mywhats.net Open in urlscan Pro
138.118.166.201 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mywhats.net/
Effective URL:
https://mywhats.net/
Submission: On December 04 via api (December 4th 2023, 8:59:53 pm UTC) from US — Scanned from DE

Summary HTTP 74 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 14 domains to perform 74 HTTP transactions. The main IP is 138.118.166.201, located in Brazil and belongs to ADENTRO DATA CENTER SOLUTIONS LTDA, BR. The main domain is mywhats.net.
TLS certificate: Issued by R3 on October 18th 2023. Valid for: 3 months.

This is the only time mywhats.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	138.118.166.201 138.118.166.201	52799 (ADENTRO D...) (ADENTRO DATA CENTER SOLUTIONS LTDA)
17	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700:440... 2606:4700:4400::ac40:919c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
10	217.79.188.10 217.79.188.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	217.79.188.2 217.79.188.2	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
7	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3 5	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	217.79.188.53 217.79.188.53	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
74	21

12 138.118.166.201 (Brazil) 1 redirects

ASN52799 (ADENTRO DATA CENTER SOLUTIONS LTDA, BR)
PTR: camponovo.adentro.com.br

mywhats.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:919c (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
call.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 217.79.188.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.2 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad1.adfarm1.adition.com

ad1.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.53 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: vt.adition.com

vt.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	373 KB
13	adition.com imagesrv.adition.com — Cisco Umbrella Rank: 17335 ad1.adfarm1.adition.com — Cisco Umbrella Rank: 41384 vt.adition.com — Cisco Umbrella Rank: 86647	108 KB
12	mywhats.net 1 redirects mywhats.net	632 KB
11	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139	46 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
4	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	102 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	2 KB
3	cleverwebserver.com scripts.cleverwebserver.com — Cisco Umbrella Rank: 27971 ui.cleverwebserver.com — Cisco Umbrella Rank: 28712 call.cleverwebserver.com — Cisco Umbrella Rank: 29496	47 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	64 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	84 KB
1	gstatic.com fonts.gstatic.com	126 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	775 B
74	14

	Domain	Requested by
17	pagead2.googlesyndication.com	mywhats.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	mywhats.net	1 redirects mywhats.net
10	imagesrv.adition.com	mywhats.net imagesrv.adition.com
7	tpc.googlesyndication.com	mywhats.net googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com mywhats.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	cdn.ampproject.org	mywhats.net pagead2.googlesyndication.com cdn.ampproject.org
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	ad1.adfarm1.adition.com	mywhats.net ad1.adfarm1.adition.com
2	www.google-analytics.com	mywhats.net www.google-analytics.com
1	vt.adition.com
1	www.google.com	tpc.googlesyndication.com
1	ad.doubleclick.net	googleads.g.doubleclick.net
1	www.googletagservices.com	mywhats.net
1	region1.google-analytics.com	www.googletagmanager.com
1	call.cleverwebserver.com	mywhats.net
1	ui.cleverwebserver.com	mywhats.net
1	www.googletagmanager.com	www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	scripts.cleverwebserver.com	mywhats.net
1	fonts.googleapis.com	mywhats.net
74	22

This site contains links to these domains. Also see Links.

Domain
play.google.com

Subject Issuer	Validity	Valid
*.mywhats.net R3	`2023-10-18` - `2024-01-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cleverwebserver.com Cloudflare Inc ECC CA-3	`2023-08-06` - `2024-08-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G4	`2023-05-08` - `2024-06-08`	a year	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G4	`2023-05-08` - `2024-06-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://mywhats.net/
Frame ID: 4F322F15F3E8BC2153E18217D60F2AED
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html
Frame ID: 44495FF5955591702BE2877204B67429
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108315636534052&output=html&adk=1812271804&adf=3025194257&lmt=1631626879&plaf=1%3A1&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&fba=1&format=0x0&url=https%3A%2F%2Fmywhats.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723587371&bpp=213&bdt=280&idt=412&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4781331779913&frm=20&pv=2&ga_vid=736808670.1701723588&ga_sid=1701723588&ga_hid=742701056&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C44798934%2C31079890%2C44807764%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1104294720372796&tmod=740684665&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=427
Frame ID: 4C4F9C6457B077CE7EF754F92A83EC9A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108315636534052&output=html&h=200&slotname=4126426399&adk=2742144653&adf=1327189261&pi=t.ma~as.4126426399&w=1200&fwrn=4&lmt=1631626879&rafmt=11&format=1200x200&url=https%3A%2F%2Fmywhats.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723587584&bpp=8&bdt=494&idt=221&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4781331779913&frm=20&pv=1&ga_vid=736808670.1701723588&ga_sid=1701723588&ga_hid=742701056&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1067&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C44798934%2C31079890%2C44807764%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1104294720372796&tmod=740684665&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=225
Frame ID: F9D3B3D044AB3DED05C279A761F8F875
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: DF0912F192A26C1DD72301F941F57238
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjq2bb-ATAB&v=APEucNVb2mNOqnPVsbUhlb3BBXugqRHVN3wwWD6btqnuYf1h7Utf7vRttVYO4lMY5nvWA5Ud6SwZESnZ-pV52jmxCmg82m1vcH72_dUjH5MeWsOoOGmweGa6V1F3qQKRdhy_rHHi3GgQ1EBvhDZohrEmjt6KmgrTCehMs4XXa2YybenIweY4I58
Frame ID: 5B5DAEA8AD8FD97E88DE845C1BF7D9A0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 350C4971392CAD6E4DCE27879D1AF564
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: FC6C58DE615DFC66B6CB6987A91A900D
Requests: 3 HTTP requests in this frame

