urlscan.io logo urlscan.io
SecurityTrails logo

5tl.co Open in urlscan Pro
66.29.137.12  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://5tl.co/
Effective URL: https://5tl.co/
Submission: On April 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 41 IPs in 4 countries across 25 domains to perform 106 HTTP transactions. The main IP is 66.29.137.12, located in United States and belongs to NAMECHEAP-NET, US. The main domain is 5tl.co.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 26th 2022. Valid for: a year.
This is the only time 5tl.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 66.29.137.12 22612 (NAMECHEAP...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 65.9.66.104 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 34.102.146.192 396982 (GOOGLE-CL...)
2 35.190.39.111 15169 (GOOGLE)
1 162.19.138.116 16276 (OVH)
1 52.209.248.17 16509 (AMAZON-02)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
1 178.250.1.11 44788 (ASN-CRITE...)
7 2607:f8b0:401... 15169 (GOOGLE)
1 64.233.167.156 15169 (GOOGLE)
2 34.98.64.218 396982 (GOOGLE-CL...)
1 3 52.19.186.154 16509 (AMAZON-02)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:1f13:800... 16509 (AMAZON-02)
2 172.217.16.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 34.240.116.202 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 142.250.186.98 15169 (GOOGLE)
106 41
8    66.29.137.12 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: business147-3.web-hosting.com
5tl.co
2    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)
live.demand.supply
4    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
imasdk.googleapis.com
6    2606:4700:20::681a:f7e (United States)

ASN13335 (CLOUDFLARENET, US)
platform.pubfuture.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2606:4700:20::ac43:4615 (United States)

ASN13335 (CLOUDFLARENET, US)
ip2geo.pubfuture-ad.com
7    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
11    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
2    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
10    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2250:8e00:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
1    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
1    52.209.248.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-248-17.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
2    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
5    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
7    2607:f8b0:4012:817::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    64.233.167.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f156.1e100.net
bid.g.doubleclick.net
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
3    52.19.186.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-186-154.eu-west-1.compute.amazonaws.com
unified.adsafeprotected.com
5    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:400e::6 (Ireland)

ASN15169 (GOOGLE, US)
r1---sn-5hnekn76.c.2mdn.net
1    2600:1f13:800:7780:6ced:2695:e964:6f1b (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
2    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
ade.googlesyndication.com
1    2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    34.240.116.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-116-202.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
1    2600:9000:223f:aa00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads4.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
24 googlesyndication.com
e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
ade.googlesyndication.com — Cisco Umbrella Rank: 317
218 KB
14 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
bid.g.doubleclick.net — Cisco Umbrella Rank: 986
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394
201 KB
11 gstatic.com
fonts.gstatic.com
csi.gstatic.com
78 KB
8 5tl.co
5tl.co
133 KB
6 adsafeprotected.com
unified.adsafeprotected.com — Cisco Umbrella Rank: 2095
dt.adsafeprotected.com — Cisco Umbrella Rank: 738
pixel.adsafeprotected.com — Cisco Umbrella Rank: 982
static.adsafeprotected.com — Cisco Umbrella Rank: 820
7 KB
6 pubfuture.com
platform.pubfuture.com — Cisco Umbrella Rank: 33897
11 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 322
110 KB
4 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1407
r1---sn-5hnekn76.c.2mdn.net — Cisco Umbrella Rank: 798962
s0.2mdn.net — Cisco Umbrella Rank: 373
2 MB
4 openx.net
oajs.openx.net — Cisco Umbrella Rank: 3166
google-bidout-d.openx.net — Cisco Umbrella Rank: 3148
us-u.openx.net — Cisco Umbrella Rank: 707
877 B
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
imasdk.googleapis.com — Cisco Umbrella Rank: 520
134 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 442
mug.criteo.com — Cisco Umbrella Rank: 1686
7 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 130
www.google.com — Cisco Umbrella Rank: 16
2 KB
3 pubfuture-ad.com
ip2geo.pubfuture-ad.com — Cisco Umbrella Rank: 56350
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
region1.google-analytics.com — Cisco Umbrella Rank: 1718
20 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4649
295 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1319
id5-sync.com — Cisco Umbrella Rank: 612
18 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1550
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1323
12 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
132 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 3353
8 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 763
13 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 474
1 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 3991
2 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 4083
2 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 5261
531 B
1 demand.supply
live.demand.supply — Cisco Umbrella Rank: 32910
106 25
Domain Requested by
10 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
5tl.co
imasdk.googleapis.com
10 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
8 5tl.co 1 redirects 5tl.co
7 csi.gstatic.com imasdk.googleapis.com
7 securepubads.g.doubleclick.net platform.pubfuture.com
securepubads.g.doubleclick.net
5tl.co
e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
6 platform.pubfuture.com 5tl.co
platform.pubfuture.com
5 googleads.g.doubleclick.net 1 redirects 5tl.co
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
3 unified.adsafeprotected.com 1 redirects imasdk.googleapis.com
3 ip2geo.pubfuture-ad.com platform.pubfuture.com
2 ade.googlesyndication.com
2 r1---sn-5hnekn76.c.2mdn.net
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 imasdk.googleapis.com e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com 5tl.co
e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
2 www.googletagmanager.com 5tl.co
www.googletagmanager.com
1 us-u.openx.net
1 googleads4.g.doubleclick.net
1 static.adsafeprotected.com
1 pixel.adsafeprotected.com 1 redirects
1 s0.2mdn.net
1 dt.adsafeprotected.com
1 gcdn.2mdn.net 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 bid.g.doubleclick.net imasdk.googleapis.com
1 mug.criteo.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 id5-sync.com cdn.id5-sync.com
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 live.demand.supply 5tl.co
106 45

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
pubfuture.com
plus.google.com
Subject Issuer Validity Valid
5tl.co
Sectigo RSA Domain Validation Secure Server CA		 2022-11-26 -
2023-11-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
demand.supply
Cloudflare Inc ECC CA-3		 2023-02-19 -
2024-02-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-20 -
2024-03-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-02-28 -
2023-05-29		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-02-25 -
2023-05-26		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-03-30 -
2023-06-28		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-03-20 -
2023-06-18		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
wrapper-vast.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-13 -
2023-11-15		 9 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-04-18 -
2023-06-27		 2 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://5tl.co/
Frame ID: DB01388206B5FAF18FB2B73D3B4431B0
Requests: 46 HTTP requests in this frame

Frame: https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0891753DD06904AF401DD205D2689C13
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BF292F9366325FAE96033E1F9F906405
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9687FE3EBF18274D65ECFDBED5FAB943
Requests: 2 HTTP requests in this frame

Frame: https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A510282ABD4FA17E19DFA277931146BB
Requests: 38 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=5tl.co
Frame ID: 2060CB898DC5A45FB58813D0372685BD
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Frame ID: 119E9ED921314C23947AC27728513FB7
Requests: 11 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: B0C6AB99DD86B2411A013BEB360B48A5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 74F1910DE4E0F95AF3106A75C72E08E5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

5tl.co Icon Generator

Page URL History Show full URLs

  1. http://5tl.co/ HTTP 301
    https://5tl.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

106
Requests

92 %
HTTPS

64 %
IPv6

25
Domains

45
Subdomains

41
IPs

4
Countries

3281 kB
Transfer

5194 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://5tl.co/ HTTP 301
    https://5tl.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56
  • https://oajs.openx.net/esp?url=https%3A%2F%2F5tl.co%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2F5tl.co%2F&rid=esp&cc=1
Request Chain 69
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=5tl.co&sn=ChromeSyncframe&so=0&topUrl=5tl.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=H6dYwXxON3NWb1E5dkFKTXhPSEZKS0ZjMG5sTWh1WktNWnl3c3RFdFZUNEZCb0pncUIyTVBUVjREUytXNzBaRE9qbHk5d014MHlVYXJuZGVFUUpIM3Jad2hyWFk4ZmVKakdhSjVuWndYc016ZkV6OWdaajhEb1RNOEZMM3JpQjYzdjRXaTdlWXRjSEFJbDd2OVVjZTk2YlRwcVV3R3dDWVFsTGFOM1RPaUs1YitaU1B3bU5vWFpYc3dPOVNoL3EzZndVUlhsM0NsRU9sYXU5SFNLMFBQQVJoSjdlL1ozYTIwY1V5SFZjc05MOFpkSjRic2ZQSGV0ckVZdGFabFkvRGo5UytqSGdERUhXVmV6L3dqamUzMEg2QTNGZz09fA&cppv=2
Request Chain 81
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 84
  • https://gcdn.2mdn.net/videoplayback/id/80f227aa56d197d0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820061459/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/6F1658F01E35B13EFA02217275E6B66DD90CC824.6175A2C422654F2DA8AA5A35441B9C66085864C7/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-5hnekn76.c.2mdn.net/videoplayback/id/80f227aa56d197d0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820061459/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/81CD46270E4A7059A1BD97023D0914500E054A2C.722EB4990D14161357ED162A9D98634CB2AA9AB1/key/cms1/cms_redirect/yes/mh/L_/mip/2a03:1b20:6:f011::4e/mm/42/mn/sn-5hnekn76/ms/onc/mt/1682403116/mv/u/mvi/1/pl/48/file/file.mp4
Request Chain 91
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU1RBUlQiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vZTczM2MxOTY1YmE4NWRiNDY3YTA0ZTYyMTQxNmQ5ZmQuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTEzNTc2MCIsImN1c3RvbTgiOiI3MDExMTAzOSIsInhzaWQiOiI3MmIxOTYxYS0wOWNiLTRmMzctYjI1Ny05NmExZjE3ZDA2NDYifSwidGltZXN0YW1wIjoiMDAwMS0wMS0wMVQwMDowMDowMFoiLCJoZWFkZXJzIjp7ImhlYWRlcjEyIjoiYWQuZG91YmxlY2xpY2submV0IiwiaGVhZGVyMyI6Ikdvb2dsZTIiLCJoZWFkZXI0IjoiNyIsImhlYWRlcjgiOiJpYXNvIiwiaGVhZGVyOSI6IiJ9LCJjYiI6IjE2ODI0MDM2NjEwNjcyNjk1NjYiLCJhZER1cmF0aW9uIjoyMTE1MDk4MTEyLCJpYXNTaW5nbGV0YWciOnRydWUsImlhc1NpbmdsZXRhZ091dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwifQ==&advEntityId=1135760&pubEntityId=70111039 HTTP 303
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=72b1961a-09cb-4f37-b257-96a1f17d0646&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Request Chain 96
  • https://pixel.adsafeprotected.com/rfw/st/1135760/70111040/skeleton.gif?xmtp=v&xmapp=0&xsId=72b1961a-09cb-4f37-b257-96a1f17d0646&bidurl=&ias_campId=&ias_pubId=&ias_placementId=&ias_chanId=&ias_dealId=&ias_impId=v4~~&ias_dspId=3&ias_creativeId=186247123&ias_xappb=&mon=70111040 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 98
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiyqqDRASABMAE&v=APEucNXh884obK1nE-l1Qyifiv1q33N7UqNDSGSBzAqsgeYCwWVzR6BhaKznypWDK5UucsfEanyicgUmE0aSnoT3_jSFxD8nuQ HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Request Chain 104
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiUVVBUlRJTEUxIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY1YTE0NWQwNjk2IiwiYmlkUmVxdWVzdCI6eyJzaXRlIjp7InBhZ2UiOiJodHRwczovL2U3MzNjMTk2NWJhODVkYjQ2N2EwNGU2MjE0MTZkOWZkLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20vIn19LCJjdXN0b20iOnsiY3VzdG9tMSI6IiIsImN1c3RvbTIiOiIyLjAiLCJjdXN0b20zIjoiMi4wIiwiY3VzdG9tNyI6IjExMzU3NjAiLCJjdXN0b204IjoiNzAxMTEwMzkiLCJ4c2lkIjoiNzJiMTk2MWEtMDljYi00ZjM3LWIyNTctOTZhMWYxN2QwNjQ2In0sInRpbWVzdGFtcCI6IjAwMDEtMDEtMDFUMDA6MDA6MDBaIiwiaGVhZGVycyI6eyJoZWFkZXIxMiI6ImFkLmRvdWJsZWNsaWNrLm5ldCIsImhlYWRlcjMiOiJHb29nbGUyIiwiaGVhZGVyNCI6IjciLCJoZWFkZXI4IjoiaWFzbyIsImhlYWRlcjkiOiIifSwiY2IiOiIxNjgyNDAzNjYxMDY2NzQ1MjM0IiwiYWREdXJhdGlvbiI6MjExNTA5ODExMiwiaWFzU2luZ2xldGFnIjp0cnVlLCJpYXNTaW5nbGV0YWdPdXRjb21lIjoiT1VUQ09NRV9NX19WQVNUX19PTUlEX19XRUJfUFhMIn0=&advEntityId=1135760&pubEntityId=70111039 HTTP 303
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=72b1961a-09cb-4f37-b257-96a1f17d0646&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D

106 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
5tl.co/
Redirect Chain
  • http://5tl.co/
  • https://5tl.co/
418 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5tl.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.12 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business147-3.web-hosting.com
Software
LiteSpeed / PHP/7.4.33
Resource Hash
370922fcd6aeb4e47e75707b7cc1bda7995038aeb2ee15b303500e271ba3eb04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 25 Apr 2023 06:20:57 GMT
referrer-policy
no-referrer-when-downgrade
server
LiteSpeed
strict-transport-security
max-age=31536000; includeSubDomains; preload;
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.33
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block

