa87c8d9803d8c50f28bbb28086658b6ca3973d9849bcbd29fe45e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9208292/1648720984847/mazda_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 14:37:40 GMT
x-content-type-options: nosniff
age: 40976
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16349
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 10:03:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 16 May 2022 14:37:40 GMT

GET
H3 200 Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js Show response
pagead2.googlesyndication.com/bg/ Frame 96A0 35 KB
13 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 03:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 May 2023 03:41:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AC6C 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xn--80atb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12933
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 15 May 2022 22:25:03 GMT
expires: Mon, 15 May 2023 22:25:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E4D9 783 B
534 B 51ms
22ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

403adf1125c21c15210887523aeff2a4715032a7c9188fe98f7f45a69c75b91b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XTF04utIPgK_eU6mDzwrcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xn--80atb.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-XTF04utIPgK_eU6mDzwrcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 16 May 2022 02:00:36 GMT
expires: Mon, 16 May 2022 02:00:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js Show response
pagead2.googlesyndication.com/bg/ Frame AC6C 35 KB
13 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 03:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 15 May 2023 03:41:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E4D9 0
0 49ms
49ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220511&jk=1347893098220694&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AC6C 0
9 B 13ms
13ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?13AFnQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 02:00:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E0D6 42 B
64 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurEvSgWsoiayIxBYc3l6-1z0dMj6gKfKGoaqxk4i3UEmktjbhedH6mPcVf82AHejZItCBQS2Lx3X-1GMfLjexOxg&sig=Cg0ArKJSzCQh9QFXeCXuEAE&id=lidar2&mcvt=1001&p=0,0,280,362&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1821822062&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652666434811&rpt=521&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 02:00:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 3BC1 0
127 B 17ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 16 May 2022 02:00:36 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 377C 42 B
64 B 48ms
48ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbTqKOt3rwsXaGNvSYt4Bofy5Ji8RhkHEByfRslGHEqc4wHwBl-DvLJkZu1BE7HFxKPvRvGhukwYOzEu-qWkmoVZjjTATxGQwDSoEQtwwrTj2qImYEJrlV6SuS&sai=AMfl-YRoONzUGoxXDb-WshyhbYxCy9wMCSoCnWs8fXNJ0m0jf76Wabs9vFxgOBzEyp3VYe8D1p5KUOsmEkzC&sig=Cg0ArKJSzGTUZcrKYgEGEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=113,796,1000,1035,1204&tos=113,683,204,35,169&v=20220511&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652666435196&rpt=217&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 May 2022 02:00:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 53ms
53ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220511&jk=1347893098220694&bg=!6Oul66_NAAZL3OSAa9w7ACkAdvg8WlWLwNT7R7Xvo7wFfqabjBwIvRBPX0FPfbJTwyk6I6RuP6HocgIAAABtUgAAAAhoAQeZApn4y4EDivk0qlCLnC1XczroD0ctmT37i43ZMCZgfRwf7VnpcqE5kpy-hIDOaWBr_ODXt2Hhi_UWwLDlwpeULinYyiFVJk6RN95qTSlbOU8GnM2g95ArAa5jUm-ymRkMe_bkWtVtwIy9TkUlfIvTk5GeeKNj9AY7A4nD3GX-zCCoiTd_Nf1PvKLCifCoZtnMvB9h2E4xLvDmIfHdYXu2xMiRwwiAlGU60VyiP_66U1rqJQASWiUY2rT4mznpR25rZsNpxBKU593DABDFLVXDxCtfy1rheYUClAPUkQ9OJPSwydS3-_bXlamBrE69zJuArcFdZvI9HQLlKMpEZE7GmYDZNGcBEyKVCxkYJoDy8LzoeHIiZ0xGXrdxHlLQDerInxGbomUEsFg4hyOf1MGUiztEABYbl4UKlLzHPCQY3IlFte-kjWxrpIlb1SYAuXSqnLe0Z1Yt4Q-XQ4aX9DxaK-XPKeWjMpeXkvTG1BX2ef4UaHULYai1Lh3nUcfiWhfMCeRKYKglpUpMWvdDPFWE6WZ1GgdfaSVsz6CTjH7wzt1zpE4jWg_zL8fGRjERIdxiHnvqqm46OYhMuzfLHN8Hq1xYIad63anydJoAGHxySaOrdBQddhgNMi3bUPf7B56w5aA4BLiOsNQCNRN0-SJy47kxEzXLOVL4UUzaejrN9V5SCC7Wh9D-JkHO2TpQAGgEkw4JWZJ1RIPSMIsdnNRwNE79nJ5NlksqTBRU9y1Uam28HOsWHzfM6mdpAdre7rrjtoxp_UwRxZV78mw0PVwjikC702EcOPU7_hcJQ6286xLXrJHyO4zqTWjKclnsoBZCSeLy8o7RH2D5GPFMP3diSepzkPagjgMxk9MzKY2Mt9bH4MNjiQtLCBlwwA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xn--80atb.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xn--80atb.net/	1970-01-20 20:35:38	Name: _ga_8EXRVRK6GL Value: GS1.1.1652666434.1.0.1652666434.0
.xn--80atb.net/	1970-01-20 20:35:38	Name: _ga Value: GA1.2.1676580250.1652666435
.xn--80atb.net/	1970-01-20 03:05:52	Name: _gid Value: GA1.2.284128034.1652666435
.xn--80atb.net/	1970-01-20 03:04:26	Name: _gat_gtag_UA_211247320_1 Value: 1
.xn--80atb.net/	1970-01-20 12:26:02	Name: __gads Value: ID=f128d0cb8b2cad60-226cf9e795cd0007:T=1652666434:RT=1652666434:S=ALNI_MY97-E3xBNrnvyIOl4sakNcaLS7Ow
.doubleclick.net/	1970-01-20 12:26:02	Name: IDE Value: AHWqTUmOZhz4a7m2kJbv8LP2FyGvu8PcJRf7tKn-moqzHOvExPgGZw3wAEDtZE8JZf8
.adnxs.com/	1970-01-20 05:14:02	Name: uuid2 Value: 4961292043709850206
.casalemedia.com/	1970-01-20 11:50:02	Name: CMID Value: YoGwQ7ZqSXZf5Hz5LOBrzwAA
.casalemedia.com/	1970-01-20 05:14:02	Name: CMPS Value: 3195
.casalemedia.com/	1970-01-20 05:14:02	Name: CMPRO Value: 1127
.casalemedia.com/	1970-01-20 03:05:52	Name: CMST Value: YoGwQ2KBsEMA
.casalemedia.com/	1970-01-20 11:50:02	Name: CMRUM3 Value: 2d6281b0432760CAESELEFc3YNfGQUmfCOvn7KCUE
.adnxs.com/	1970-01-20 05:14:02	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaR^bl<6!1yIE`fS1ueD1W-044)d+]Uf/-.l4(oLss2Bo/reG+IMF@YBv<1wg<PlGzSTP(hw9P-HC_#u#W<)ea79
.quantserve.com/	1970-01-20 05:14:02	Name: d Value: EC0BCQGTJoEA
.quantserve.com/	1970-01-20 12:34:40	Name: mc Value: 6281b043-cc4a6-94cc7-2fa33
.pubmatic.com/	1970-01-20 03:05:52	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 05:14:02	Name: KADUSERCOOKIE Value: 7B1FDC44-A178-4A5F-9D13-1B9E08C26C2C
.innovid.com/	1970-01-20 05:14:02	Name: uuid Value: 40c71bbd-470d-4359-b208-de0b65dfd424-20220515 22:00:35