Frame: https://imagesrv.adition.com/banners/3618/18772662/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYHgmwz1uZbnGM4eNwuIP%2DICo0AvBodaedIquitutEoyLhZ4LEAEgvYePDGCVgoCAlAegAfSLkqAByAEJqQJT6a7EdyWyPqgDAcgDmwSqBP0BT9DorcpCDJEBHHy6PVJ9deM34DNiTRUBZ2RN6fj5jwSa6h6LmMb97g55UHU%2DUj5suom1DNwXESQ34KuhdwWjUhikzpJDd1AFrONplXNamW4bmGruKq1E3ANlOylKuh1xkYkiAdwstQ0M7CrCUrv2ybHyQbUHCaVvvo8uUfh5tjDBs2B45QvO0fXYSBBLBwpocDB5IjH64jSB7qFY5yVFSoXfpfFBKemTe8%5F%2D6ngDbY9uYfQ7Vh6y5wb8gEwvrieTz6LqodC6%2DzqVlxj%2DamAtOD1p35conEhzbA0bcDR7mUply%5FkYtBdoyo4uCaAfS8Sw9T95v07LIrgdrWgAh8AE2L7dp90E4AQDiAWJueG1TZAGAaAGTYAH9PPt3wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj1lNav1vaCA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBPl68oV0BMA2BMK2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaN2D%5F%5F1phkoE9M08k5VXIW%2DkYt79Bv3fgNAp6YJ%5FeNFzOUCA2GEnD8pQNzd8BCmq47r6db9R%2DRLLoMUCx7J2ni%5FLYTOkvjZecgqboYAQ%26sig%3DAOD64%5F2C%5F%2DITTSFkwMUiw7078jH21t87HA%26client%3Dca%2Dpub%2D2108315636534052%26dbm%5Fc%3DAKAmf%2DAU7%5Fh7Io4ko44I3cYrJTSIr0DvgD%5Fg55SoTFdnmkikkNrW%5FwB5D1j9cWmYs%5F40m6IXTSUhCAEFF0e0yiltwDsLrzJkgTPAPXrQ7IP2oqq1uhTkqS2NZGDLeRwg%2DH%5FIyADNKrqV9GC4RCLwqzSBt7ShwuRLBMVDmCNuU55vr7xVtK1f01M%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBVpZoZd%2DP6g2DeEElFBRXSnH%5FpCsON4AU%5F%5FnR2V4gCeSpVq9Sxk8vqvjlj%5FBg9tqyXkDoflJ6emCL2oToKKprPMVB00VusVvYMlR%2DJhgohDxaKU1EzpPwGCvYIgtaPGnDM5V2JL3SHWoQSbMbt4CLotXyBO7CSeyfsDRHTBYLuPVANa%2Dp0A5%5FEycAhm2w6VgaMPZ7lS%5Fawqq6Y8bbgS1DRdIdHR64e3VeEkSkK1%2DejHJMNP6QeTdKT4EcyE%5FQ6hvdgj5X%5Fw%5F%2DPK9QzW3z%2DS00f6jsS%5FgGf1HcT%5FGtqSTTI2vId1f04on%5FGHfeLXk6RLQYpqt651299s%2DltnPiTlZ%2DHmlsWLyY0tZP7mpRE5XSLnxIXHDhmBJQEaYMJX4ieXxvb7KKCnIooF36TONLj3D6%2DzIFpjwQTb0AZWzT36GE91nRWY%2DhUeorclhHEebHMG8mPfjLnb8HTGMFdttjREfsl78f9Ri13bQkOz%2DV7rGy2VWlto0Dy7TGqdDeMQLBfsAgODglRBydF6FqnqN5yGlUOWUTQBERCXIpIvhMe6sxwHO5pKTQ%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7308847157328284427%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7308847157328546827%2526sid%253D4745915%2526kid%253D6200163%2526bid%253D18772662%2526c%253D43414%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Frame ID: 289979AA840A1EB6620628D13C4B28FC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F744D4EE2DF6F83AB6256EF06734E124
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F153950C2DD20D15B98207B6C1685DC4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Como criar um link para whatsapp - Whastapp link creator

Page URL History Show full URLs

http://mywhats.net/ HTTP 301
https://mywhats.net/ Page URL

Detected technologies

Materialize CSS (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

materialize(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

74
Requests

95 %
HTTPS

60 %
IPv6

14
Domains

22
Subdomains

21
IPs

3
Countries

1606 kB
Transfer

3783 kB
Size

17
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=net.mywhats.criadordelinks
Title: phone_androidBaixe Nosso App

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mywhats.net/ HTTP 301
https://mywhats.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOI3R6zB8D9IBzFWs8yY4ZA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOI3R6zB8D9IBzFWs8yY4ZA&google_cver=1&C=1

Request Chain 39

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW49xMASJMIN-dYflB9X2gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOI3R6zB8D9IBzFWs8yY4ZA&google_cver=1

Request Chain 40

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEr3KMQNgTvOi85FHMzWRRw&google_cver=1

Request Chain 41

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0NDk1MTQ4NDM5NzkxNjcyOQ%3D%3D

74 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mywhats.net/
Redirect Chain

http://mywhats.net/
https://mywhats.net/

31 KB
7 KB

772ms
238ms

Document
text/html

138.118.166.201
ADENTRO DATA CENT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mywhats.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 138.118.166.201 , Brazil, ASN52799 (ADENTRO DATA CENTER SOLUTIONS LTDA, BR),
Reverse DNS: camponovo.adentro.com.br
Software: LiteSpeed /
Resource Hash: f57a95a16180ff1142d489bd173f19bbf863ab03f647010d158bd88b323cdecb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 6789
content-type: text/html
date: Mon, 04 Dec 2023 20:59:46 GMT
last-modified: Tue, 14 Sep 2021 13:41:19 GMT
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-type: text/html
date: Mon, 04 Dec 2023 20:59:46 GMT
location: https://mywhats.net/
server: LiteSpeed

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 210ms
123ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: mywhats.net
URL: https://mywhats.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e368978abf01ecccadb64e7cad112d4e152a6ff7ff4f7028e7aacb2a432f30d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51780
x-xss-protection: 0
server: cafe
etag: 12014625789450907387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:59:47 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 134ms
47ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: mywhats.net
URL: https://mywhats.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Dec 2023 20:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 20:59:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Dec 2023 20:59:47 GMT

GET
H2 200 materialize.css
mywhats.net/css/ 178 KB
26 KB 238ms
237ms Stylesheet
text/css 138.118.166.201
ADENTRO DATA CENT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mywhats.net/css/materialize.css
Requested by: Host: mywhats.net
URL: https://mywhats.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 138.118.166.201 , Brazil, ASN52799 (ADENTRO DATA CENTER SOLUTIONS LTDA, BR),
Reverse DNS: camponovo.adentro.com.br
Software: LiteSpeed /
Resource Hash: c6819a6659ec256385539385d8195edddc92933a1e5cb4885fb10674e98d2d52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:47 GMT
content-encoding: br
last-modified: Mon, 05 Mar 2018 21:39:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 26203
expires: Mon, 11 Dec 2023 20:59:47 GMT

GET
H2 200 style.css
mywhats.net/css/ 279 B
205 B 475ms
474ms Stylesheet
text/css 138.118.166.201
ADENTRO DATA CENT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mywhats.net/css/style.css
Requested by: Host: mywhats.net
URL: https://mywhats.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 138.118.166.201 , Brazil, ASN52799 (ADENTRO DATA CENTER SOLUTIONS LTDA, BR),
Reverse DNS: camponovo.adentro.com.br
Software: LiteSpeed /
Resource Hash: d8a90316d369864045ef1b7032e53918d21971267fdfdf8cebf45b4caddd0315

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:47 GMT
content-encoding: br
last-modified: Fri, 09 Mar 2018 21:28:50 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 149
expires: Mon, 11 Dec 2023 20:59:47 GMT

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 192ms
73ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: mywhats.net
URL: https://mywhats.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d686f2ab1157df64803644aceb025dda3e21438ee6167951feb732b82c163c5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 20:59:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73067
x-xss-protection: 0
server: sffe
etag: "1283125788d1ffce"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 04 Dec 2023 20:59:47 GMT

GET
H2 200 logo.png
mywhats.net/img/ 107 KB
107 KB 475ms
475ms Image
image/png 138.118.166.201
ADENTRO DATA CENT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mywhats.net/img/logo.png
Requested by: Host: mywhats.net
URL: https://mywhats.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 138.118.166.201 , Brazil, ASN52799 (ADENTRO DATA CENTER SOLUTIONS LTDA, BR),
Reverse DNS: camponovo.adentro.com.br
Software: LiteSpeed /
Resource Hash: 667df2c77484aaf87892961f827380961d1acbb055ab14dfa56c8d2bdc037856