Redirect headers

content-length
707
content-type
text/html
date
Tue, 25 Apr 2023 06:20:56 GMT
keep-alive
timeout=5, max=100
location
https://5tl.co/
referrer-policy
no-referrer-when-downgrade
server
LiteSpeed
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-154204431-2
Requested by
Host: 5tl.co
URL: https://5tl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d6dfff923b46d4705d1650df7b0c64dcac37041a812baa68f563fded399a5843
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61888
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 25 Apr 2023 06:20:57 GMT
up.js
live.demand.supply/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/up.js
Requested by
Host: 5tl.co
URL: https://5tl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
css
fonts.googleapis.com/ 		2 KB
824 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: 5tl.co
URL: https://5tl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3e489dc2d66a5eb26bebc105a33cada80de03147fb2bd658df0ee128878cbf43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Apr 2023 06:20:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 06:08:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Apr 2023 06:20:57 GMT
font.awesome.min.css
5tl.co/assets/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://5tl.co/assets/css/font.awesome.min.css?v=1.1
Requested by
Host: 5tl.co
URL: https://5tl.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.12 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business147-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:57 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
6658
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 02 Oct 2017 03:49:42 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Tue, 02 May 2023 06:20:57 GMT
styles.css
5tl.co/assets/css/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://5tl.co/assets/css/styles.css?v=1.1
Requested by
Host: 5tl.co
URL: https://5tl.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.12 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business147-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
33f52aa85aa4b725f9eda78853221dc98f7232bfbab12bd66ba94f45e096da90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:57 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
2685
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 27 Nov 2017 06:27:38 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Tue, 02 May 2023 06:20:57 GMT
logo.png
5tl.co/assets/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5tl.co/assets/img/logo.png
Requested by
Host: 5tl.co
URL: https://5tl.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.12 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business147-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
c7bcbe6cf71bece30e619061ea4d9e43d23a68061fc310975d527cf270ef3efd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 05 Nov 2017 21:53:04 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
6947
x-xss-protection
1; mode=block
expires
Tue, 02 May 2023 06:20:57 GMT
6414758b83b4d7003f73a784.js
platform.pubfuture.com/v1/unit/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.pubfuture.com/v1/unit/6414758b83b4d7003f73a784.js?v=2
Requested by
Host: 5tl.co
URL: https://5tl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66e67974701ac0df9075048600e3367a89eb119154485be0312d16a3dc99cb3b
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:57 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
content-encoding
br
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
etag
W/"ab0-5RlPJUfxGNXHIUkjSHbDghP784k"
x-download-options
noopen
expect-ct
max-age=0
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Grq7FeSmZhYbT6V8%2BaPT%2FpyadXuJZI28a1B7E7YZ99kZoDs4fXmThK3Akgh4KMCdhXGZQLXUtpvqepo8b5mmaomrKxfWADIP7y%2Fv204wlUSib%2FVXwLTB%2BHlFCl3zyBXbgoXm4QT1NxuDAIkq1Q32aMxU0s%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=7200
vary
Accept-Encoding
cf-ray
7bd47baa682d9a3f-FRA
64177ffc55ee06003edbda88.js
platform.pubfuture.com/v1/unit/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.pubfuture.com/v1/unit/64177ffc55ee06003edbda88.js?v=2
Requested by
Host: 5tl.co
URL: https://5tl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37e7f6626a888c507784290a2a80b6bc5d3b6a3c452c7909c93e487f63ca4266
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:57 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
content-encoding
br
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
etag
W/"ab0-XdXU49VtkJCvM2cSeMhVYvB0VaY"
x-download-options
noopen
expect-ct
max-age=0
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bd1FUutBAra9vIGjpVCxvjmr4QBAlO8Qlcke4kTbQt5hCfjxwjrJ9rcJN6k58b402aoffIdObDMEiHJj3LAS6Cc1ViSWv9lUgpjdtqQOqMmVBa6BZXAHHP%2BzsqBUTn%2FSwOMhktQhRXg3bzELXzulhe8Bw%2Bs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=7200
vary
Accept-Encoding
cf-ray
7bd47baa682f9a3f-FRA
js
www.googletagmanager.com/gtag/ 		199 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SNYTJ8BZG2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-154204431-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c9f92c3f54bf8059312e153fad1d3d37b9ea69c2a320b729a3d4b3e9ccd9f18e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73195
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 25 Apr 2023 06:20:57 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-154204431-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 25 Apr 2023 04:35:44 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6313
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 25 Apr 2023 06:35:44 GMT
641418f935ea00003e8e81b9.js
platform.pubfuture.com/v1/unit/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.pubfuture.com/v1/unit/641418f935ea00003e8e81b9.js?v=2
Requested by
Host: 5tl.co
URL: https://5tl.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
248605f0d852da73ae86c5166c6afa464655280a26dd334709a32516a98794f8
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:58 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
content-encoding
br
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
etag
W/"ab0-PY2t0kB57yHgXOfe9MEMq5hjcig"
x-download-options
noopen
expect-ct
max-age=0
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBqf%2FQRBaLAGcJOFgH0RoNXwr9%2FsY%2BBhd5vE0hwLQ0vwrVhj38OQBOBsXuYOrfVMQv4ieNX7v3Ks2R0sZwzDiUbPaPrSVdk0IG%2ByWYQ8SA3yAPky0TzJU0EqzFVgQXddZvHneqw7WO%2BnCTqADx3ybTRuSeA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=7200
vary
Accept-Encoding
cf-ray
7bd47babea0a9a3f-FRA
javascript.js
5tl.co/assets/js/ 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://5tl.co/assets/js/javascript.js?v=1.1
Requested by
Host: 5tl.co
URL: https://5tl.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.12 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business147-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
e2d2673008c785b764d87c803ea8a15253ae49bba2fc380f9a405541efd69af7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:57 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
2079
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 27 Nov 2017 07:43:14 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Tue, 02 May 2023 06:20:57 GMT
icon.sort.js
5tl.co/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://5tl.co/assets/js/icon.sort.js?v=1.1
Requested by
Host: 5tl.co
URL: https://5tl.co/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.12 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business147-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
9cef2b50897e94dd4efdbc63576448230d6f1dde3b41e9e70fbeffe73450df41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:57 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload;
content-length
647
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 27 Nov 2017 06:22:24 GMT
server
LiteSpeed
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Tue, 02 May 2023 06:20:57 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://5tl.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options
nosniff
age
360934
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Apr 2024 02:05:23 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://5tl.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 20:50:36 GMT
x-content-type-options
nosniff
age
34221
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Apr 2024 20:50:36 GMT
fontawesome-webfont.woff2
5tl.co/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://5tl.co/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: 5tl.co
URL: https://5tl.co/assets/css/font.awesome.min.css?v=1.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.137.12 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business147-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://5tl.co/assets/css/font.awesome.min.css?v=1.1
Origin
https://5tl.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload;
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 02 Oct 2017 03:49:40 GMT
server
LiteSpeed
x-frame-options
SAMEORIGIN
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
77160
x-xss-protection
1; mode=block
expires
Tue, 02 May 2023 06:20:57 GMT
collect
region1.google-analytics.com/g/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-SNYTJ8BZG2&gtm=45je34j0&_p=748924256&cid=521576883.1682403658&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682403657&sct=1&seg=0&dl=https%3A%2F%2F5tl.co%2F&dt=5tl.co%20Icon%20Generator&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SNYTJ8BZG2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:20:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://5tl.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=748924256&t=pageview&_s=1&dl=https%3A%2F%2F5tl.co%2F&ul=en-us&de=UTF-8&dt=5tl.co%20Icon%20Generator&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2110559136&gjid=945250440&cid=521576883.1682403658&tid=UA-154204431-2&_gid=87386830.1682403658&_r=1&gtm=457e34j0&jsscut=1&z=1286039450
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://5tl.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:20:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://5tl.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
detail
ip2geo.pubfuture-ad.com/ 		41 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ip2geo.pubfuture-ad.com/detail
Requested by
Host: platform.pubfuture.com
URL: https://platform.pubfuture.com/v1/unit/64177ffc55ee06003edbda88.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
138912753d1ddbbdec5599576e7f4c08034e97020f2d1cfb366c76a614923472
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:58 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
content-length
41
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
etag
W/"29-6hmZ5Zz8DsCWlkbs/nP8geTaE1s"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7iDXcWkzwCbDvouIcpaCaI8KxRx9Geh75GsWX%2FEXfIIKhDfgLHv3%2BuF5nneddUieI3Uw28YE21QsXj525Eu957XmZVo%2B6KAamrE3KFAqost8pM%2FOv9k2aostPe%2BUUSjWWhBxj2DTJZqhZc4knX0uUDI9XJQ"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-download-options
noopen
cf-ray
7bd47bae5cdabb83-FRA
detail
ip2geo.pubfuture-ad.com/ 		41 B
911 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ip2geo.pubfuture-ad.com/detail
Requested by
Host: platform.pubfuture.com
URL: https://platform.pubfuture.com/v1/unit/6414758b83b4d7003f73a784.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
138912753d1ddbbdec5599576e7f4c08034e97020f2d1cfb366c76a614923472
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:58 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
content-length
41
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
etag
W/"29-6hmZ5Zz8DsCWlkbs/nP8geTaE1s"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyZ04lmuh7wRpmEE1pAv8bE6fgUmm3buAqBWopI9eGDnkEFtYq4bOdnYUyrdsi1DbRHKGHujcqHJYmTPgUIWP3IZ4oqIDhArjF8OpwcZMjdsnwTeMomG4lq4NPDfFE39KGnFVXAOj9BhCl8OhK83hqq0fmBu"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-download-options
noopen
cf-ray
7bd47bae5cddbb83-FRA
6414758b83b4d7003f73a784.js
platform.pubfuture.com/v1/config/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.pubfuture.com/v1/config/6414758b83b4d7003f73a784.js?v=6&ip=MmEwMzoxYjIwOjY6ZjAxMTo6NGU=&cc=&c=&d=ZGVza3RvcF93aW5kb3dz&s=NXRsLmNvLw==
Requested by
Host: platform.pubfuture.com
URL: https://platform.pubfuture.com/v1/unit/6414758b83b4d7003f73a784.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
884c3e2125e06b86988da48a23a7776ca215c5ec0e9245d5854df7639afb011e
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:58 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
content-encoding
br
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
etag
W/"f92-v0Lgly8Pq6u77kKml41Dqz5ZVJI"
x-download-options
noopen
expect-ct
max-age=0
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IBXHuwiv4ZQzS23uh3OhaJ9ee0fuRiNCSYZiZoZ2S92PrLhxiKdj5memTXLg%2Bx4fEr6U6w%2BIRhBJGZLRa5HO5qUQCwOt1%2BztcIKgYqFQtYbHxp7aTUsCtqgxeRkZpgX%2BSj9hWoeQRgbey%2Fhl4tQNLgmAGNQ%3D"}],"group":"cf-nel","max_age":604800}
vary
Accept-Encoding
cf-ray
7bd47baf0d929a3f-FRA
64177ffc55ee06003edbda88.js
platform.pubfuture.com/v1/config/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.pubfuture.com/v1/config/64177ffc55ee06003edbda88.js?v=6&ip=MmEwMzoxYjIwOjY6ZjAxMTo6NGU=&cc=&c=&d=ZGVza3RvcF93aW5kb3dz&s=NXRsLmNvLw==
Requested by
Host: platform.pubfuture.com
URL: https://platform.pubfuture.com/v1/unit/6414758b83b4d7003f73a784.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e1a4694a21c5873f6cf51553add41b5dbbe8c3cab1bec1ed01b110870176fb1
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:58 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
content-encoding
br
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
etag
W/"6a3-wDjmoHGtXHxeX6IL0uX1z7PPSRo"
x-download-options
noopen
expect-ct
max-age=0
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FL9oo3KmbuqHgjqWSvwf0j34T0UthWI9SQPqctdgDvcITeQvJyD1UZ82mLoCi4%2BgbTnXwiJGwjGh3r9SkuA15xYxfCfOhy0vi%2FlTysME5%2BhEN5%2Fp14SA8EGaaVuqgZuNaWY%2B2kOLkLTq2aaU%2Bu7i6r3Vfk%3D"}],"group":"cf-nel","max_age":604800}
vary
Accept-Encoding
cf-ray
7bd47baf0d959a3f-FRA
detail
ip2geo.pubfuture-ad.com/ 		41 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ip2geo.pubfuture-ad.com/detail
Requested by
Host: platform.pubfuture.com
URL: https://platform.pubfuture.com/v1/unit/641418f935ea00003e8e81b9.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4615 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
138912753d1ddbbdec5599576e7f4c08034e97020f2d1cfb366c76a614923472
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:58 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
content-length
41
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
etag
W/"29-6hmZ5Zz8DsCWlkbs/nP8geTaE1s"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kd5G4OMt40eg2muXJH4vXdCenCdc%2Fmsz3aBX3PPzgH0q%2FR1YWxXPG1Vf85U2aOkPLV5iD2le4pmHxYgpBGt2CSVhdrCkfno%2BfajZ90UhfrndPXyZVLXwxwTE2Qm0Dj0DSyvRT2lUoHncrhb4OE4SeAj1%2FTNz"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-download-options
noopen
cf-ray
7bd47baf3defbb83-FRA
641418f935ea00003e8e81b9.js
platform.pubfuture.com/v1/config/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.pubfuture.com/v1/config/641418f935ea00003e8e81b9.js?v=6&ip=MmEwMzoxYjIwOjY6ZjAxMTo6NGU=&cc=&c=&d=ZGVza3RvcF93aW5kb3dz&s=NXRsLmNvLw==
Requested by
Host: platform.pubfuture.com
URL: https://platform.pubfuture.com/v1/unit/641418f935ea00003e8e81b9.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69e84295bd7e0e9d61c2fac5092c97b027ab2b1fb7748298ffa914ca4661da5d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:58 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
content-encoding
br
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
etag
W/"f92-TwFOhHqeB9IZt8XUfK5d7Vs/Jn0"
x-download-options
noopen
expect-ct
max-age=0
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJD3xs31vNCHhETx0WTNvrCmhy7yEoWM4i5pG%2FbRENJ66Z76rsWF%2B8kISS49eifIKpNPmRaSov6zZCjuXeHUCJKS%2BwZPOkvhsGrwE1quJQLtUwJnzzA2CTl2UopKXEuAbpPNIbdiljj0l6kZduK%2FHq4PA1Y%3D"}],"group":"cf-nel","max_age":604800}
vary
Accept-Encoding
cf-ray
7bd47bafee769a3f-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: platform.pubfuture.com
URL: https://platform.pubfuture.com/v1/config/6414758b83b4d7003f73a784.js?v=6&ip=MmEwMzoxYjIwOjY6ZjAxMTo6NGU=&cc=&c=&d=ZGVza3RvcF93aW5kb3dz&s=NXRsLmNvLw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
783617215dc450fd761967c44c30897316f0abc179dbb8c1f953ac10e18aed66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25012
x-xss-protection
0
server
cafe
etag
456 / 19472 / m202304190101 / config-hash: 14056978138630577265
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 25 Apr 2023 06:20:58 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/ 		400 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c470984efff845d5290f15d3a01552b4bff15c1e40a48c944233a5bc5f69539
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 13:37:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
60214
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127052
x-xss-protection
0
server
cafe
etag
14196522953641333499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 23 Apr 2024 13:37:24 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		4 KB
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=5tl.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1384d851b9d8179970b82c0644eec58294418b27c72040de54c7ba5b007023c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
639
x-xss-protection
0
expires
Tue, 25 Apr 2023 06:20:59 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=5tl.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=5tl.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		72 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1577478479124638&correlator=2420974916674228&eid=31072019%2C31074094&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fif&iu_parts=21849154601%3A22880119382%2CAd.Pub-336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=1&adks=1182238343&didk=3183666648&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1682403659123&lmt=1682403659&dlt=1682403657226&idt=1842&adxs=632&adys=84&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F5tl.co%2F&frm=20&vis=1&psz=336x0&msz=336x0&fws=4&ohw=336&ga_vid=521576883.1682403658&ga_sid=1682403659&ga_hid=748924256&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8e99d098c8ffc3b1dd929d14db27978911b160058f6faa0abdd675daec2e872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:21:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23222
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://5tl.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1577478479124638&correlator=2420974916674228&eid=31072019%2C31074094&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fif&iu_parts=21849154601%3A22880119382%2CAd.Pub-970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=2&adks=3260131703&didk=1249234844&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1682403659134&lmt=1682403659&dlt=1682403657226&idt=1842&adxs=315&adys=23249&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F5tl.co%2F&frm=20&vis=1&psz=970x0&msz=970x0&fws=4&ohw=970&ga_vid=521576883.1682403658&ga_sid=1682403659&ga_hid=748924256&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38b6c04145f5c33841c1602a6d9279784150245bd8ae0292f519565d65bb4460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:21:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11486
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://5tl.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0891 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5tl.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 06:20:59 GMT
expires
Wed, 24 Apr 2024 06:20:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304190101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c0860d17db8821c8945009eea691f7acb265e347982e3b40ddf7d0815001ea1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11293
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:20:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 25 Apr 2023 06:20:59 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BF29 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5tl.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
47067
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Apr 2023 17:16:32 GMT
expires
Tue, 23 Apr 2024 17:16:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9687 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a633ccaa98268cecd73a6c1623a34bbb7a9959b2239001f406ffc4db44c76af8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--vUSWgOzlJlcB9RfB1UjWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://5tl.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce--vUSWgOzlJlcB9RfB1UjWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 06:20:59 GMT
expires
Tue, 25 Apr 2023 06:20:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
pagead2.googlesyndication.com/bg/ Frame BF29 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 19:48:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
37950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14264
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Apr 2024 19:48:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9687 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304190101&jk=1577478479124638&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame BF29 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4ShGdQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:21:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
151183b7c5a4eca87f4f4fd9eb9f7916df6273c076d99f7375b312eea9d21860