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/xn--80atb.net/client.json?source=jsmain Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/xn--80atb.net/client.json?source=jsinline Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220511/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-4356309995287631&fa=1&ifi=5&uci=a!5&btvi=2&xpc=HLmoZjyN18&p=https%3A//xn--80atb.net Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
ag.innovid.com
cat.fr.eu.criteo.com
cdn.ywxi.net
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
dsum-sec.casalemedia.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
rtb.fr.eu.criteo.com
rtb.openx.net
s0.2mdn.net
s3-us-west-2.amazonaws.com
secure-gl.imrworldwide.com
ssum-sec.casalemedia.com
static.criteo.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
xn--80atb.net
142.250.184.226
142.250.185.130
142.250.186.130
178.250.0.160
178.250.0.162
178.250.2.135
185.33.220.244
185.45.66.104
185.64.190.78
23.35.236.247
2600:9000:2057:b600:14:6bfc:5740:93a1
2600:9000:206f:ae00:1e:a43d:b640:93a1
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:800::200a
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a02:2638:1::3
2a02:2638::2
2a02:2638::b
2a05:d01c:1d8:8102:f0ed:1c59:fc65:f468
34.98.67.61
35.186.253.211
52.218.197.72
69.173.144.138
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
062d46b227ccfe76e8e216755c6bea6602eca606503fac2c17b26d502151a4de
08c9732005a18c069ac56e8416a9cdfe5a25e14266e4b199bf461efdd5e9bfad
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d3b3a3f34ffd3526eea2f77aebe34caa8e86c59002dfd89aa834b0986feeaa2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13b4b0098867c64fcc1c5d00a82706b4a14c5e7ca545e80e08bd0123d7d0487c
1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394
1e456f58d6067276c6256254a3b85639de34387f2e74b7a375148f054a7201ee
1ef564b89fc8b8baa6609f30535c85a5f7e793f16879169cbf7a8987fd85405d
26263c884c28fc512fb6128b5fc7e39778cf09676c19bb4a818fdf4a406031cd
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2b8de5854836eaf6ff8fb124a2ff0082d921deb863a2d7b151e18b7182e9ddff
2cf8702b2c326cdf37cf07528047c30b46c67fe23680fa7bfee134f8d716b0c5
3381b416ff59f92760b6087c1680287eddffabec2f918574a6cdc10124d6bda7
35ede4fde1511ab310a0042c5dd883130e46eec8144939ea42018beba4aaf50e
3644356858a6fba55cec6771aa6d51ff9ec68089569bb9eeab10d62f3a1c3ed0
402d3d8a20168369aca57b0a6c4bdbf2501e180ba28527cc58df52d557461944
403adf1125c21c15210887523aeff2a4715032a7c9188fe98f7f45a69c75b91b
40d4cb30d26c1301383bc7445dd80bf4e3279374d2ff74c771aa4c3db182358f
413939ccacc672b52aba0bed5cd542c8f592942200a57a7d6fb1b4a4b31d8bbd
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
43f9de164e18bdb46331e06833edb5db817094b479f9276157395a1fe70b1188
49aba63a177219c7547c53f31d8974c8aab29bf58acd414f2afb4602bb597dea
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c8133f9ff3d5ddfa526a8a06252211430b695a31b8a02cdbaf4e538a8080610
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd175e7c7e899a742a3325f60ac7aebf46fa3feb447226a316010b72a0fe707
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55116c79e34650467da74d03d5ef451cff3667e2a0dc9b0a5177b754cd1bd739
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c86b1be9e368e5e8f6df666149f73f91e057f7a38c3b74228ccc83b14065645
5efdbfc0b2ca2da54e59a89472d9262ab09d64237d87294439430638858b8bb3
60f8278b2706adb0674834fc7e8532f77dce39f7432b5b10c79050fb2cc1d93b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7