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:47 GMT
last-modified: Mon, 05 Mar 2018 21:39:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 109526
expires: Mon, 11 Dec 2023 20:59:47 GMT

GET
H2 200 404.png
mywhats.net/img/ 19 KB
19 KB 476ms
475ms Image
image/png 138.118.166.201
ADENTRO DATA CENT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mywhats.net/img/404.png
Requested by: Host: mywhats.net
URL: https://mywhats.net/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 138.118.166.201 , Brazil, ASN52799 (ADENTRO DATA CENTER SOLUTIONS LTDA, BR),
Reverse DNS: camponovo.adentro.com.br
Software: LiteSpeed /
Resource Hash: 5e4da7ed58924514dace248aa7251e502c9c6a4b6e8754a65a0a0545e4179914

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:47 GMT
last-modified: Fri, 09 Mar 2018 21:46:54 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 19759
expires: Mon, 11 Dec 2023 20:59:47 GMT

GET
H3 200 app.jpeg
mywhats.net/img/ 122 KB
122 KB 239ms
238ms Image
image/jpeg 138.118.166.201
ADENTRO DATA CENT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mywhats.net/img/app.jpeg
Requested by: Host: mywhats.net
URL: https://mywhats.net/
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 138.118.166.201 , Brazil, ASN52799 (ADENTRO DATA CENTER SOLUTIONS LTDA, BR),
Reverse DNS: camponovo.adentro.com.br
Software: LiteSpeed /
Resource Hash: 0582a7dfb16fd8a8b62be5dbdb00a33387975cfe553c7b2d8012e4fb190c5574

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:47 GMT
last-modified: Fri, 16 Mar 2018 02:48:16 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 124711
expires: Mon, 11 Dec 2023 20:59:47 GMT

GET
H3 200 jquery-3.3.1.js Show response
mywhats.net/js/ 265 KB
76 KB 241ms
240ms Script
application/javascript 138.118.166.201
ADENTRO DATA CENT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mywhats.net/js/jquery-3.3.1.js
Requested by: Host: mywhats.net
URL: https://mywhats.net/
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 138.118.166.201 , Brazil, ASN52799 (ADENTRO DATA CENTER SOLUTIONS LTDA, BR),
Reverse DNS: camponovo.adentro.com.br
Software: LiteSpeed /
Resource Hash: d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:47 GMT
content-encoding: br
last-modified: Mon, 05 Mar 2018 21:39:22 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 77960
expires: Mon, 11 Dec 2023 20:59:47 GMT

GET
H3 200 materialize.js Show response
mywhats.net/js/ 359 KB
82 KB 810ms
809ms Script
application/javascript 138.118.166.201
ADENTRO DATA CENT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mywhats.net/js/materialize.js
Requested by: Host: mywhats.net
URL: https://mywhats.net/
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 138.118.166.201 , Brazil, ASN52799 (ADENTRO DATA CENTER SOLUTIONS LTDA, BR),
Reverse DNS: camponovo.adentro.com.br
Software: LiteSpeed /
Resource Hash: 0b17f6a2c4a355d8085035ddf0247bd0b8cc9d00f44c0f74f102f5bf4d04b4c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:47 GMT
content-encoding: br
last-modified: Mon, 05 Mar 2018 21:39:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 83528
expires: Mon, 11 Dec 2023 20:59:47 GMT

GET
H3 200 custon.js Show response
mywhats.net/js/ 9 KB
2 KB 924ms
923ms Script
application/javascript 138.118.166.201
ADENTRO DATA CENT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mywhats.net/js/custon.js
Requested by: Host: mywhats.net
URL: https://mywhats.net/
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 138.118.166.201 , Brazil, ASN52799 (ADENTRO DATA CENTER SOLUTIONS LTDA, BR),
Reverse DNS: camponovo.adentro.com.br
Software: LiteSpeed /
Resource Hash: e445ed8c048ec80e2f3980bd34e9c86e778fe931285d406ef79fb1e9ca0772ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:47 GMT
content-encoding: br
last-modified: Tue, 18 Sep 2018 04:32:32 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2273
expires: Mon, 11 Dec 2023 20:59:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 132ms
39ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: mywhats.net
URL: https://mywhats.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 20:11:27 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2900
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 04 Dec 2023 22:11:27 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 398 KB
135 KB 109ms
108ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2108315636534052&plah=mywhats.net&bust=31079890

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b4efb158b059cfc1a03f7e0df7ad255427cb707414e0cce6c41800b0ef376e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137564
x-xss-protection: 0
server: cafe
etag: 11273896458602240531
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:59:47 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/ Frame 4449 9 KB
4 KB 125ms
39ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mywhats.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68013
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 02:06:14 GMT
etag: 12051592065903069241
expires: Mon, 18 Dec 2023 02:06:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 62fb6667581667bbcdc2d611c7702275.js Show response
scripts.cleverwebserver.com/ 126 KB
46 KB 234ms
140ms Script
application/javascript 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/62fb6667581667bbcdc2d611c7702275.js
Requested by: Host: mywhats.net
URL: https://mywhats.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad283e318f924449151e637dbab2041f75dde73f90f05d9453c918383c5f94db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:47 GMT
x-amz-version-id: DScrnCCcgtSJxwGDi.Fi28eQltwdjJfk
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 09 Nov 2023 11:39:48 GMT
server: cloudflare
x-amz-request-id: 332V0GM0DW3YECGZ
etag: W/"fece778a69d3545f9a012fe3f30c0a3d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 8306f9a7181618d1-FRA
x-amz-id-2: 2A0XAi8l1YNnj4gkY4Fdi3BS3S/sqDUBAQtHiYJpGcREiyIqZ+QoOK3gjMOR5jCem6hxEPpJZCI=
expires: Mon, 04 Dec 2023 21:29:47 GMT

GET
H3 200 bg.jpg
mywhats.net/img/ 126 KB
126 KB 586ms
586ms Image
image/jpeg 138.118.166.201
ADENTRO DATA CENT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mywhats.net/img/bg.jpg
Requested by: Host: mywhats.net
URL: https://mywhats.net/css/style.css
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 138.118.166.201 , Brazil, ASN52799 (ADENTRO DATA CENTER SOLUTIONS LTDA, BR),
Reverse DNS: camponovo.adentro.com.br
Software: LiteSpeed /
Resource Hash: 8a3175e185b0c778f6000dd846789b43d26ea77cf89f8948facf68db2f3c0576

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:47 GMT
last-modified: Mon, 05 Mar 2018 21:39:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 129188
expires: Mon, 11 Dec 2023 20:59:47 GMT

GET
H3 200 Roboto-Regular.woff2
mywhats.net/fonts/roboto/ 63 KB
64 KB 305ms
305ms Font
font/woff2 138.118.166.201
ADENTRO DATA CENT...