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 05:21:50 GMT
via
1.1 google
age
3550
x-guploader-uploadid
ADPycdtCGi46w7PI2xDDYKqAZlhyqpR8U6Bi9dOTo5YFfOj-9VWvKj2KjmFLSV31D1ZtG_MtDkr5G5Q4XBDz7QdTb4g7pA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1981
last-modified
Tue, 25 Apr 2023 00:45:51 GMT
server
UploadServer
etag
"1b91e5a24687ee19f986e0bb17837242"
x-goog-generation
1682383551914218
x-goog-hash
crc32c=qbsSIQ==, md5=G5HlokaH7hn5huC7F4NyQg==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1981
accept-ranges
bytes
expires
Tue, 25 Apr 2023 06:21:50 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 03:48:15 GMT
content-encoding
gzip
via
1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 22:36:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
9166
x-amz-server-side-encryption
AES256
etag
W/"4fd6c99ca40fed5d11cbd9e1b76a92f1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
B2z3yfsU31zjYwUf5pIui5RHooWJlHYGFVH1v0QpiIs4YjqA_-HfQg==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:8e00:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 02:50:38 GMT
Via
1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 04:07:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
12623
x-amz-server-side-encryption
AES256
ETag
"aded621b17723f487b3c9d0e43cf2f94"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1859
X-Amz-Cf-Id
appOijaJNLuqZE_bkEMKIo2lkv-Gtd-imD047pW1mJkNPYWZ2OK__w==
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:21:00 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
WVEVWQFRYGXG0000
age
3139
etag
W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7bd47bbd7de85c62-FRA
x-amz-id-2
I0tGbso3F7NZy/1ACoyKVj/S14r7H+6icbah9QXUr90NJ6bGU/gfGhKyBaYndCNrXH/E+K9HzQw=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 25 Apr 2023 06:21:00 GMT
x-content-type-options
nosniff
age
19254
x-jsd-version
master
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
732
x-served-by
cache-fra-eddf8230089-FRA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:21:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-9c21"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 26 Apr 2023 06:21:00 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 19:45:58 GMT
content-encoding
gzip
age
383702
x-guploader-uploadid
ADPycdu0ofEeAAYzdW5Z96wZyLXgm23ax7D6-P-kRrnYYyzN40_lI7nGf6iRwNhdTCtUf4jMUk4Ic8OfTq9SQAz3Ia2XKw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Fri, 19 Apr 2024 19:45:58 GMT
container.html
e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A510 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5tl.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 06:20:59 GMT
expires
Wed, 24 Apr 2024 06:20:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/ Frame A510 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/abg_lite_fy2021.js
Requested by
Host: e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
URL: https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 16:42:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
49122
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8535
x-xss-protection
0
server
cafe
etag
13968503839060854674
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 May 2023 16:42:18 GMT
css
fonts.googleapis.com/ Frame A510 		8 KB
835 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
URL: https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
66c84fd2e855f7f8795d82db9f5aacc7b3752200f492850aac5cda6eddad7fd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Apr 2023 06:21:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 05:08:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Apr 2023 06:21:00 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/ Frame A510 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.css
Requested by
Host: e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
URL: https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c317a678c440afae34736fd8d13a0a28f7f21fdfb351a94f33c7f2abb2560ed8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 12:18:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
410541
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2819
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 20:21:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Apr 2024 12:18:39 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/ Frame A510 		379 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Requested by
Host: e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
URL: https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
231de18b8d42e355897c3c550df71a0e4c19593ba51070a130ee9f307a70c441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 16:40:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
222019
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132560
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 20:21:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 16:40:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/ Frame A510 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230420/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
URL: https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 21:21:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
32355
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8104
x-xss-protection
0
server
cafe
etag
11444945707709536616
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 08 May 2023 21:21:45 GMT
encrypt
esp.rtbhouse.com/ 		201 B
295 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
a6adb5ad923144451ab8e65cceb765fc2d0764a9e2e3f55c3fca508bcbcefecc

Request headers

Referer
https://5tl.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Apr 2023 06:21:00 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
5842342046ea87a1be4bb52d5465633e
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://5tl.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://5tl.co
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 25 Apr 2023 06:21:00 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
bc76574aeb573f4c0e53ad118d964a7c
increment
id5-sync.com/api/esp/ 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://5tl.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://5tl.co
date
Tue, 25 Apr 2023 06:20:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
map
bcp.crwdcntrl.net/6/ 		60 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.248.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-248-17.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b67bf926bad750011a6b3c26c275bda34a002912d07b7728cd05bbc42d50ca2b

Request headers

Referer
https://5tl.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:00 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://5tl.co
cache-control
no-cache
x-server
10.45.10.33
access-control-allow-credentials
true
content-length
60
expires
0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2F5tl.co%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2F5tl.co%2F&rid=esp&cc=1
85 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2F5tl.co%2F&rid=esp&cc=1
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
bb973e494c73a4c20a8430310fdff5a6706c980e35defc2d0fe26aec22567660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:21:00 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-CRcbUQWyuD7LgqR0uUa9dAnKeDM"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://5tl.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 25 Apr 2023 06:21:00 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://5tl.co
location
/esp?url=https%3A%2F%2F5tl.co%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
syncframe
gum.criteo.com/ Frame 2060 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=5tl.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://5tl.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 25 Apr 2023 06:21:00 GMT
server
Kestrel
server-processing-duration-in-ticks
359255
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304190101&jk=1577478479124638&bg=!zM-lz5vNAAYfNdXmPzU7ADkAdvg8WrKLPazyV7ZhZsjaIyb7rCqhPJ9nPyaWZ3TcB_z_nKW7LLq0UqFkQIEr0MQFzIl9eLWNIC0CAAAAr1IAAAAGaAEHmQLa02X0zQJOOxLWH2alrRLWrknbaG-mgXiI2vbnEL82014GagR-eahFq1YKV70scoBK8hIT_u-jhX8DzP7RTsv9NEdu7Ru_r5W-aWcjZ8bRpnu8D7G6ygAPPvPM29gqv0T-S_ANvLSvhGB394pZfadY6rkINSzqRyqGrc_kZqNY8dTfWcqQxhljsC5UMv3uSbjO7vBhCsRQnJF2xz2mNZzhlsopg2eU8_WSjR0pBj3ggcOoObxDNK0GUj0EvS9dKcqS87au1qmatqADYi6zfiIxg438MW2bxRABbxtmXDdO2ba02-c_7fTqBhm9ooU7LHRuer4xBIYv8mCHeGe4hCIgsQam3s2Bv_Mnv0GOqvojFv6DBX0DRppsVkkN1uzwnXTam0C-G_R3D7ita_vSz0DCFMOiUdBLGJx3KGxOoeghaVc-HweHBPF3yT7WrD4vX3VEDoMg9_EKmBpyAo4UqYJnaQVErhbDW2rVGGMVR9bwIXg9lhZ3FBYzH6QwsMCrBkaLp5RHj_9qgqEVoPqSYrvtLgkdwDkU7UdH9v9nswJWVEB9zeuBI9cN0bYGsxDXzRAHEIuL2Yk77ipIRiS9yGDYM-MyPu_6q5nTDeYQzpNAszeJ8VydkSvJEfDR0yQyT5iCxnvDSXrAAZhtjACy-DBlHq6foDwyPXkvXBBePVfUwUuO46iTBnZPOwRchPYoI0pvIxkelCdmFOPtkDRlXcnDL9ue4p-FFlMPn0EYPQbLRTJ27cKfFZT7KhVlNsqw51hLwom5N5Kpoq55E3eLwgE3u-kKzZ8pY7Nt9T9OLkBEuDSXQF6MSx91XKn1IsrsFVokEUqWlhIool9rmntX0Ciq0Jh710nFwSLARNMU0Nfk9eRw09biwvBLaTNTXLzJR8aluM0Fz6YxN8SgSneOOMmpB2wXqguHd1lI93ELNR1b8sl51dgFW_Va11-DZEFzYTaM4W_KR5EROSpe9w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012304132133000/ Frame 119E 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f5a74ea4fa94eaadca122239fe4031ac54bc6ccd5dc4324c2751ea86a943124
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:21 GMT
age
47319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61827
x-xss-protection
0
server
sffe
etag
"1754d270d28e2ea6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:21 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 119E 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85afe5d6b60132a4c60a797263462587cbedf641bf528a053b9a63753b7a53b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:21 GMT
age
47319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5222
x-xss-protection
0
server
sffe
etag
"8e65ad5048245435"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:21 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 119E 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87164df907b04e7cc17ecf6cc67fc70758df16f4abe9ae99fdbb24ff5d2ff3ca
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:21 GMT
age
47319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28942
x-xss-protection
0
server
sffe
etag
"73bf4bf39cc8fedd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:21 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 119E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68c8c5b10569e4cfa7a8eb1f137a96a5a6b6623e02e24170d837afe8fe0842e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:21 GMT
age
47319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1921
x-xss-protection
0
server
sffe
etag
"f061d9295cdc41bd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:21 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012304132133000/v0/ Frame 119E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304132133000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3532a807c3416a321a14d2e03f65872f747837a3eb23aa8571304ca6ddc1bec4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Apr 2023 17:12:21 GMT
age
47319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12962
x-xss-protection
0
server
sffe
etag
"8013fcb40cf8ec28"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Apr 2024 17:12:21 GMT
truncated
/ Frame 119E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
100d3684964d34dac10045435b223f316c8e42035de5c92470d14537b8258b4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
12778498080495341577
tpc.googlesyndication.com/simgad/ Frame 119E 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12778498080495341577?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmFggzud_y334VdAdFc2gg8g6HwNg
Requested by
Host: 5tl.co
URL: https://5tl.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9b19bac6849e742b83af709a6e01f635f9e532bbdc6bc266201fd3bfbf6d949
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 17:53:26 GMT
x-content-type-options
nosniff
age
217654
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121173
x-xss-protection
0
last-modified
Tue, 05 Jul 2022 09:28:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 21 Apr 2024 17:53:26 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 119E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: 5tl.co
URL: https://5tl.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 08:26:03 GMT
x-content-type-options
nosniff
server
cafe
age
78897
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Tue, 25 Apr 2023 08:26:03 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 119E 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: 5tl.co
URL: https://5tl.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 11:14:15 GMT
x-content-type-options
nosniff
server
cafe
age
68805
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 25 Apr 2023 11:14:15 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 119E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cm8YfTHFHZP-zEISQ7_UP0baa6Aa4xf3_b6CHxZvtEMCNtwEQASDG-9Z5YJXikIKgB6AB8K21twPIAQLgAgCoAwHIAwiqBNIBT9BTMlSMvR_uSlwU75XBrZi_yRWlzLLMcLbcMGQr6P95scAke3qrMTYN7-Qa4JdrPZjk02ARFXVWp4diHtLdIfn62KR7Icl6lwR-sdO8PWm-VQmEgHJP_2MV9cfAXCgQHIttkJJ5YpgFExWFozrTsz8tPS9oTPoCHKgq764ynhTUXVdZyr796Vwh7mYhVEcUFk391S6tCgOs2P32usWkpmche7QEL-EBjAOO4-Kjrd53EkBwF8jVPDsJoxfNUvpAcAaqDC3BTk0deszwvo76g9BEwASay4Gw_QPgBAGSBQQIBBgBkgUECAUYBKAGAoAH-NHKSKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEN2gFNIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMM0BUBgBcBshceChwIABIUcHViLTk4MDc4MjAzNzg1NDQ2MTIY6qpy&sigh=lW1XOz3mWLc&uach_m=[UACH]&cid=CAQSTABygQiD_TZJd7qElZ231qKseDtKb9ojIqF8i4O0IRElB7sSJQ7hEqCmFR5Z_pfUxa7jkHmpGSzv0HuLWOSnQbxm-Csxr0ahqoRLBsoYAQ
Requested by
Host: 5tl.co
URL: https://5tl.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5tl.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
sid
mug.criteo.com/ Frame 2060
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=5tl.co&sn=ChromeSyncframe&so=0&topUrl=5tl.co&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=H6dYwXxON3NWb1E5dkFKTXhPSEZKS0ZjMG5sTWh1WktNWnl3c3RFdFZUNEZCb0pncUIyTVBUVjREUytXNzBaRE9qbHk5d014MHlVYXJuZGVFUUpIM3Jad2hyWFk4ZmVKakdhSjVuWndYc016ZkV6OWdaajhEb1RNOEZMM3...
441 B
656 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=H6dYwXxON3NWb1E5dkFKTXhPSEZKS0ZjMG5sTWh1WktNWnl3c3RFdFZUNEZCb0pncUIyTVBUVjREUytXNzBaRE9qbHk5d014MHlVYXJuZGVFUUpIM3Jad2hyWFk4ZmVKakdhSjVuWndYc016ZkV6OWdaajhEb1RNOEZMM3JpQjYzdjRXaTdlWXRjSEFJbDd2OVVjZTk2YlRwcVV3R3dDWVFsTGFOM1RPaUs1YitaU1B3bU5vWFpYc3dPOVNoL3EzZndVUlhsM0NsRU9sYXU5SFNLMFBQQVJoSjdlL1ozYTIwY1V5SFZjc05MOFpkSjRic2ZQSGV0ckVZdGFabFkvRGo5UytqSGdERUhXVmV6L3dqamUzMEg2QTNGZz09fA&cppv=2
Protocol
H2
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f0b62ecffe0620aed66afd79cf2ec4b40508fecf9cdebd45be307d0768387d3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:00 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1609123
expires
0