6a769936af844dea88b7d829670c48811b6ecc9f47575331da26fef27bcad3b8
6ad4a59149602ca1b8c56bf597726acfa8e67278fd04e5f63502d4e1776e3c03
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e82f77a5aff7e7354f849289a5e7da584996e9c4f883b5ecf50bc90e7710b35
772df963d8b9fd3e9277a6c8fda76f359f583053a48bccacf02472cd171410fc
79594a90580bfbfa578a563cf7b34e1ad1d54bec99451021aa9f7a392f1b1186
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7ca47b8279d5438d480b9f0d0394eef6590163037dcf07f9a4880e9f740edfb0
8159ddf3511a81365c561745abc43b890d1c126dc62a769d0bba67632b9f33ec
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
83b19de212ca6202b9339b9c3ad8b16c1775d34cc7663631c12cffbdcdacb8e1
863bd708065b32d071b55aceff66475036ec1d687db55b98d9c341e243c567d7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
9029e95b1d067186841899adaa38b2cbbbc24f56dadf8536f3a6d978a4256993
93fb5dbc01cf842637124a4543730b20ab94375ad8bb476b23f49c217d74e97a
965195159be784009cc31e4aff2505c066643cf8cdc99df7f56c2eab2abeda82
992e6395cebed89b062242353c0231dc071c6d93b4ece0bc33ac9818b7a41c38
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cdfc0f8612992b3971bed5c716ad30bf8920413a01d9bec986db3eee34a5f37
9e56d22c4c632bd0b72bbaf1fed2472ddb3707287435fe92bb00ec97f13ca8f9
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a17fb8522bf74cf6b5cb185b7f6c7523977c79fe051071bc0e38aa1f59b8174d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b3d59fd33bf6373ad0d1ce340b8f239c0a4e943e03d105bb9441ec7eac2206
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a9f2a909ac4d2fedc21a48f016776d87cf11297ffeba9755a6cf88694ecbbf28
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25e6de1d07250efb88580cd9c740677dbe3e8f5effd8816a319bf55b30cae25
b7670b5828f5ce9e52a1735a81bc7b7fc816326d111d8d1d3009ca3072fdc89a
ba2f047ad6fec52b469aaccf98c4778379da03bf5b93ffb3c5d8c4610b4126d7
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
be8a4e352ef45cf528d903ebac4eba3dcfd009617c8e6427943d6b00b727e10d
c07bb4bda3f5f667b6124138285cf123e527f4790ea2637989d210515d1dad7e
c10ad47bba38f141fea853b12712a7307c3f0a0a5573ed29f101daa1c35c579e
cac8cc840dd1954272503aea01859f5eab079ddfb08c1f1764bbdaf6a03c1fb6
cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db
cedff46494c3a2adb5426100a40d96d4147b3daa69435c4952e80a84f6235ee8
d1cd8fed65fbdff9ac11abbcc76e82500d345535c4c75ec715531b0a1e277e8f
dcda86e6b7471d29fe0cc8436f47e6192ed682d9ae708b180e0afbdfe543150a
e2dc0fcb9e5adf509cc0ce2492214c047251e22bf7b980f5eb1abd6cdb8026f8
e38423b55ffa87c8d9803d8c50f28bbb28086658b6ca3973d9849bcbd29fe45e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
ee01d40bfdd77aba5652b3ff93095712b618a6a2cc2637828bd875979cfe9cb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
f53136d93b874d5ba193020ce13caae15abba12c500047c98985c3334a5c8c42
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

xn--80atb.net Open in urlscan Pro Puny как.net IDN 185.45.66.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

137 Requests

95 %HTTPS

58 %IPv6

25 Domains

34 Subdomains

32 IPs

6 Countries

3330 kBTransfer

5624 kBSize

18 Cookies

0 Outgoing links

Page URL History

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

xn--80atb.net Open in urlscan Pro Puny
как.net IDN
185.45.66.104 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

95 %
HTTPS

58 %
IPv6

25
Domains

34
Subdomains

32
IPs

6
Countries

3330 kB
Transfer

5624 kB
Size

18
Cookies

137 HTTP transactions
3 data transactions