General

Check archive.org

Show headers Download Go to

Full URL: https://mywhats.net/fonts/roboto/Roboto-Regular.woff2
Requested by: Host: mywhats.net
URL: https://mywhats.net/css/materialize.css
Protocol: H3
Security: QUIC, , CHACHA20_POLY1305
Server: 138.118.166.201 , Brazil, ASN52799 (ADENTRO DATA CENTER SOLUTIONS LTDA, BR),
Reverse DNS: camponovo.adentro.com.br
Software: LiteSpeed /
Resource Hash: 02a7cd67c545041654af047f04ce327f2df086386eab421adc16269010c50365

Request headers

Referer: https://mywhats.net/css/materialize.css
Origin: https://mywhats.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:47 GMT
last-modified: Mon, 05 Mar 2018 21:39:28 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 64832
expires: Mon, 11 Dec 2023 20:59:47 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 125ms
40ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mywhats.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:08:20 GMT
x-content-type-options: nosniff
age: 262287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 20:08:20 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
218 B 47ms
46ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=742701056&t=pageview&_s=1&dl=https%3A%2F%2Fmywhats.net%2F&ul=en-us&de=UTF-8&dt=Como%20criar%20um%20link%20para%20whatsapp%20-%20Whastapp%20link%20creator&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=288859758&gjid=1568404671&cid=736808670.1701723588&tid=UA-113158773-1&_gid=129327494.1701723588&_r=1&_slc=1&z=154639223

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2700b1b68a2c98b532f3ba97b034c3f57ad45d6726723eadda56dc2886171c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mywhats.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:59:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mywhats.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
84 KB 144ms
58ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-62M42V12V7&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c42146f6110c620d5f727d57a0c3fe4209552e8c2e97130ca1481da45844fba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85612
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Dec 2023 20:59:47 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4C4F 41 KB
16 KB 263ms
263ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108315636534052&output=html&adk=1812271804&adf=3025194257&lmt=1631626879&plaf=1%3A1&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&fba=1&format=0x0&url=https%3A%2F%2Fmywhats.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723587371&bpp=213&bdt=280&idt=412&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4781331779913&frm=20&pv=2&ga_vid=736808670.1701723588&ga_sid=1701723588&ga_hid=742701056&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C44798934%2C31079890%2C44807764%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1104294720372796&tmod=740684665&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=427

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2108315636534052&plah=mywhats.net&bust=31079890

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55866ae5d782017ca32e292cbbbce38b235b3a4c9c9aad52c6e6b6f8343837cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mywhats.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 15695
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:59:48 GMT
expires: Mon, 04 Dec 2023 20:59:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=col%20s12%20&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: mywhats.net
URL: https://mywhats.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:59:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F9D3 717 B
525 B 295ms
294ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2108315636534052&output=html&h=200&slotname=4126426399&adk=2742144653&adf=1327189261&pi=t.ma~as.4126426399&w=1200&fwrn=4&lmt=1631626879&rafmt=11&format=1200x200&url=https%3A%2F%2Fmywhats.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701723587584&bpp=8&bdt=494&idt=221&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4781331779913&frm=20&pv=1&ga_vid=736808670.1701723588&ga_sid=1701723588&ga_hid=742701056&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1067&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C44798934%2C31079890%2C44807764%2C44808149%2C44808284%2C44809072&oid=2&pvsid=1104294720372796&tmod=740684665&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=225

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60c3b52cd0ccdd06ed3150c732c0cca8782ac1cd45d61d9865122d0dd64ecec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mywhats.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 353
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:59:48 GMT
expires: Mon, 04 Dec 2023 20:59:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
ui.cleverwebserver.com/ 160 B
384 B 94ms
75ms Script
application/javascript 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: mywhats.net
URL: https://mywhats.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74b2253c348a5413c6295de918041c25c75f2a87e343120401ccd6b64da8fc99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 8306f9a8295d18d1-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/ 23 KB
8 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/amp4ads-host-v0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92e6ab2a99e89df3164afe1c21a9dc8473677f2a8e91c4866c19789a545502b7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 20:59:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7803
x-xss-protection: 0
server: sffe
etag: "2c1792baf5a95531"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 04 Dec 2023 20:59:47 GMT

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012311171837000/v0/ 8 KB
3 KB 119ms
39ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012311171837000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9490f2bb8d22cf23953bd1cc028e6405f228e7918b18aa914fa8f56ba9db0087

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mywhats.net/
Origin: https://mywhats.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 Nov 2023 20:23:44 GMT
age: 520563
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2981
x-xss-protection: 0
server: sffe
etag: "c752a0bdfe6b8e6b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 27 Nov 2024 20:23:44 GMT

GET
H2 200 /
call.cleverwebserver.com/ 43 B
105 B 85ms
65ms Image
image/gif 2606:4700:4400::ac40:919c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://call.cleverwebserver.com/?id=53094&c=DE&r=null&l=95&b=Chrome&os=Win10&mob=0&v=1.55.2&ref=aHR0cHM6Ly9teXdoYXRzLm5ldC8%3D&ruri=&iv=-1&ctr=DE&sz=1200
Requested by: Host: mywhats.net
URL: https://mywhats.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:919c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8306f9a8ca1518d1-FRA
content-length: 43
content-type: image/gif

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 132ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-62M42V12V7&gtm=45je3bt0v9123266415&_p=1701723587777&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=736808670.1701723588&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fmywhats.net%2F&dt=Como%20criar%20um%20link%20para%20whatsapp%20-%20Whastapp%20link%20creator&sid=1701723588&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3565
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-62M42V12V7&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:59:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mywhats.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 160 KB
55 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/reactive_library_fy2021.js?bust=31079890

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d794dc24f1f66108b095b4c4a07343f88a2c5c6d82943cbd828562e9809cad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55948
x-xss-protection: 0
server: cafe
etag: 9973236214391135793
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:59:48 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/ Frame DF09 9 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mywhats.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 02:32:32 GMT
etag: 12051592065903069241
expires: Mon, 18 Dec 2023 02:32:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5B5D 624 B
246 B 79ms
79ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjq2bb-ATAB&v=APEucNVb2mNOqnPVsbUhlb3BBXugqRHVN3wwWD6btqnuYf1h7Utf7vRttVYO4lMY5nvWA5Ud6SwZESnZ-pV52jmxCmg82m1vcH72_dUjH5MeWsOoOGmweGa6V1F3qQKRdhy_rHHi3GgQ1EBvhDZohrEmjt6KmgrTCehMs4XXa2YybenIweY4I58

Requested by

Host: mywhats.net
URL: https://mywhats.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:59:48 GMT
expires: Mon, 04 Dec 2023 20:59:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 350C 89 KB
31 KB 149ms
148ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: mywhats.net
URL: https://mywhats.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:59:48 GMT

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 350C 32 KB
8 KB 142ms
45ms Script
application/javascript 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: mywhats.net
URL: https://mywhats.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 6356dca74d480f9fe67e7a08ad460f342880cfb3004f3ef6d8df6db39edae277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:48 GMT
content-encoding: br
last-modified: Wed, 22 Nov 2023 10:00:03 GMT
etag: "3305548861-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8362