Redirect headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=H6dYwXxON3NWb1E5dkFKTXhPSEZKS0ZjMG5sTWh1WktNWnl3c3RFdFZUNEZCb0pncUIyTVBUVjREUytXNzBaRE9qbHk5d014MHlVYXJuZGVFUUpIM3Jad2hyWFk4ZmVKakdhSjVuWndYc016ZkV6OWdaajhEb1RNOEZMM3JpQjYzdjRXaTdlWXRjSEFJbDd2OVVjZTk2YlRwcVV3R3dDWVFsTGFOM1RPaUs1YitaU1B3bU5vWFpYc3dPOVNoL3EzZndVUlhsM0NsRU9sYXU5SFNLMFBQQVJoSjdlL1ozYTIwY1V5SFZjc05MOFpkSjRic2ZQSGV0ckVZdGFabFkvRGo5UytqSGdERUhXVmV6L3dqamUzMEg2QTNGZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
358262
content-length
0
expires
0
csi
csi.gstatic.com/ Frame A510 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lgvvp8rm&c=7602071999542&slotId=3801035999771&qqid=CPm75YOyxP4CFVOQ_QcdR_cGeQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4012:817::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A510 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:22:44 GMT
x-content-type-options
nosniff
age
259096
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 06:22:44 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A510 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 06:10:15 GMT
x-content-type-options
nosniff
age
259845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 06:10:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A510 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CHAD0S3FHZLnqCtOg9u8Px-6byAeZ26OKbKzIitG8EIib77XUDxABIMb71nlgleKQgqAHoAHe_KCDA8gBBakCI8EHBaiLsj6oAwHIA5sEqgTyAU_Qehtoyg0GGV798uJUCrjY8lTiaLYFrSHfylvLUWx4dtg0RivtaAFsJPB78XqBeslr6CVh1NEgtZueuImzZMeUDDAx5M3jLMKpwX3lO94YNRvrG60e7JUEbSQMll_uN56eC2M4rakGP_Y-KfvYdGUdH4pubs6NDQ0yx-ovOCpVb_adap7j8Eyn95wK6r8XaFhhqqEjmKKws5JJoEH0_8Syd8O52p_njFEdgGc4A9gmMepfLUsrl5wJntgazDfr7qQ0X_qMq7sB5qbehTwk3Fdv9MKBAO1PPX9nN58oyC-uQ9JrTr6pdTwDgIRul6y8MaYMwASj6K-YlgTgBAOQBgGgBk6AB4qD33yoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE860_RLQEwDYEw2IFBTYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1682403660729&ai=CHAD0S3FHZLnqCtOg9u8Px-6byAeZ26OKbKzIitG8EIib77XUDxABIMb71nlgleKQgqAHoAHe_KCDA8gBBakCI8EHBaiLsj6oAwHIA5sEqgTyAU_Qehtoyg0GGV798uJUCrjY8lTiaLYFrSHfylvLUWx4dtg0RivtaAFsJPB78XqBeslr6CVh1NEgtZueuImzZMeUDDAx5M3jLMKpwX3lO94YNRvrG60e7JUEbSQMll_uN56eC2M4rakGP_Y-KfvYdGUdH4pubs6NDQ0yx-ovOCpVb_adap7j8Eyn95wK6r8XaFhhqqEjmKKws5JJoEH0_8Syd8O52p_njFEdgGc4A9gmMepfLUsrl5wJntgazDfr7qQ0X_qMq7sB5qbehTwk3Fdv9MKBAO1PPX9nN58oyC-uQ9JrTr6pdTwDgIRul6y8MaYMwASj6K-YlgTgBAOQBgGgBk6AB4qD33yoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE860_RLQEwDYEw2IFBTYFAHQFQH4FgGAFwE
Requested by
Host: e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
URL: https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame A510 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lgvvp8sb&c=7602071999542&slotId=3801035999771&qqid=CPm75YOyxP4CFVOQ_QcdR_cGeQ&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4012:817::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame A510 		24 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Bt71Lrq5S91vRH44RDWkS9YWH2HFDW2OloOhSyQuKo2_JcB0hJnO9kdQHvar0lVrc4jzk47ypP-b65qi_d-AwCHU3ZHA&dbm_d=AKAmf-Cm189YtnnXttYy06geUC1eouSB6cFtFHTUN_j-TeFg6EN3bN3H4wruf2Kg5WQRGOEZg9LYkIOQwNHc_jUn5wsBBHI2-i8YNOJtLuRM9WgomXozQHGulp7tL5PZFOqoch2p0vJbvYLZ1FsmQOuw44DJLv984tzVPhm_Z6nweQ1yAw5RWDIzJ5L9vsoSubbve9tEKX2idNSmx2jzam7HbG49kuD9bnr-_cwehZ2Fx-_a2MSCOFdhrpIlgVdWbn1wCS_TEF0v63dHBr9R5-pkG2o7PDrqr_jf6gurM2pUDPr7aQo9axBSAcMLpNAKrymzyR_IwmJiFQukPjQJojPUOEPb75DbtskXwxN5Kug4kRUh1SLzkN1Vsb40gF6vlziW3DafcvZkrv15NJVP-WmsXHJ6IvnSrlnT7wj0Hf69Al2cHS6v2g4JILTkCq_i68dR2HTaDWI0rk9zDrgAuCP_t6fHwxR4oX2I8bwSLgqVIkBd7ulBU_c2Bmx-eeKmhIhflOqUbTlcAyo20Jtyk3oExLVxXGMX793a24DeuDgfT81QMS9m_oJ0gVZdfz2y9cUNlAb6SFzjiac3VBUeKsg3_dM0G9A8T-sm_cs5rivMAAhIDxshDF79iNNWPUHfryYMFHH89ezbzTAQiysAbIxO9Eevjbj1Ert64DknTS1ohOSTZ-xAFyFD9M27PBXOHIDz5Oujq6EykwpUkEg5qQe4BxE7O1nm5bXGnXWB4FcYjZFO3NJqncPLpFaFJl11Syb0CBAMOoMGhULR62oNVyIIYqOMKJ_saIcv4iG6OvFFzqHD7g8P2TpMKwl2bG6-m015ZVHN2gXTPW-VovZXB_DPBUIIh74aHT92AaL3l0Nzs5lVQQMWfp_ftO4RRhH5rxXr11pOMeIaTKOnMK_Q7jwNoZuf_OnHdoZ2uKQNfmfJq_xoqbZV1dqF5JGyYsrSplHIB5BAYHIpTmdh8vTUXLxm98PRcSy7HQmethzh2wjCjiWxpsI5laTkbVssi2n_0llWphn5NL9kMxIhzkAQjBkiCe6UB6nfUhI5NKogiaO2mgJhq4LeLrCd42Jh-H1HM7MNfFef9JP7L2IrCh0CcREKZ20XYog9pBAbwbIV3v9tE6ky8GnNQ-RsWrYQxLHKRgA28KNKcUVgUoXe3yFXiUQVmCqUnF6-I9dyIArdt-tkvPRiDK3iBmKwx1HTIaNRz1wewhCeyKiUQkKAvwuwaWaLzRvqrOU5HiJJCfbXsoM89FfudR3g4lv7SjMU5_QN07zSaT5yrqjE6gnMeVk_IsGKNGjoUw0xvhQKyGyvvFA2_gxlBMWyMXCpkfckjeZwVSr0_2ULmCTlzsxPmeQjMzZi73VA8xsNAe8MptdA-obcgjPCXoqPub-9iP6F6KWY9Gm7wPGn44G9ok7si0GkzV-MHm-YKdh2XhhivAN2gCrqXo2GlcNCfbHTXqlRPV6AY8CSQSXApNdaeredJ-KkWfRSQ1CVndgNyC_X_s8Jbgvd8N7djEdb3X-GoPZIJvViSAIHyHbz6_R0JeCmGdzMYgLxWYg8XP3acR8A6vNVFGMW6vswGSHLTWlAAKU42Z9PyIdAlE5eYKFOOrAwpGiZlrW-cdQfHzUyhym1hTiO6McwykfNiYM8z3O8pKWQN6SptXBC5FzTiqUC8mdAmHKNI0Va1Bihy2MdFGs5mAwwBwFliCm0yu53rtCnvlmAtOxCviZJFu0A80FoovXXa5YtxDfjiEffw94ZsGM5rDAFTbr4sjbUr8renZ0_NVVKPvX-2uieQrnKUasZ9DqJiXqL53sgNijEOx7zJTK87bKg6Xg7a72UdniRP2GcHWlOiPvtRd9AEPX5_q0ffnvv5bnc47olxWcPSDascc2N9HqeKQlfjPuEJwr4c9YpNbFYHaCux_ccYgmf4DW3nB30vpog11gLhakwsHIOWI-5w2QuVHUf2Cxhln3VZX4g5ECN4c7iMGU7cl6jfAN6O5A92SbM7-8Ud5YOQOMrciakEqe-4TpxkjAZwa_kNB5AUI0SO7lj42UNR1zl0NUwVS-pBSf9xhiE81lt2Q2iojvyeTRDwVVvJpEL4uBQxgGra0zRgkWKgpzYAJ11uD5CG0USFudBaTxtNUk_E_9rn8sforOvkBfFgQOXGZzAj5BBMFk-yXF02z4DpY2ErD_Vr9_17Vlp9kUsPnPV3_hnZRjkp4v5kURmPeO-9D7e4Hfwk4t7Tg1Dwc9lNM43I2QAwJpvUItUfeBwD78epZAN69uByfPb7NWhL1au0OtY18JejtAECYLcFVcLaSgmPwdE9zv0y88Hb5YLW118rsYpljFcj1kwTg5uqIttBGUP0K0nPC9vdnjmPelMGEDRmRZFJRoKw0xGi3F2_eWPiT8hjCJytgwBddqwGN5BCfo1pODC3AetqH-mdkHco9r9swGDu8DhFVvL4_T9mni7AZvP6mJmX1blG5ZwFTLbRzKPtM7JVPbcFlHyV215JCIBj7XwO7ahSp0ZTNFKBR5mlydxCiwzNGorDAXWdYDyopXtcaE7hszfLYKPyNYW0-9dDaDroXaXdp2SsL_JiIQqlJaHSkfVy9MKRzGl5ZknbTbhs6AAelfOHUAd4rNhjHOkF1Y2MTnTYmOmJRrvxPfY-2AR8OwLN3UNs5-MZkDRgkXpfDnVBQb0g4HWwcGb8rllrNyXTN7CSq_iilTgTmtLwYJssFBMHCtNwCR-kSf6x4J4pVUSwbYsZvvA_Z4d5T8ovR11-UeNiczgqtLU-oVAQYeLIY2vQE7_3za-6AnwWYEZ_dHoNeHFXV9shx6F2C6Hrg8PP_hB5U_zTbyHchIbwxy_2VjgndvmNoAMpWJHvjazDecMTsS6lhPhNidaociKzOF2a4KSirLmPr_IZG897rG09MgvfldFTBN2B7gUM3b5MlMIDhRLbjwMtAjKEmW80zkDlRMfIsL_CTZEQI9qp_RAJF-nsRu5IRce5-WCVn2cnZOJ29EJqQhvBEz22qL4W85-mWiuSs4z3yvD0cSKSOSoWcBHWlHK7uEDr9Nk1X9COo-cFzh7a28G6V1ooMq9iuG-knxC5lLHgZwJzEuV8yYh7ueDBPgPP60mSMC75rV4Kk_GO-6t_7IGAVlIH39cJS1rOqXQu59d619UK_AvQ9S3WPRJOFTmitVQqf_7FgUzPEjvmKq_4DbNntA3GvZRbKB0Dk8WDobg2XLQ7--FXqJwTAvHG6rY88i0ZKbn1Ipx--vL-Qjx55_w8vxMW9OTU_4rdsQnHwhan6-CACSGOdETOlhIfZzGLSCBz-AfMY1U8gYy8BzkDcn3ljprNUfZF373DmXO8POVExmIpCZoc3MgE1wk-YdE3rvzgPjmMiHOHMfIe5GNB-ulKqajT_XajUv33w3BeNBZKzW3d9oMyqkCid7ui4lTZTGmauf0Nqu8vxQ&cid=CAQSSwBygQiDyj_k6UB9_27qtL5fcO9bz27hKm1pF8QaZ3TJZPbO5EtJUY2rwS36uyXH-lgypSjHhCasGGPY0e0Z-P3_pTBYDFNFEAk3SRgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f156.1e100.net
Software
cafe /
Resource Hash
0051e528f3180a6a04a0ac143ddcc66f49da7ef18b26e53bd498adb5adeaae5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 06:21:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16119
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A510 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=COcwjS3FHZLnqCtOg9u8Px-6byAeZ26OKbKzIitG8EIib77XUDxABIMb71nlgleKQgqAHoAHe_KCDA8gBBakCI8EHBaiLsj6oAwGqBO8BT9B6G2jKDQYZXv3y4lQKuNjyVOJotgWtId_KW8tRbHh22DRGK-1oAWwk8HvxeoF6yWvoJWHU0SC1m564ibNkx5QMMDHkzeMswqnBfeU73hg1G-sbrR7slQRtJAyWX-43np4LYzitqQY_9j4p-9h0ZR0fim5uzo0NDTLH6i84KlVv9p1qnuPwTKf3nArqvxdoWGGqoSOYorCzkkmgQfT_xLJ3w7nan-eMUR2AZzgD2H4wcKq-2W0FYYt7iLgpDBNgqv_RzgNW54wz0P2PuC31T8FYJ92NMr0XUX-jcL7G5ALZ-kdWQR6IbKGQNH06-PvABKPor5iWBOAEA4gFyovGyEOSBQYIAxABGAGSBQYIGxABGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB4qD33yoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHCxCK0IAPGLKqoNEB0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwGwE860_RLIE8bNguED0BMA2BMNiBQU2BQB0BUBgBcBshceChwIABIUcHViLTk4MDc4MjAzNzg1NDQ2MTIY6qpy&sigh=tDbVYGqfq_g&uach_m=[UACH]&cid=CAQSSwBygQiDyj_k6UB9_27qtL5fcO9bz27hKm1pF8QaZ3TJZPbO5EtJUY2rwS36uyXH-lgypSjHhCasGGPY0e0Z-P3_pTBYDFNFEAk3SRgB&vt=10
Requested by
Host: e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
URL: https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
truncated
/ Frame A510 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf5368ef04c921a3d6e29cbf951483215f74625fc83c2ec93685eae29cf1558e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
pd
google-bidout-d.openx.net/w/1.0/ Frame B0C6 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5tl.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 25 Apr 2023 06:21:00 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
csi
csi.gstatic.com/ Frame A510 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lgvvp8ss&c=7602071999542&slotId=3801035999771&qqid=CPm75YOyxP4CFVOQ_QcdR_cGeQ&fb=outstream-lima&vast_v=2.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4012:817::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
70111039
unified.adsafeprotected.com/v2/1135760/ Frame A510 		21 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://unified.adsafeprotected.com/v2/1135760/70111039?mon=70111040&omidPartner=Google2&apiframeworks=7&bundleId=&ias_xappb=&ias_dspId=3&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=v4~~&originalVast=https://ad.doubleclick.net/ddm/pfadx/N7442.1972103DOUBLECLICKBIDMANAG/B28358795.343736614%3Bsz%3D0x0%3BAUCTIONID%3DABAjH0in1mZIkSHMYiBFN9pUGvMq%3BEXCHANGEID%3D1%3BSELLERID%3D1986152026763%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.0.0.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://5tl.co/%3Fves%3DdGltZXN0YW1wOiAxNjgyNDAzNjYwODY3CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdEROR084Y2RYVDFkQ0lERmc3MDE5c1p1V1pJRlV1Yng5TVZrR0lSQ1BndDRNRWtHVHJ6eF9sOC0zSDdNelU1bV9adEdiUzB6dkMtRHZjODB1bDNBY2lGRlFuOTRmWXBKNXdsNjNFVUJTU0V1WV9XZ0pBX1J4cWRTQ25JT0JkTk1BcmV6MDhYdnhWSExTSTc1OUJSOUNjdzZzbjc5S256Yl9nRVRJbEFkMlk2dzllR1hObWhDcmFiMFQyNThFWlNJNG9lN3FlRXJWblF1OU5rbHlxVWV2WjFoWk1KQ241YmZ6YlRFUGs1NkRoaGMxUVJhTTNDNUViT0g4aGtiS2d0Mzd5clB4Q05sdUMyZ2FpQzJPblhXR05zUWVNVWhLYnNfeEdiUzByT0JSd0Q5NVdiMV92SDVtcXBSNGJCT0pPX1UxYjB3TDI4X1RVc0V0MWV0RkI0Ty1NbG5sci1WMWJmNGxOaTdyZWJ2My1fZjJqOU5senBjTmNiTElyeDV2OUs5ZUpVNnRNSGRwMGYtdk9jaUU1OFBYSURxXzB5eUtUelZIVU5lczYzbXZvQ2JpMFJFQzNkUmF2V0ZEWmViR3ZKZ0pYMVBuMy1xQ3lQS201RjhvcWxidXNCTk80TWhhNm1DVzZnYVJXUmo5NFZSOGFMdGZVSV9ER21qM1drMUtWWmExME5iZkE2bnktdldKWklPLTZ4clNXaG16UFhMbkNLbU1xbmZUOGZ5emFWTXZ1Z2tpWDI0dnlpbDhiNkZVb1lzMDg5MXZ6U3JIbjYtck5FYWVjM1ZIWEVfVkV3dTZ6T1E4SEFGNzhIV19XdE9VdkwxcVlrT2ZzdFQ2TmtXMFAydDl5VXpaQ09YQzRieHBCNFl0N1hrVGdQcXBla1B5YVp5VFExZVI4dDJCTU8wbGRQeF9kRUJWQ3pLUWhLVWh4MVlzU3MwSW0zNm5iaUdnUXdmUDZ4d1VqQnZkdzUybE4zQlhTZjVPc01mMWJMb0R0djNnNWM0T1FhQ1ZEbGMyN2xyYUJsTHpySFZ1ZDNLN3h6d2hXSzA0Qk9MQ2dSNDlaUjZxa3FLZVpia1JfWUhNOGNBendrWHFEcW95VDVDTE1VQW10d2tVRWhfM1BNZVNqOHlQd2c2b0xmV2JtMlI3Slc3dnB3elVXY1U0TTJ1TjZNcHZ2V0x1cS1qNkY1anpmcm9yam5PWXJVQnhxanRIMU1faktpdEdSaVQ3ZnYyb29lVml3Y1RnaTQxbUU5OTVyU2Q4QUpILXlRbDUyQjJTenNLTFNrRVJTNE1paDF4eWZhbnhzVk1sQzRTakEtOFhoelRqR0tZckVCUFIwcGUybmkzNVVzSGpUSWJ6N3dya0lKQWZYZFdOMkpFRnVxT2QwQkRCSzByZFFFSGpVaTl5YmY4ZWRsMGN2aFpkRUFGaE5SVUtKaF9xbWRSMGZfZE5ZY3VCSFhBSGpTZzlwaGNPU3RGWlhwTTN5cHVtTTBKSm9JZHpmSU5Sc1czYVhZQXlaaXpqMjN1MzZMTG51UTRmY2t2YjVPVjRTOHdfYzluZlMtRk1FUTdHejQxY0VmNnpFaGx5SVBsUjdlTktVcFlHd1RBT0RBaklvU3BxTHM2ZnlDY2xlMmRxSzNrU3lfdXVYY0lmT0pVc010dENtS2MyQWVFYVN0aTQ2MVFvQ21TUExhS3JsemRqdmdwb2Mmc2FpPUFNZmwtWVFWZnN3M2NmbkQxZUtHQklIaS16NEcxbk9SclRmRUxFWnZRY3dUNUZsc3ZSQjgza2FuclBrazNab2t1dlo2Y0RQLXhtbHVKVkhrLVZGdlpWamllTW5GbnptaGdVSEpDZnJjQU1GdU5hV24wa3ByeXVVZzAzNlhuSWN4Y0RfU1Y4OFdrRWdudVZyU0ZwdHRnN1hza2JBeVJDdS02YmR0d3lTRGc1SFVNZ1YxYXNTX2t4bm01OGYxUC0tWTQyZ2Njd2ZjQThLYXdKVW1MSmptNHFMdUhQcmhIcjdXZzZiVTVPREt5Zlo5MHo5cktaQ1EyVjNmZmZFRkRrVFY0Z2U5X3ZmVVAtSzB1d2NaeWdPR1lCYmRDNzRDbnZ4WHdWamdnbXZ2ZFQzNG1fV2Q3ZU5td2YyY1Y3cURmTGtNcWdlNm00RTgmc2lnPUNnMEFyS0pTekhCdWlXeGpNSDA4RUFFJmNyeT0xJmZic19hZWlkPVtnd19mYnNhZWlkXSZ1cmxmaXg9MSZhZHVybD1odHRwczovL3d3dy5jaXNjby5jb20vYy9kZV9kZS9zb2x1dGlvbnMvc2VjdXJlLXRoZS1lbnRlcnByaXNlL2luZGV4Lmh0bWwlM0ZDQ0lEJTNEY2MwMDMwNTIlMjZPSUQlM0QwJTI2RFRJRCUzRHBkaXByZzAwMDAwMSUyNmRjbGlkJTNEJTI1ZWRjbGlkISIK%26dc_cid%3D186247123%26dc_adid%3D535167629
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.186.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-186-154.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1ea18f3bd74a6ab87a0c132e5daedffcfcf6edbca0b71cebc949cbe2829a13a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 06:21:01 GMT
Content-Encoding
gzip
Vary
Origin
Content-Type
text/xml; charset=UTF-8
Access-Control-Allow-Origin
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Request-Id
ch3n2j8mnlk25v0eigq0
Content-Length
5494
si
googleads.g.doubleclick.net/pagead/drt/ Frame 119E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 5tl.co
URL: https://5tl.co/
Protocol
H2
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date
Tue, 25 Apr 2023 06:21:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
csi
csi.gstatic.com/ Frame A510 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lgvvp8wx&c=7602071999542&slotId=3801035999771&qqid=CPm75YOyxP4CFVOQ_QcdR_cGeQ&fb=outstream-lima&vmfc=11&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4012:817::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame A510 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 16:50:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221448
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Apr 2024 16:50:13 GMT
file.mp4
r1---sn-5hnekn76.c.2mdn.net/videoplayback/id/80f227aa56d197d0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820061459/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame A510
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/80f227aa56d197d0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820061459/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r1---sn-5hnekn76.c.2mdn.net/videoplayback/id/80f227aa56d197d0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820061459/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r1---sn-5hnekn76.c.2mdn.net/videoplayback/id/80f227aa56d197d0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820061459/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/81CD46270E4A7059A1BD97023D0914500E054A2C.722EB4990D14161357ED162A9D98634CB2AA9AB1/key/cms1/cms_redirect/yes/mh/L_/mip/2a03:1b20:6:f011::4e/mm/42/mn/sn-5hnekn76/ms/onc/mt/1682403116/mv/u/mvi/1/pl/48/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:400e::6 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 06:21:01 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
2222055
Last-Modified
Sun, 05 Feb 2023 16:09:44 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Tue, 25 Apr 2023 06:21:01 GMT