GET
H2 200 js Show response
ad1.adfarm1.adition.com/ Frame 350C 3 KB
2 KB 151ms
44ms Script
application/x-javascript 217.79.188.2
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad1.adfarm1.adition.com/js?wp_id=4745915&gdpr=&gdpr_consent=&kid=6200163&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCYHgmwz1uZbnGM4eNwuIP-ICo0AvBodaedIquitutEoyLhZ4LEAEgvYePDGCVgoCAlAegAfSLkqAByAEJqQJT6a7EdyWyPqgDAcgDmwSqBP0BT9DorcpCDJEBHHy6PVJ9deM34DNiTRUBZ2RN6fj5jwSa6h6LmMb97g55UHU-Uj5suom1DNwXESQ34KuhdwWjUhikzpJDd1AFrONplXNamW4bmGruKq1E3ANlOylKuh1xkYkiAdwstQ0M7CrCUrv2ybHyQbUHCaVvvo8uUfh5tjDBs2B45QvO0fXYSBBLBwpocDB5IjH64jSB7qFY5yVFSoXfpfFBKemTe8_-6ngDbY9uYfQ7Vh6y5wb8gEwvrieTz6LqodC6-zqVlxj-amAtOD1p35conEhzbA0bcDR7mUply_kYtBdoyo4uCaAfS8Sw9T95v07LIrgdrWgAh8AE2L7dp90E4AQDiAWJueG1TZAGAaAGTYAH9PPt3wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj1lNav1vaCA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBPl68oV0BMA2BMK2BQB0BUB-BYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaN2D__1phkoE9M08k5VXIW-kYt79Bv3fgNAp6YJ_eNFzOUCA2GEnD8pQNzd8BCmq47r6db9R-RLLoMUCx7J2ni_LYTOkvjZecgqboYAQ%26sig%3DAOD64_2C_-ITTSFkwMUiw7078jH21t87HA%26client%3Dca-pub-2108315636534052%26dbm_c%3DAKAmf-AU7_h7Io4ko44I3cYrJTSIr0DvgD_g55SoTFdnmkikkNrW_wB5D1j9cWmYs_40m6IXTSUhCAEFF0e0yiltwDsLrzJkgTPAPXrQ7IP2oqq1uhTkqS2NZGDLeRwg-H_IyADNKrqV9GC4RCLwqzSBt7ShwuRLBMVDmCNuU55vr7xVtK1f01M%26cry%3D1%26dbm_d%3DAKAmf-BVpZoZd-P6g2DeEElFBRXSnH_pCsON4AU__nR2V4gCeSpVq9Sxk8vqvjlj_Bg9tqyXkDoflJ6emCL2oToKKprPMVB00VusVvYMlR-JhgohDxaKU1EzpPwGCvYIgtaPGnDM5V2JL3SHWoQSbMbt4CLotXyBO7CSeyfsDRHTBYLuPVANa-p0A5_EycAhm2w6VgaMPZ7lS_awqq6Y8bbgS1DRdIdHR64e3VeEkSkK1-ejHJMNP6QeTdKT4EcyE_Q6hvdgj5X_w_-PK9QzW3z-S00f6jsS_gGf1HcT_GtqSTTI2vId1f04on_GHfeLXk6RLQYpqt651299s-ltnPiTlZ-HmlsWLyY0tZP7mpRE5XSLnxIXHDhmBJQEaYMJX4ieXxvb7KKCnIooF36TONLj3D6-zIFpjwQTb0AZWzT36GE91nRWY-hUeorclhHEebHMG8mPfjLnb8HTGMFdttjREfsl78f9Ri13bQkOz-V7rGy2VWlto0Dy7TGqdDeMQLBfsAgODglRBydF6FqnqN5yGlUOWUTQBERCXIpIvhMe6sxwHO5pKTQ%26adurl%3D
Requested by: Host: mywhats.net
URL: https://mywhats.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.2 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad1.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 9cbf0c1c29d7d53fe4f0e81e312ca1d03838d718bb066e968900c909330e3cf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Mon, 04 Dec 2023 21:59:48 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 350C 3 KB
1 KB 131ms
44ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js

Requested by

Host: mywhats.net
URL: https://mywhats.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 21:56:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83003
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 21:56:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 350C 20 KB
9 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: mywhats.net
URL: https://mywhats.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:01:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7092
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 755982428571291914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:01:36 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 350C 202 KB
64 KB 181ms
95ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: mywhats.net
URL: https://mywhats.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 20:59:48 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 350C 42 B
63 B 72ms
72ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BExvFqeG0rUrmlKf19z0vy3sK-MU2UxogE3igIpRMANYM4yQSwzYcdotu0r0kp46yXZZa-IxPmdBzA1Cj6b65ofobq4vV1C3-FxytxLUuuQ6zxEqw

Requested by

Host: mywhats.net
URL: https://mywhats.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:59:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5B5D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOI3R6zB8D9IBzFWs8yY4ZA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOI3R6zB8D9IBzFWs8yY4ZA&google_cver=1&C=1

43 B
774 B

83ms
82ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOI3R6zB8D9IBzFWs8yY4ZA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjq2bb-ATAB&v=APEucNVb2mNOqnPVsbUhlb3BBXugqRHVN3wwWD6btqnuYf1h7Utf7vRttVYO4lMY5nvWA5Ud6SwZESnZ-pV52jmxCmg82m1vcH72_dUjH5MeWsOoOGmweGa6V1F3qQKRdhy_rHHi3GgQ1EBvhDZohrEmjt6KmgrTCehMs4XXa2YybenIweY4I58
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:59:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3f9YOSk1zQbgj66Ai5ph%2FeeqhlHFN%2FT5JWUwc6jMbFqKXOF%2Fp%2BBI47VT9jcyJ5WfTltz7KMn0T%2B8K0G87MoT4QKesC5QtCkkJeErC%2FqexsvLZPJ%2FELmg9oi7w3O8yPKz3NS9dulOaJZ3Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8306f9acab4c2685-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:59:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUwEi6whHBfr9WM7lBo28FIPxmULHwCNuERu5Xp%2ByfYt23IybfSCCmAzjFj3E8SA9QyURHxjH9g3iSdA4CID6vYSLGWP8ddf5Ua%2FrU6GeqwZtfz%2Fkg5udbhxELBQ%2BNN46rolmywq73cohA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEOI3R6zB8D9IBzFWs8yY4ZA&google_cver=1&C=1
cache-control: no-cache
cf-ray: 8306f9ac4b56aca9-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 5B5D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW49xMASJMIN-dYflB9X2gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOI3R6zB8D9IBzFWs8yY4ZA&google_cver=1

43 B
727 B

67ms
67ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOI3R6zB8D9IBzFWs8yY4ZA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjq2bb-ATAB&v=APEucNVb2mNOqnPVsbUhlb3BBXugqRHVN3wwWD6btqnuYf1h7Utf7vRttVYO4lMY5nvWA5Ud6SwZESnZ-pV52jmxCmg82m1vcH72_dUjH5MeWsOoOGmweGa6V1F3qQKRdhy_rHHi3GgQ1EBvhDZohrEmjt6KmgrTCehMs4XXa2YybenIweY4I58
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:59:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMfs66XLim2wZaa25LRF99r14Kzzs97lAQVUQcV1Y4E1p9uzXyD3szuGHDjB6YPa7dpmPF71QrWodejdrGwCjOnsqUtLOcHaMAlhm1dCFJHrhAKBpl8GgA6u1QVsZrOHva255%2FsD3bRRDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8306f9ad4c802685-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:59:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOI3R6zB8D9IBzFWs8yY4ZA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 5B5D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEr3KMQNgTvOi85FHMzWRRw&google_cver=1