Redirect headers

date
Tue, 25 Apr 2023 06:21:01 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
650
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
location
https://r1---sn-5hnekn76.c.2mdn.net/videoplayback/id/80f227aa56d197d0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820061459/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/81CD46270E4A7059A1BD97023D0914500E054A2C.722EB4990D14161357ED162A9D98634CB2AA9AB1/key/cms1/cms_redirect/yes/mh/L_/mip/2a03:1b20:6:f011::4e/mm/42/mn/sn-5hnekn76/ms/onc/mt/1682403116/mv/u/mvi/1/pl/48/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame A510 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lgvvp93n&c=7602071999542&slotId=3801035999771&qqid=CPm75YOyxP4CFVOQ_QcdR_cGeQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=985&mt=video%2Fmp4&vs=640x360&msm=1&aits=18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.1kf
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4012:817::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 74F1 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
230373
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 22 Apr 2023 14:21:28 GMT
expires
Sun, 21 Apr 2024 14:21:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
pagead2.googlesyndication.com/bg/ Frame 74F1 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FeZxK-xMU0bDCjOMbokEaZjg6vU8xaS24bySLDd5teM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 19:48:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
37952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14264
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Apr 2024 19:48:29 GMT
file.mp4
r1---sn-5hnekn76.c.2mdn.net/videoplayback/id/80f227aa56d197d0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820061459/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame A510 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r1---sn-5hnekn76.c.2mdn.net/videoplayback/id/80f227aa56d197d0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3820061459/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/81CD46270E4A7059A1BD97023D0914500E054A2C.722EB4990D14161357ED162A9D98634CB2AA9AB1/key/cms1/cms_redirect/yes/mh/L_/mip/2a03:1b20:6:f011::4e/mm/42/mn/sn-5hnekn76/ms/onc/mt/1682403116/mv/u/mvi/1/pl/48/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e::6 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
43429b51b53c9e8d812f93e566afbf0c5f1319860a84407949e10f771c47278f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

expires
Tue, 25 Apr 2023 06:21:01 GMT
date
Tue, 25 Apr 2023 06:21:01 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-2222054/2222055
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
2222055
last-modified
Sun, 05 Feb 2023 16:09:44 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
client-protocol
quic
csi
csi.gstatic.com/ Frame A510 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lgvvp943&c=7602071999542&slotId=3801035999771&qqid=CPm75YOyxP4CFVOQ_QcdR_cGeQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=985&mt=video%2Fmp4&vs=640x360&ple=1&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Funified.adsafeprotected.com%252Fv2%252F1135760%252F70111039%253Fmon%253D70111040%2526omidPartner%253DGoogle2%2526apiframeworks%253D7%2526bundleId%253D%2526ias_xappb%253D%2526ias_dspId%253D3%2526ias_campId%253D%2526ias_pubId%253D%2526ias_chanId%253D%2526ias_placementId%253D%2526bidurl%253D%2526ias_dealId%253D%2526adsafe_par%2526ias_impId%253Dv4~~%2526originalVast%253Dhttps%253A%252F%252Fad.doubleclick.net%252Fddm%252Fpfadx%252FN7442.1972103DOUBLECLICKBIDMANAG%252FB28358795.343736614%25253Bsz%25253D0x0%25253BAUCTIONID%25253DABAjH0in1mZIkSHMYiBFN9pUGvMq%25253BEXCHANGEID%25253D1%25253BSELLERID%25253D1986152026763%25253Bord%25253D%25255Btimestamp%25255D%25253Bdc_lat%25253D%25253Bdc_rdid%25253D%25253Btag_for_child_directed_treatment%25253D%25253Btfua%25253D%25253Bdcmt%25253Dtext%252Fxml%25253Bdc_sdkv%25253Dh.0.0.0%25253Bdc_osd%25253D2%25253Bdc_frm%25253D2%25253Bdc_sdr%25253D1%25253Bdc_ref%25253Dhttps%253A%252F%252F5tl.co%252F%25253Fves%25253DdGltZXN0YW1wOiAxNjgyNDAzNjYwODY3CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdEROR084Y2RYVDFkQ0lERmc3MDE5c1p1V1pJRlV1Yng5TVZrR0lSQ1BndDRNRWtHVHJ6eF9sOC0zSDdNelU1bV9adEdiUzB6dkMtRHZjODB1bDNBY2lGRlFuOTRmWXBKNXdsNjNFVUJTU0V1WV9XZ0pBX1J4cWRTQ25JT0JkTk1BcmV6MDhYdnhWSExTSTc1OUJSOUNjdzZzbjc5S256Yl9nRVRJbEFkMlk2dzllR1hObWhDcmFiMFQyNThFWlNJNG9lN3FlRXJWblF1OU5rbHlxVWV2WjFoWk1KQ241YmZ6YlRFUGs1NkRoaGMxUVJhTTNDNUViT0g4aGtiS2d0Mzd5clB4Q05sdUMyZ2FpQzJPblhXR05zUWVNVWhLYnNfeEdiUzByT0JSd0Q5NVdiMV92SDVtcXBSNGJCT0pPX1UxYjB3TDI4X1RVc0V0MWV0RkI0Ty1NbG5sci1WMWJmNGxOaTdyZWJ2My1fZjJqOU5senBjTmNiTElyeDV2OUs5ZUpVNnRNSGRwMGYtdk9jaUU1OFBYSURxXzB5eUtUelZIVU5lczYzbXZvQ2JpMFJFQzNkUmF2V0ZEWmViR3ZKZ0pYMVBuMy1xQ3lQS201RjhvcWxidXNCTk80TWhhNm1DVzZnYVJXUmo5NFZSOGFMdGZVSV9ER21qM1drMUtWWmExME5iZkE2bnktdldKWklPLTZ4clNXaG16UFhMbkNLbU1xbmZUOGZ5emFWTXZ1Z2tpWDI0dnlpbDhiNkZVb1lzMDg5MXZ6U3JIbjYtck5FYWVjM1ZIWEVfVkV3dTZ6T1E4SEFGNzhIV19XdE9VdkwxcVlrT2ZzdFQ2TmtXMFAydDl5VXpaQ09YQzRieHBCNFl0N1hrVGdQcXBla1B5YVp5VFExZVI4dDJCTU8wbGRQeF9kRUJWQ3pLUWhLVWh4MVlzU3MwSW0zNm5iaUdnUXdmUDZ4d1VqQnZkdzUybE4zQlhTZjVPc01mMWJMb0R0djNnNWM0T1FhQ1ZEbGMyN2xyYUJsTHpySFZ1ZDNLN3h6d2hXSzA0Qk9MQ2dSNDlaUjZxa3FLZVpia1JfWUhNOGNBendrWHFEcW95VDVDTE1VQW10d2tVRWhfM1BNZVNqOHlQd2c2b0xmV2JtMlI3Slc3dnB3elVXY1U0TTJ1TjZNcHZ2V0x1cS1qNkY1anpmcm9yam5PWXJVQnhxanRIMU1faktpdEdSaVQ3ZnYyb29lVml3Y1RnaTQxbUU5OTVyU2Q4QUpILXlRbDUyQjJTenNLTFNrRVJTNE1paDF4eWZhbnhzVk1sQzRTakEtOFhoelRqR0tZckVCUFIwcGUybmkzNVVzSGpUSWJ6N3dya0lKQWZYZFdOMkpFRnVxT2QwQkRCSzByZFFFSGpVaTl5YmY4ZWRsMGN2aFpkRUFGaE5SVUtKaF9xbWRSMGZfZE5ZY3VCSFhBSGpTZzlwaGNPU3RGWlhwTTN5cHVtTTBKSm9JZHpmSU5Sc1czYVhZQXlaaXpqMjN1MzZMTG51UTRmY2t2YjVPVjRTOHdfYzluZlMtRk1FUTdHejQxY0VmNnpFaGx5SVBsUjdlTktVcFlHd1RBT0RBaklvU3BxTHM2ZnlDY2xlMmRxSzNrU3lfdXVYY0lmT0pVc010dENtS2MyQWVFYVN0aTQ2MVFvQ21TUExhS3JsemRqdmdwb2Mmc2FpPUFNZmwtWVFWZnN3M2NmbkQxZUtHQklIaS16NEcxbk9SclRmRUxFWnZRY3dUNUZsc3ZSQjgza2FuclBrazNab2t1dlo2Y0RQLXhtbHVKVkhrLVZGdlpWamllTW5GbnptaGdVSEpDZnJjQU1GdU5hV24wa3ByeXVVZzAzNlhuSWN4Y0RfU1Y4OFdrRWdudVZyU0ZwdHRnN1hza2JBeVJDdS02YmR0d3lTRGc1SFVNZ1YxYXNTX2t4bm01OGYxUC0tWTQyZ2Njd2ZjQThLYXdKVW1MSmptNHFMdUhQcmhIcjdXZzZiVTVPREt5Zlo5MHo5cktaQ1EyVjNmZmZFRkRrVFY0Z2U5X3ZmVVAtSzB1d2NaeWdPR1lCYmRDNzRDbnZ4WHdWamdnbXZ2ZFQzNG1fV2Q3ZU5td2YyY1Y3cURmTGtNcWdlNm00RTgmc2lnPUNnMEFyS0pTekhCdWlXeGpNSDA4RUFFJmNyeT0xJmZic19hZWlkPVtnd19mYnNhZWlkXSZ1cmxmaXg9MSZhZHVybD1odHRwczovL3d3dy5jaXNjby5jb20vYy9kZV9kZS9zb2x1dGlvbnMvc2VjdXJlLXRoZS1lbnRlcnByaXNlL2luZGV4Lmh0bWwlM0ZDQ0lEJTNEY2MwMDMwNTIlMjZPSUQlM0QwJTI2RFRJRCUzRHBkaXByZzAwMDAwMSUyNmRjbGlkJTNEJTI1ZWRjbGlkISIK%252526dc_cid%25253D186247123%252526dc_adid%25253D535167629&encoded_body_size=0&transfer_size=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4012:817::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 74F1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B1O3mTHFHZMDNM6TLxgKc0I3oDgAAAAA4AeAEAg&bg=!VValVgLNAAYfNdXmPzU7ADkAdvg8WsOCkWNLU0CU9BuOAQOlFioHONO6NF5aPuoYbAQOWlt28RSH5ppPW4m6M4MQ9cXxPU669R0CAAAAbVIAAAADaAEHmQM_4AQAaXfs8jr6GcvySw2XMC-whemkhBjOvJ4tIchK2bscnWnpHyUxb-hG1i-hH36lFjVM-GmIuHVecMhi5Ie_aalkTA7OIeyi2ughNfw6xs3PrpCt9vDGwqokvUA18RcThzQUUvl67l5IGyG6b86o_jslu69n94350I7zvE_p8QexjMPHqWGXJDyeJWE-9xVt5IShPCjVt_zAvduMLX2wTbr6xYSFJ2HcpnqnFrO6KIvXjTFUVbnDPV90L2-nlB2JFNqKw3uwYa8KbfzKI8vXUfAJLNiEynjxPIdCcMAJmQWHNyKDKxaM-zt4zVYjjLo5IR3NyTcelebSgaTIvZD0ZjjoTWrogDWyYjgaWSTH8RHajYXmo2Df5oqUNbqx__kRWWbYu9A0F10Gss5P3isynelj7hSdvsNOqsxJME6mzuNuVvHPlVwPzjfzwJkMnlpcelkIJSa6VSaxbzsOxBWqOE8GCc0YMqDFcY5WJI14qDjkXo_4ELUeOiKO3HCo7iOgFIH68pwygI8r75YTlPfF2QrMEpx5ZS_-ZMrwdYO3rZjtwKbPfEHZriUxQzSaAJwAxvUIUy99SBPE8Gd7NHG8zmuQWsCBNb3v9oxyvpfr5VIfT-CAcrCMPASFasdPtGrMsAuaMZfxQeQTRROcqX70VsCaxSur17GxqFwUlxczlCzwvQkZK1hgOSMBhq93nEnlpq_Ll76icWMx-P1Llhx2JG3nKuT4bijFg8tHcn6vHc-bdjTf50wYksp25ju3FZun8GSIUGlxOzJKbZsFN25_NbACYkLl_BT_wjHd3QP1qF-RsTFZ4tkGRrB45PNuS9d1fHYlo9u0mCjxWvjkBDqLLx8DhIof5zTNOxm_K8OuPAQREtc8IR-xLI6dZciGqaBZBAQ41wMyTf9xMQNIobODyVunnSQ5uQMQb7WGs9gevGiClYZQzL6AOifeogdzIGa3kodegX0LUxOXc_6WV_sHmZrCIa1VL2y1W7dAgoSkyl5xdlHHWpTEKTtxtJl39arFf4jVMJCRJ31OzxHzuF5JgnYgAujGdljVgXALNq-tN0oqzXw-BLrf7dg9O2n6umPXxPludIGGr7z4XiNKCv9S
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame A510
Redirect Chain
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU1RBUlQiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ...
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=72b1961a-09cb-4f37-b257-96a1f17d0646&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...
43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10173&asId=72b1961a-09cb-4f37-b257-96a1f17d0646&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Protocol
H2
Server
2600:1f13:800:7780:6ced:2695:e964:6f1b Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:02 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Redirect headers

Location
https://dt.adsafeprotected.com/dt?anId=10173&asId=72b1961a-09cb-4f37-b257-96a1f17d0646&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D
Date
Tue, 25 Apr 2023 06:21:01 GMT
Connection
keep-alive
Content-Length
0
Vary
Origin
Content-Type
image/png
dc_oe=ChMIwKPLhLLE_gIVpKVRCh0caAPtEAAYACDTz-dYQhMI-bvlg7LE_gIVU5D9Bx1H9wZ5;met=1;acvw=sv%3D951%26v%3D20230417%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%...
ade.googlesyndication.com/ddm/activity/ Frame A510 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIwKPLhLLE_gIVpKVRCh0caAPtEAAYACDTz-dYQhMI-bvlg7LE_gIVU5D9Bx1H9wZ5;met=1;acvw=sv%3D951%26v%3D20230417%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D138478950%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1682403661456;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A510 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHAD0S3FHZLnqCtOg9u8Px-6byAeZ26OKbKzIitG8EIib77XUDxABIMb71nlgleKQgqAHoAHe_KCDA8gBBakCI8EHBaiLsj6oAwHIA5sEqgTyAU_Qehtoyg0GGV798uJUCrjY8lTiaLYFrSHfylvLUWx4dtg0RivtaAFsJPB78XqBeslr6CVh1NEgtZueuImzZMeUDDAx5M3jLMKpwX3lO94YNRvrG60e7JUEbSQMll_uN56eC2M4rakGP_Y-KfvYdGUdH4pubs6NDQ0yx-ovOCpVb_adap7j8Eyn95wK6r8XaFhhqqEjmKKws5JJoEH0_8Syd8O52p_njFEdgGc4A9gmMepfLUsrl5wJntgazDfr7qQ0X_qMq7sB5qbehTwk3Fdv9MKBAO1PPX9nN58oyC-uQ9JrTr6pdTwDgIRul6y8MaYMwASj6K-YlgTgBAOQBgGgBk6AB4qD33yoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE860_RLQEwDYEw2IFBTYFAHQFQH4FgGAFwE&sigh=0Sg5qYMPoMY&label=part2viewed&ad_mt=5&acvw=sv%3D951%26v%3D20230417%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D138478950%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1682403661456
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame A510 		43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:26:16 GMT
x-content-type-options
nosniff
age
53685
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 25 Apr 2023 15:26:16 GMT
pixel.png
unified.adsafeprotected.com/ Frame A510 		35 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vZTczM2MxOTY1YmE4NWRiNDY3YTA0ZTYyMTQxNmQ5ZmQuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTEzNTc2MCIsImN1c3RvbTgiOiI3MDExMTAzOSIsInhzaWQiOiI3MmIxOTYxYS0wOWNiLTRmMzctYjI1Ny05NmExZjE3ZDA2NDYifSwidGltZXN0YW1wIjoiMDAwMS0wMS0wMVQwMDowMDowMFoiLCJoZWFkZXJzIjp7ImhlYWRlcjExIjoiRENNIiwiaGVhZGVyMTIiOiJhZC5kb3VibGVjbGljay5uZXQiLCJoZWFkZXIzIjoiR29vZ2xlMiIsImhlYWRlcjQiOiI3IiwiaGVhZGVyOCI6Imlhc28iLCJoZWFkZXI5IjoiIn0sImNyZWF0aXZlSWQiOiIxODYyNDcxMjMiLCJjYiI6IjE2ODI0MDM2NjEwNjkxNTg0NzMiLCJhZER1cmF0aW9uIjotMSwiaWFzU2luZ2xldGFnIjp0cnVlLCJpYXNTaW5nbGV0YWdPdXRjb21lIjoiT1VUQ09NRV9NX19WQVNUX19PTUlEX19XRUJfUFhMIn0=&advEntityId=1135760&pubEntityId=70111039
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.186.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-186-154.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Tue, 25 Apr 2023 06:21:01 GMT
Connection
keep-alive
Content-Length
35
Vary
Origin
Content-Type
image/gif
skeleton.js
static.adsafeprotected.com/ Frame A510
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/1135760/70111040/skeleton.gif?xmtp=v&xmapp=0&xsId=72b1961a-09cb-4f37-b257-96a1f17d0646&bidurl=&ias_campId=&ias_pubId=&ias_placementId=&ias_chanId=&ias_dealI...
  • https://static.adsafeprotected.com/skeleton.js
17 B
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.js
Protocol
H2
Server
2600:9000:223f:aa00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 03:51:51 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
8562551
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
k7ozQhci9qScxzHra9Jni6yp0aBu2UYwy8kCCWaS2qPdlEC4wtcCsA==

Redirect headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:01 GMT
server
nginx
x-server-name
app04.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
view
googleads4.g.doubleclick.net/pcs/ Frame A510 		0
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuuuUpc_bf0tSO1QWL2YMj_ZqjFWbg1LeDpi96klnYXfAF9JceHUlP6HFaXHHM45R1ewusEuj_aDVPm42TyrCJvWo38We3yBxXoQnUOctEB5tDlPjJePUWH1V5joUAOom04RjdIBcBk6ECNOwgVE_keboS7_PkQNGv4NTaEOzj4NbUCFR5iHrN1387sUrBd97rTTxSZstwjMai31_c4cEognl697f1QO0Ny8HEjiPg2CfDAaBpQSIF-7t5DlpJhY_ZatFze1jwwyhWlSI6s5Q5oCuCTJm385gwz-wbgy53SkG5m3Zd_cQH0k2sqJGo_g1hBs3i43R8M005PutqHwc3dOPZsqMotmCyZHXojPrqcNXa6S5YrDrYZ7JyOmhkualSpUS1C_-WvHpC6es87mA9-5u5bffKbUdMQC_E27LeGkkAmY8PnJyIeREzKm6w9CrYsodQNeqnX43FK-wsF7pmoU4U7ftjzkd5B2lmPnr6nNQvSvJ8Md-uLZxNoS2BGC3xFNCvAwJOP-R1RlzYmFlASbSU45wHmiyh8hT59LVcnPPtrBB3yLtRgAWgsBnf_Z1NIMKVolbFu35TqJ_m3gVMMidtMm9OmTuihQ1zFc4Hvmq3FTUoJ4xIv7O52w8ByqcDq7dD7XhIApRDbzSJOrr8c8h2A5ebknNT2cdeDMfYrjAzG5iZk8orzijWgPWEtdqrxvp7yvW0bMUPYQ6jMQSrDWTQVsWufs-_eiGGLP9780mCxO4RN0mcczHVP9nghV699bp9gQiex-5mOmWKGs9U3e2E3sADdBA16ruwN2dVyN_zEwGZSl-phViL6MwA6wKXpZgJRdfQkIL3eWFnJBN0Wtag1Qyr4RQu1ht-ZiEesQtuWF93mxFfpifcYzY9N2RMQ-SdR0LbbPHcnsze4crSMHtBNwNE1UFIauMCK0atyslQy8Qr-E2kz6D5XxKpIvaeQUb7PGv2fGDv0pgmdZG7pmWuUwmWUtbz7lk-lauPa_l75RIvAgqWxqXVwk983-eI1RyLXUxYVfdYpPlKhgEcffFaonSkbU3-ZTp1GAieARS-LTK6xRhkYRYJNB0PLmmVy0bOPf00B4Q1JcAPq9kE81qImwksNUM4cNsr9st7nBp_-E4vUrmmCUts9aVU_0tRNbHwRPkP4yFXshkw6Zf1PUf5mXur-OuxyeGtsaKUNO7WP0LUzEvx1tQdAd8mnigaYbqNqVbTcJeriQEwUXiS3PQ2W&sai=AMfl-YQKCu_VwlNcu7VeKrRv6QjMNxZbOICnFSBjc8UkAZ--aZhdyy6OdFxzA-01NpGzqHFAtBXKOnOR8YledEtVo0JZcckLreU5wTUpCQRfVymyTdX27tYKTFWrfaGsRMs2NpFYG1DPuaxjF112MiFJXiNytkb7AXxuugc2xCDhMlJgjuyTKWhXUHl0LSwbtvm_NI95-vR2n4CB34jAAskrAK_Qw1NxMRaSJ3bD6GEun9s3cKGcNeUuAMnu7yCsVOZSvUbHBli1ltYHwe5Ut2T2Nw1PxdOU_hj8qTOLa1XOeYKCP3BLUrKpHk5axg&sig=Cg0ArKJSzCqfUYEITj8XEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 25 Apr 2023 06:21:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cm
us-u.openx.net/w/1.0/ Frame A510
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiyqqDRASABMAE&v=APEucNXh884obK1nE-l1Qyifiv1q33N7UqNDSGSBzAqsgeYCwWVzR6BhaKznypWDK5UucsfEanyicgUmE0aSnoT3_jSFxD8nuQ
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:01 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 25 Apr 2023 06:21:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame A510 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A510 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1Gb9LRXoUKgCwRjfW4Zsv4fqbIaMkqC674ScojMISIixS0SOLFO-u_49cWudvbAhHmxrCEI5VEquqBfAM5J2NQ2Vg6VhKF7KQ_dSYAiJ67K1eLFALwpnd3r8ZtLcEFmFMrlNcJQ&sai=AMfl-YQnidJ4pK6SmlwwHbQfNWyezBgOHFcjDnRu_dNAa-PajMXWhHh606gJOr91wMe9c9RUJwENdQwDpMTOpNE0uiVWTmtTIVhqoE4gyBaqCXwosSfwb9JsCPt9mXOc6rWkdnLqnCOI33kpf1Bm&sig=Cg0ArKJSzNE2lZ95ZR-wEAE&cid=CAQSSwBygQiDyj_k6UB9_27qtL5fcO9bz27hKm1pF8QaZ3TJZPbO5EtJUY2rwS36uyXH-lgypSjHhCasGGPY0e0Z-P3_pTBYDFNFEAk3SRgB&id=lidarv&acvw=sv%3D951%26v%3D20230417%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D5%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D138478950%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1682403661456&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A510 		42 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHAD0S3FHZLnqCtOg9u8Px-6byAeZ26OKbKzIitG8EIib77XUDxABIMb71nlgleKQgqAHoAHe_KCDA8gBBakCI8EHBaiLsj6oAwHIA5sEqgTyAU_Qehtoyg0GGV798uJUCrjY8lTiaLYFrSHfylvLUWx4dtg0RivtaAFsJPB78XqBeslr6CVh1NEgtZueuImzZMeUDDAx5M3jLMKpwX3lO94YNRvrG60e7JUEbSQMll_uN56eC2M4rakGP_Y-KfvYdGUdH4pubs6NDQ0yx-ovOCpVb_adap7j8Eyn95wK6r8XaFhhqqEjmKKws5JJoEH0_8Syd8O52p_njFEdgGc4A9gmMepfLUsrl5wJntgazDfr7qQ0X_qMq7sB5qbehTwk3Fdv9MKBAO1PPX9nN58oyC-uQ9JrTr6pdTwDgIRul6y8MaYMwASj6K-YlgTgBAOQBgGgBk6AB4qD33yoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE860_RLQEwDYEw2IFBTYFAHQFQH4FgGAFwE&sigh=0Sg5qYMPoMY&label=vast_creativeview&ad_mt=5&acvw=sv%3D951%26v%3D20230417%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D5%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D138478950%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1682403661456
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame A510 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=7~lgvvp9as&c=7602071999542&slotId=3801035999771&qqid=CPm75YOyxP4CFVOQ_QcdR_cGeQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=985&mt=video%2Fmp4&vs=640x360&dm=15000&event_name=first_play&asset_bytes=195682&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.1t4~videopreviewstarted.1t5
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4012:817::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A510 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1Gb9LRXoUKgCwRjfW4Zsv4fqbIaMkqC674ScojMISIixS0SOLFO-u_49cWudvbAhHmxrCEI5VEquqBfAM5J2NQ2Vg6VhKF7KQ_dSYAiJ67K1eLFALwpnd3r8ZtLcEFmFMrlNcJQ&sai=AMfl-YQnidJ4pK6SmlwwHbQfNWyezBgOHFcjDnRu_dNAa-PajMXWhHh606gJOr91wMe9c9RUJwENdQwDpMTOpNE0uiVWTmtTIVhqoE4gyBaqCXwosSfwb9JsCPt9mXOc6rWkdnLqnCOI33kpf1Bm&sig=Cg0ArKJSzNE2lZ95ZR-wEAE&cid=CAQSSwBygQiDyj_k6UB9_27qtL5fcO9bz27hKm1pF8QaZ3TJZPbO5EtJUY2rwS36uyXH-lgypSjHhCasGGPY0e0Z-P3_pTBYDFNFEAk3SRgB&id=lidarv&acvw=sv%3D951%26v%3D20230417%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,189,335%26tos%3D2014,0,0,0,0%26mtos%3D2014,2014,2014,2014,2014%26amtos%3D0,0,0,0,0%26mcvt%3D2014%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2175%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D44%26pst%3D201%26dur%3D15018%26vmtime%3D2184%26dtos%3D2014%26dtoss%3D1%26dvs%3D2014%26dfvs%3D2014%26dvpt%3D2175%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D138478950%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2014&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1682403661456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame A510
Redirect Chain
  • https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiUVVBUlRJTEUxIiwicHVibGlzaGVyVXVpZCI6ImE1ZGIwMmIwLTJiNzgtNDlhMy04NGZmLTAwNTU5ZDY5N2NiOSIsInNpdGVVdWlkIjoiYWZkZGVmNWQtYzIwNC00MGE5LWI0ZmItOTY...
  • https://dt.adsafeprotected.com/dt?anId=10173&asId=72b1961a-09cb-4f37-b257-96a1f17d0646&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...
0
0
dc_oe=ChMIwKPLhLLE_gIVpKVRCh0caAPtEAAYACDTz-dYQhMI-bvlg7LE_gIVU5D9Bx1H9wZ5;met=1;acvw=sv%3D951%26v%3D20230417%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,189,335%26tos%3D3756,0,0,0,0%...
ade.googlesyndication.com/ddm/activity/ Frame A510 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIwKPLhLLE_gIVpKVRCh0caAPtEAAYACDTz-dYQhMI-bvlg7LE_gIVU5D9Bx1H9wZ5;met=1;acvw=sv%3D951%26v%3D20230417%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,189,335%26tos%3D3756,0,0,0,0%26mtos%3D3756,3756,3756,3756,3756%26amtos%3D0,0,0,0,0%26mcvt%3D3756%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3917%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D49%26pst%3D201%26dur%3D15018%26vmtime%3D3929%26dtos%3D1742%26dtoss%3D2%26dvs%3D1742%26dfvs%3D1742%26dvpt%3D1742%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3756,3756,3756,3756,3756%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D138478950%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3756;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1682403661456;ecn1=1;etm1=0;eid1=960584;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A510 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CHAD0S3FHZLnqCtOg9u8Px-6byAeZ26OKbKzIitG8EIib77XUDxABIMb71nlgleKQgqAHoAHe_KCDA8gBBakCI8EHBaiLsj6oAwHIA5sEqgTyAU_Qehtoyg0GGV798uJUCrjY8lTiaLYFrSHfylvLUWx4dtg0RivtaAFsJPB78XqBeslr6CVh1NEgtZueuImzZMeUDDAx5M3jLMKpwX3lO94YNRvrG60e7JUEbSQMll_uN56eC2M4rakGP_Y-KfvYdGUdH4pubs6NDQ0yx-ovOCpVb_adap7j8Eyn95wK6r8XaFhhqqEjmKKws5JJoEH0_8Syd8O52p_njFEdgGc4A9gmMepfLUsrl5wJntgazDfr7qQ0X_qMq7sB5qbehTwk3Fdv9MKBAO1PPX9nN58oyC-uQ9JrTr6pdTwDgIRul6y8MaYMwASj6K-YlgTgBAOQBgGgBk6AB4qD33yoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE860_RLQEwDYEw2IFBTYFAHQFQH4FgGAFwE&sigh=0Sg5qYMPoMY&label=videoplaytime25&ad_mt=3930&acvw=sv%3D951%26v%3D20230417%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,189,335%26tos%3D3756,0,0,0,0%26mtos%3D3756,3756,3756,3756,3756%26amtos%3D0,0,0,0,0%26mcvt%3D3756%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3917%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D49%26pst%3D201%26dur%3D15018%26vmtime%3D3929%26dtos%3D1742%26dtoss%3D2%26dvs%3D1742%26dfvs%3D1742%26dvpt%3D1742%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D0%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3756,3756,3756,3756,3756%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D138478950%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3756&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1682403661456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Apr 2023 06:21:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?anId=10173&asId=72b1961a-09cb-4f37-b257-96a1f17d0646&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A2%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%2C%7Bt%3A-2%2Ctp%3AadVideoFirstQuartile%2Csl%3An%2Cad_duration%3A2115098112%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 boolean| credentialless function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData function| createElement function| appendChildren function| removeChildren function| findElementBy function| getElementLabels function| getElementValues function| sortBy function| iconRenderer function| iconGenerator function| insertAfter function| getDeviceName function| callback function| reqTag function| cloneNode object| googletag object| anchorSlot object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| signal_decrypted object| __uid2SecureSignalProvider object| __uid2 object| pbjs function| setImmediate function| clearImmediate function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_Q object| sync16589_ua object| sync16589_va function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_N function| sync16589_O function| sync16589_P function| sync16589_ma function| sync16589_R function| sync16589_na function| sync16589_oa function| sync16589_pa function| sync16589_S function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_ta function| sync16589_T function| sync16589_U function| sync16589_wa function| sync16589_V function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_xa function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_Aa function| sync16589_ya function| sync16589_2 function| sync16589_za function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_6 function| sync16589_Ca function| sync16589_Da function| sync16589_Ba function| sync16589_8 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ea function| sync16589_9 function| sync16589_7 function| sync16589_Ha function| sync16589_Ia function| sync16589_Ja function| sync16589_Ka function| sync16589_$ function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa object| lotame_sync_16589 object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_135 object| Criteo object| Criteo_identitytag_135 object| google_image_requests object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