43 B
839 B

57ms
56ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEr3KMQNgTvOi85FHMzWRRw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjq2bb-ATAB&v=APEucNVb2mNOqnPVsbUhlb3BBXugqRHVN3wwWD6btqnuYf1h7Utf7vRttVYO4lMY5nvWA5Ud6SwZESnZ-pV52jmxCmg82m1vcH72_dUjH5MeWsOoOGmweGa6V1F3qQKRdhy_rHHi3GgQ1EBvhDZohrEmjt6KmgrTCehMs4XXa2YybenIweY4I58

Protocol

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:59:48 GMT
an-x-request-uuid: 860b8639-8d7c-4ce6-a07e-f46222ef85e3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.109; 80.255.7.109; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:59:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEr3KMQNgTvOi85FHMzWRRw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5B5D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0NDk1MTQ4NDM5NzkxNjcyOQ%3D%3D

170 B
243 B

50ms
49ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0NDk1MTQ4NDM5NzkxNjcyOQ%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:59:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:59:48 GMT
an-x-request-uuid: bc103b43-b3e6-4c14-986b-034314a9c70b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk0NDk1MTQ4NDM5NzkxNjcyOQ%3D%3D
x-proxy-origin: 80.255.7.109; 80.255.7.109; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 350C 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=864859243071&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:59:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 350C 0
20 B 72ms
72ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=864859243071&version=m202309260101&ct=77&x=1&cor=1352976385361616100

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:59:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 350C 34 KB
20 KB 100ms
100ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ai-adK2V3-CUmKEfC7Ei09ofiQpgL1otr5wzWZowbcCcoH3iIYoc1LA5hZN--N7UVzJdCxVZrGBDGBpijhCGwR3-E79AIujphPOHzM5SP9cGR4iM76IOdseEVW64yE8pst7YH9OxugFOmiVlxaNi1bIzcL8NQfInBClV5WRYDdEOlV1DE&cry=1&dbm_d=AKAmf-CJy8mev63t4NTjDKeEhIYqMBmB06LWUiXHbFuFuTmDbGMH6Yq7WXIN5fAU8uHlrGB2QMNzTBxXWwbh717V7lN4EUJPd7FnX7GDFiV4J61CPgY5EPy0O24VwIh6hpLbBUAhv1QTyP1L5HFM24ym8KboJDm_lIKUGjeD_vbnHSFYfQmsAku1qXXWqAKdjtUyKfoHRdtaN5FeLN-lMdMwZFGUKIHnN5j6Po6hI3MJGFS9J-tqwGzzQ85aJSpLEgJX3Jie7KCVgTcytGHUSoNMC_iWRWVcY-zYT7BjY-bRjOkPobPsn_WZiVkG9Aztbj2iLjrTjh9wAtubBaJQX3o57C9OUPd2aghPST5TePPBV8BqIdE34RIvxsA-77XnsPkGW_eV8uGrJOj93qms7CqpSzxD81HieuOmP2b7aFzmcdTX0b-Avd7EqJm5NIvlOGer3yA73QgLuj9jjuGyi7g0EE05yemN_DfXwpv9-cn2h7yZUERpb3eRWvnE3fDCrFThO_lFf-pgAMdKzpFLTwH7ZjcuHyutZezFXyw_pG624VDKbysqT_-KmSZPCZPfEa0SpZS8xZfgvkVDk38h76FiRIb_-W4qvTGzBMQA9HYpuBNz7dG_Y2a4amc-DT4dz0rQ2gvfIKZlN1mb51CgWy2neut5wCveaENNQz2YtqI1w12GwLfRVBFORs6vYrxIscgcGMFiUc6ysLCcLNG-x0a5Ky0KaaEXS1uG54TZJB-kM0Y_B3hkkAXZDCw5-8eEiL36SfJgIxjE-gKW3A3-XSCtP0Jcoy2McIXwb6lNuFwzG2IvdmGaZFdBGc9PR0JhC8G-AG0wbNvLFM2Nq4zbDsYRDanWb3t9rICOuRAOWF-4-PamdtK-Lteh4vbS7YPz8MMwTHTlS32FI3lvRdbLvBhCX0hG95W1lJt1tot42nwotLWDC11QOxwgTRoHPOJVF6BH47tkRMrpAPmY4OA2puqKT_VDJIfdZjFPnjHCiru3CHgFL8JxoeanyStXt_E97tsRPN9tdp9iRtZOZDfM_6sVAvKtvdGsGhd4g54DazHlMMU80Y046v2HrxjAwifWQ74V7A9itKQ3hESQAHpnJzbJz2MB4fFFKgDYk1qxNVFdosu2SGFE7Yb-ktUK7Hn7H4jvkxsGvPMVvSnkHCYyk8s8axiOazxfGW9YvPv30rdufTiiwahgw0MqjMUzU1LUjuQ5aSWBuGz5GAG9NkOmqUoRQ80vZs0W1l3YHQAQ6wvZizqCKYxWs78yA9LCKIdvW0stH4QCSSwgrOHuNGBw3O8wlFQFRrCeaOTWa3m4b8gM_E0fAg1M7E83KX-jPQrM33qsjulwgppBSMXVzRdSWr8X83VOANFsbLphUiXTBkAZuZZ9ZY0_TR3irVvZdYwwHtLuxGJWny_yUeR2VKJljF34VsAMIYaMGJq_tNRVy3KEqNe7n0ONnNnWLRBHa0WqsLwHK-tbaCtuy-ztw00xBOczS-0zs6CVctjp9d0LoFDODSFR5_b_l1VP54Zn8dVb7eDPV_ehqPyVi4X6l2LxhABzn7WwZ137xxiVOKOelEsvx4wnDmqc8b6npFJq_vUQrj-MxyLVTc-rjW3Ydcj1Ri_1hxYB8Lr12h3WB0ZlXWeHIVHg3z4tckIz0YvlECwS_vYw-EUeeeftnytDb1MQE1RGhjkT3xOh6xbs3ERC1P9VkxA-lAM-DKOlbJt4GPMJ9EI_4sX8VaAmkkQf4yhs99E-w2cn_Y5w56hWqAmOScDzZDWc-EHCWqSkFYoUwhi5f-5Yqbw-1lXnnEsXwtkvZZOsgY_wjnerP-_cDiE0XS1DDtsK1g4N-Pkv-EmAY7ig1tzmIkoIuEtMW_uysPL1er5J-95GFmyefy6uxg7qG5vee35fwKRmno6hCrsVtiocmC9ymBfTJN_fTvtC5-ZENsY_MIagDis_OoTxqI62jeSEE3Vc4UVbzvCTzDzK-zkhP-Fm2mjmlg_97e2sb9pHEb3YUOEGPtZFLva6DOO5-GQ13JP0iM4ZAi5gV63eiPofzoaxqgHyQOeNKC1i7Irrry-ODcDrrrmIvsNT6wEjQngqw2uYh9m_9E7KXioTuT3WWsE6McKcSX6T0bYGem9qMhxKPba-JZgKzr8hMYflwdqqRtQeTNZRBuP_GyqhJLbha_juXiJHK6F36optmqGAizVxOHNupoe5QnNIvLNyJxvgxv1tjTzpAjtFgHo9tu0oxkRiaHcv7wk1xBsWVMozMXv7eFvOIrYbGn1KnN5HgbWdN0mkWI0lPKo4p9vu3h_ImJAdv3Yx0ZqV5YnffKCC2zMYCwHOdyzzzPKoeVQ_ANQ42uKQdA36FpdBnFptDrZPi_ZfQLjDZ_dkmqsQhHaMkU8-lcUKq74S4PG91gGPLLxka6N5DpKW05lhWo_TVEcjkqLvO8be-6vNlCIWOd6IZauwfZuiineRN855TIBcDixh1NqbsWjC-hyHgS6-FRamCecl-Qe6NlldDQd3d37SpzaZ2ybqv45FtoANHJnOpafbNe74yA5BMBeddSm800reuKjMa_N-AV8bUeOvlBiSaK_r_IJ1QNLCEypPEAxLqEXk3db_tFXvIanRTevIDfk-k-bAH_c5RbBcfknPU_SQZGv6pUEum0GriyhRN_NVgXU6lAybiFaYea9DKFc5EXe14B0hBJsxFgpd5wJcPTALwWNfHixv6D5Z5W3yIZW_5TbcF6ae53l4JTFQxsjvfQtrqgt5DDjIiORTYZQ2swD6u-PQkFhkwgoLy7AGHehAk8WWKPeyQbBliIeBqwUKAe50DrhiQcgvWIKA0YCvLv9YZ1gX10ZcqycYIY46QWuC-yk63XNc-UOHO6zKsEp5Tiz-eDsHBBaFtTX-zNl0jw8aui0tBrpdWcYtxMg8_vcw-k8gFA5jzMLIE2o8ejZCTiROG4bQd1ncF5DOS34IoQXgldod11WJihdc6ZDVK4nnExbMmj9xz__MqviYWaNqR6GPghGPNcR98Zq1R9KqJZfl8lSfbTLlxzzGU7mAYovPX3aZIucyTXLJa7anRuo6mG0Zow0D25hipnf51v0IAKGSv53-PSxY7XthVuHcc0eoG_2Biu5dPxOAwPSoBo_KPBkDPotuwnhlXfWz-T4a52wmYmMSX_I6z6ckZmA9wMEwIXs-mvd0hjV5AknnN7rSFioDkDawzaHz5s00iZVZVJPrphTOJyphLQfXA4vXecOP15L2P33HmSyc3PDFwv7N-1s0mn5YWmtO7a8qDSg19_lPMlQ2cfp7DhevzUfhc1zAz06wB_ZszYwKOoSEcHXALVNU_kU7ZQTa6vtwEJHpKTTZyetE_C1w_sZQhDYPFdNrY64dTiARxqjFR_UQ_r4Kibd24OmGmuq2Piks7XsYNU3t1kFed6qs5p0FU3m_D4xTTGYaIwRIh2c_a-hcY8ZqP162nTKrTqBplS_OsuViv2yVcd4dtLykpCpB8xUQwKRwkuIzrqmKs_znu60do6-i_Pb882LqY5vu1I10LMwpRIRb174wrii9o-x7HhCWhFN_hl7aWBkwHbJPRc_4TCQthOmpdoC8elbCxrk36RV50qK11dMmYwjD8NPnSFpjLqn1hfIr8w0cyRww6P72oiIF-Y7G_coEiqvO4o-X&cid=CAQSTwDICaaN2D__1phkoE9M08k5VXIW-kYt79Bv3fgNAp6YJ_eNFzOUCA2GEnD8pQNzd8BCmq47r6db9R-RLLoMUCx7J2ni_LYTOkvjZecgqboYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fmywhats.net%2F&ds=l&xdt=1&iif=1&cor=1352976385361616100&adk=497053792&idt=156&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0113183759702a81c9a73a88fcad1181872bf743fac62847b2ad9abd63c6f8ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:59:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20050
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 350C 31 KB