12 Cookies

Domain/Path Name / Value
.demand.supply/ Name: __cf_bm
Value: gm6ovZKUnFl7IfM5_EuZxGgei.yqkHbCbWsF0YM7TYo-1682403657-0-AXgEj6t7cGkDRLcFynTrqFFN67JRyQInkJbMap0bf2pDNcLnBnp4Ai9dtIjxlNUuHODWG/oVpw6U/vpYDRv7gIg=
.5tl.co/ Name: _ga_SNYTJ8BZG2
Value: GS1.1.1682403657.1.0.1682403657.0.0.0
.5tl.co/ Name: _ga
Value: GA1.2.521576883.1682403658
.5tl.co/ Name: _gid
Value: GA1.2.87386830.1682403658
.5tl.co/ Name: _gat_gtag_UA_154204431_2
Value: 1
.criteo.com/ Name: uid
Value: 1241b63d-fc24-4beb-b77e-9bd5e220e7c4
.5tl.co/ Name: __gads
Value: ID=a5b2a8e349b76d19:T=1682403659:S=ALNI_MbM67A_2Q2pC35mHcmTJRDeC62WMA
.5tl.co/ Name: __gpi
Value: UID=00000bef94ae7e62:T=1682403659:RT=1682403659:S=ALNI_MbMzMR8xVEOFpiAN9mNQ0uCH5O4eA
.openx.net/ Name: i
Value: 46ade0fe-33d7-4417-b9d3-08426150d2a1|1682403660
.5tl.co/ Name: cto_bundle
Value: 457ebF9DMlJLbVlOTXZlOUs3TFpkTFA5WHRxbWolMkZSRndLNHZjZVFDSTBwRDZuVWZNODU1WHZubCUyQk9NbFBzUGRXUzE3Vlk2M2FPQ0NjaWhZZ1YlMkJ5Q2tvcDR4JTJCM3VPNXRyZTRXQW42ZTIlMkJNZ1FWJTJCJTJGaExSSkNSJTJCOGhGSE95U0RYc1hxd3JVV2VsOXB4Z2tXSTVkTEN4UWYxJTJCQXclM0QlM0Q
.doubleclick.net/ Name: IDE
Value: AHWqTUlYKm3y_6PD4n8h2vk2vEARBsmtK5XqKRBEZ3rI3aEXI1hJrvXMP2SFXnxqzJc
.doubleclick.net/ Name: DSID
Value: NO_DATA

1 Console Messages

Source Level URL
Text
network error URL: https://live.demand.supply/up.js
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5tl.co
ade.googlesyndication.com
adservice.google.com
adservice.google.de
bcp.crwdcntrl.net
bid.g.doubleclick.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
csi.gstatic.com
dt.adsafeprotected.com
e733c1965ba85db467a04e621416d9fd.safeframe.googlesyndication.com
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
id5-sync.com
imasdk.googleapis.com
invstatic101.creativecdn.com
ip2geo.pubfuture-ad.com
live.demand.supply
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pixel.adsafeprotected.com
platform.pubfuture.com
r1---sn-5hnekn76.c.2mdn.net
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
unified.adsafeprotected.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
dt.adsafeprotected.com
142.250.186.98
162.19.138.116
172.217.16.130
178.250.1.11
2001:4860:4802:32::36
2600:1f13:800:7780:6ced:2695:e964:6f1b
2600:9000:223f:aa00:8:48e:53c0:93a1
2600:9000:2250:8e00:a:e047:752:b361
2606:4700:10::6816:3456
2606:4700:20::681a:f7e
2606:4700:20::ac43:4615
2606:4700::6810:8516
2607:f8b0:4012:817::2003
2a00:1450:4001:806::2002
2a00:1450:4001:808::2006
2a00:1450:4001:808::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400e::6
2a02:2638:3::3
2a02:2638:3::c
2a04:4e42:600::485
34.102.146.192
34.120.107.143
34.240.116.202
34.96.70.87
34.98.64.218
35.190.39.111
52.19.186.154
52.209.248.17
64.233.167.156
65.9.66.104
66.29.137.12
0051e528f3180a6a04a0ac143ddcc66f49da7ef18b26e53bd498adb5adeaae5c
100d3684964d34dac10045435b223f316c8e42035de5c92470d14537b8258b4c
138912753d1ddbbdec5599576e7f4c08034e97020f2d1cfb366c76a614923472
151183b7c5a4eca87f4f4fd9eb9f7916df6273c076d99f7375b312eea9d21860
15e6712bec4c5346c30a338c6e89046998e0eaf53cc5a4b6e1bc922c3779b5e3
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e1a4694a21c5873f6cf51553add41b5dbbe8c3cab1bec1ed01b110870176fb1
1ea18f3bd74a6ab87a0c132e5daedffcfcf6edbca0b71cebc949cbe2829a13a2
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
231de18b8d42e355897c3c550df71a0e4c19593ba51070a130ee9f307a70c441
248605f0d852da73ae86c5166c6afa464655280a26dd334709a32516a98794f8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c470984efff845d5290f15d3a01552b4bff15c1e40a48c944233a5bc5f69539
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
3014acc16bf3744b41bb869785bf686290d9834a5e6f69d4583c4e39fca26bff
33f52aa85aa4b725f9eda78853221dc98f7232bfbab12bd66ba94f45e096da90
3532a807c3416a321a14d2e03f65872f747837a3eb23aa8571304ca6ddc1bec4
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
370922fcd6aeb4e47e75707b7cc1bda7995038aeb2ee15b303500e271ba3eb04
37e7f6626a888c507784290a2a80b6bc5d3b6a3c452c7909c93e487f63ca4266
38b6c04145f5c33841c1602a6d9279784150245bd8ae0292f519565d65bb4460
3c0860d17db8821c8945009eea691f7acb265e347982e3b40ddf7d0815001ea1
3e489dc2d66a5eb26bebc105a33cada80de03147fb2bd658df0ee128878cbf43
43429b51b53c9e8d812f93e566afbf0c5f1319860a84407949e10f771c47278f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66c84fd2e855f7f8795d82db9f5aacc7b3752200f492850aac5cda6eddad7fd1
66e67974701ac0df9075048600e3367a89eb119154485be0312d16a3dc99cb3b
69e84295bd7e0e9d61c2fac5092c97b027ab2b1fb7748298ffa914ca4661da5d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f5a74ea4fa94eaadca122239fe4031ac54bc6ccd5dc4324c2751ea86a943124
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
783617215dc450fd761967c44c30897316f0abc179dbb8c1f953ac10e18aed66
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85afe5d6b60132a4c60a797263462587cbedf641bf528a053b9a63753b7a53b8
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
87164df907b04e7cc17ecf6cc67fc70758df16f4abe9ae99fdbb24ff5d2ff3ca
884c3e2125e06b86988da48a23a7776ca215c5ec0e9245d5854df7639afb011e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9cef2b50897e94dd4efdbc63576448230d6f1dde3b41e9e70fbeffe73450df41
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a633ccaa98268cecd73a6c1623a34bbb7a9959b2239001f406ffc4db44c76af8
a6adb5ad923144451ab8e65cceb765fc2d0764a9e2e3f55c3fca508bcbcefecc
b1384d851b9d8179970b82c0644eec58294418b27c72040de54c7ba5b007023c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b67bf926bad750011a6b3c26c275bda34a002912d07b7728cd05bbc42d50ca2b
b9b19bac6849e742b83af709a6e01f635f9e532bbdc6bc266201fd3bfbf6d949
bb973e494c73a4c20a8430310fdff5a6706c980e35defc2d0fe26aec22567660
bf5368ef04c921a3d6e29cbf951483215f74625fc83c2ec93685eae29cf1558e
c317a678c440afae34736fd8d13a0a28f7f21fdfb351a94f33c7f2abb2560ed8
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c7bcbe6cf71bece30e619061ea4d9e43d23a68061fc310975d527cf270ef3efd
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c9f92c3f54bf8059312e153fad1d3d37b9ea69c2a320b729a3d4b3e9ccd9f18e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d6dfff923b46d4705d1650df7b0c64dcac37041a812baa68f563fded399a5843
d8e99d098c8ffc3b1dd929d14db27978911b160058f6faa0abdd675daec2e872
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
e2d2673008c785b764d87c803ea8a15253ae49bba2fc380f9a405541efd69af7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b62ecffe0620aed66afd79cf2ec4b40508fecf9cdebd45be307d0768387d3c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68c8c5b10569e4cfa7a8eb1f137a96a5a6b6623e02e24170d837afe8fe0842e