12 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ai-adK2V3-CUmKEfC7Ei09ofiQpgL1otr5wzWZowbcCcoH3iIYoc1LA5hZN--N7UVzJdCxVZrGBDGBpijhCGwR3-E79AIujphPOHzM5SP9cGR4iM76IOdseEVW64yE8pst7YH9OxugFOmiVlxaNi1bIzcL8NQfInBClV5WRYDdEOlV1DE&cry=1&dbm_d=AKAmf-CJy8mev63t4NTjDKeEhIYqMBmB06LWUiXHbFuFuTmDbGMH6Yq7WXIN5fAU8uHlrGB2QMNzTBxXWwbh717V7lN4EUJPd7FnX7GDFiV4J61CPgY5EPy0O24VwIh6hpLbBUAhv1QTyP1L5HFM24ym8KboJDm_lIKUGjeD_vbnHSFYfQmsAku1qXXWqAKdjtUyKfoHRdtaN5FeLN-lMdMwZFGUKIHnN5j6Po6hI3MJGFS9J-tqwGzzQ85aJSpLEgJX3Jie7KCVgTcytGHUSoNMC_iWRWVcY-zYT7BjY-bRjOkPobPsn_WZiVkG9Aztbj2iLjrTjh9wAtubBaJQX3o57C9OUPd2aghPST5TePPBV8BqIdE34RIvxsA-77XnsPkGW_eV8uGrJOj93qms7CqpSzxD81HieuOmP2b7aFzmcdTX0b-Avd7EqJm5NIvlOGer3yA73QgLuj9jjuGyi7g0EE05yemN_DfXwpv9-cn2h7yZUERpb3eRWvnE3fDCrFThO_lFf-pgAMdKzpFLTwH7ZjcuHyutZezFXyw_pG624VDKbysqT_-KmSZPCZPfEa0SpZS8xZfgvkVDk38h76FiRIb_-W4qvTGzBMQA9HYpuBNz7dG_Y2a4amc-DT4dz0rQ2gvfIKZlN1mb51CgWy2neut5wCveaENNQz2YtqI1w12GwLfRVBFORs6vYrxIscgcGMFiUc6ysLCcLNG-x0a5Ky0KaaEXS1uG54TZJB-kM0Y_B3hkkAXZDCw5-8eEiL36SfJgIxjE-gKW3A3-XSCtP0Jcoy2McIXwb6lNuFwzG2IvdmGaZFdBGc9PR0JhC8G-AG0wbNvLFM2Nq4zbDsYRDanWb3t9rICOuRAOWF-4-PamdtK-Lteh4vbS7YPz8MMwTHTlS32FI3lvRdbLvBhCX0hG95W1lJt1tot42nwotLWDC11QOxwgTRoHPOJVF6BH47tkRMrpAPmY4OA2puqKT_VDJIfdZjFPnjHCiru3CHgFL8JxoeanyStXt_E97tsRPN9tdp9iRtZOZDfM_6sVAvKtvdGsGhd4g54DazHlMMU80Y046v2HrxjAwifWQ74V7A9itKQ3hESQAHpnJzbJz2MB4fFFKgDYk1qxNVFdosu2SGFE7Yb-ktUK7Hn7H4jvkxsGvPMVvSnkHCYyk8s8axiOazxfGW9YvPv30rdufTiiwahgw0MqjMUzU1LUjuQ5aSWBuGz5GAG9NkOmqUoRQ80vZs0W1l3YHQAQ6wvZizqCKYxWs78yA9LCKIdvW0stH4QCSSwgrOHuNGBw3O8wlFQFRrCeaOTWa3m4b8gM_E0fAg1M7E83KX-jPQrM33qsjulwgppBSMXVzRdSWr8X83VOANFsbLphUiXTBkAZuZZ9ZY0_TR3irVvZdYwwHtLuxGJWny_yUeR2VKJljF34VsAMIYaMGJq_tNRVy3KEqNe7n0ONnNnWLRBHa0WqsLwHK-tbaCtuy-ztw00xBOczS-0zs6CVctjp9d0LoFDODSFR5_b_l1VP54Zn8dVb7eDPV_ehqPyVi4X6l2LxhABzn7WwZ137xxiVOKOelEsvx4wnDmqc8b6npFJq_vUQrj-MxyLVTc-rjW3Ydcj1Ri_1hxYB8Lr12h3WB0ZlXWeHIVHg3z4tckIz0YvlECwS_vYw-EUeeeftnytDb1MQE1RGhjkT3xOh6xbs3ERC1P9VkxA-lAM-DKOlbJt4GPMJ9EI_4sX8VaAmkkQf4yhs99E-w2cn_Y5w56hWqAmOScDzZDWc-EHCWqSkFYoUwhi5f-5Yqbw-1lXnnEsXwtkvZZOsgY_wjnerP-_cDiE0XS1DDtsK1g4N-Pkv-EmAY7ig1tzmIkoIuEtMW_uysPL1er5J-95GFmyefy6uxg7qG5vee35fwKRmno6hCrsVtiocmC9ymBfTJN_fTvtC5-ZENsY_MIagDis_OoTxqI62jeSEE3Vc4UVbzvCTzDzK-zkhP-Fm2mjmlg_97e2sb9pHEb3YUOEGPtZFLva6DOO5-GQ13JP0iM4ZAi5gV63eiPofzoaxqgHyQOeNKC1i7Irrry-ODcDrrrmIvsNT6wEjQngqw2uYh9m_9E7KXioTuT3WWsE6McKcSX6T0bYGem9qMhxKPba-JZgKzr8hMYflwdqqRtQeTNZRBuP_GyqhJLbha_juXiJHK6F36optmqGAizVxOHNupoe5QnNIvLNyJxvgxv1tjTzpAjtFgHo9tu0oxkRiaHcv7wk1xBsWVMozMXv7eFvOIrYbGn1KnN5HgbWdN0mkWI0lPKo4p9vu3h_ImJAdv3Yx0ZqV5YnffKCC2zMYCwHOdyzzzPKoeVQ_ANQ42uKQdA36FpdBnFptDrZPi_ZfQLjDZ_dkmqsQhHaMkU8-lcUKq74S4PG91gGPLLxka6N5DpKW05lhWo_TVEcjkqLvO8be-6vNlCIWOd6IZauwfZuiineRN855TIBcDixh1NqbsWjC-hyHgS6-FRamCecl-Qe6NlldDQd3d37SpzaZ2ybqv45FtoANHJnOpafbNe74yA5BMBeddSm800reuKjMa_N-AV8bUeOvlBiSaK_r_IJ1QNLCEypPEAxLqEXk3db_tFXvIanRTevIDfk-k-bAH_c5RbBcfknPU_SQZGv6pUEum0GriyhRN_NVgXU6lAybiFaYea9DKFc5EXe14B0hBJsxFgpd5wJcPTALwWNfHixv6D5Z5W3yIZW_5TbcF6ae53l4JTFQxsjvfQtrqgt5DDjIiORTYZQ2swD6u-PQkFhkwgoLy7AGHehAk8WWKPeyQbBliIeBqwUKAe50DrhiQcgvWIKA0YCvLv9YZ1gX10ZcqycYIY46QWuC-yk63XNc-UOHO6zKsEp5Tiz-eDsHBBaFtTX-zNl0jw8aui0tBrpdWcYtxMg8_vcw-k8gFA5jzMLIE2o8ejZCTiROG4bQd1ncF5DOS34IoQXgldod11WJihdc6ZDVK4nnExbMmj9xz__MqviYWaNqR6GPghGPNcR98Zq1R9KqJZfl8lSfbTLlxzzGU7mAYovPX3aZIucyTXLJa7anRuo6mG0Zow0D25hipnf51v0IAKGSv53-PSxY7XthVuHcc0eoG_2Biu5dPxOAwPSoBo_KPBkDPotuwnhlXfWz-T4a52wmYmMSX_I6z6ckZmA9wMEwIXs-mvd0hjV5AknnN7rSFioDkDawzaHz5s00iZVZVJPrphTOJyphLQfXA4vXecOP15L2P33HmSyc3PDFwv7N-1s0mn5YWmtO7a8qDSg19_lPMlQ2cfp7DhevzUfhc1zAz06wB_ZszYwKOoSEcHXALVNU_kU7ZQTa6vtwEJHpKTTZyetE_C1w_sZQhDYPFdNrY64dTiARxqjFR_UQ_r4Kibd24OmGmuq2Piks7XsYNU3t1kFed6qs5p0FU3m_D4xTTGYaIwRIh2c_a-hcY8ZqP162nTKrTqBplS_OsuViv2yVcd4dtLykpCpB8xUQwKRwkuIzrqmKs_znu60do6-i_Pb882LqY5vu1I10LMwpRIRb174wrii9o-x7HhCWhFN_hl7aWBkwHbJPRc_4TCQthOmpdoC8elbCxrk36RV50qK11dMmYwjD8NPnSFpjLqn1hfIr8w0cyRww6P72oiIF-Y7G_coEiqvO4o-X&cid=CAQSTwDICaaN2D__1phkoE9M08k5VXIW-kYt79Bv3fgNAp6YJ_eNFzOUCA2GEnD8pQNzd8BCmq47r6db9R-RLLoMUCx7J2ni_LYTOkvjZecgqboYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fmywhats.net%2F&ds=l&xdt=1&iif=1&cor=1352976385361616100&adk=497053792&idt=156&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 23:19:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77999
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 23:19:49 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 350C 41 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 269680
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTcyMzU4ODQ3NjE2MwogIHNlcnZlcl9pcDogMTI2MDYwMjUwCiAgcHJvY2Vzc19pZDogMzUyMzk3NTk0MQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTE0MDg3...
ad.doubleclick.net/ddm/activity/ Frame 350C 0
861 B 176ms
76ms Image
image/png 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTcyMzU4ODQ3NjE2MwogIHNlcnZlcl9pcDogMTI2MDYwMjUwCiAgcHJvY2Vzc19pZDogMzUyMzk3NTk0MQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTE0MDg3MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vYWxkaXRhbGsuZGUiCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogOTg5ODU3MzAxMDc1NDEzNTMwNApkZWJ1Z19rZXk6IDM2MTQ2NDE0NDg5NTEyNzY3MDMKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTA0IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTExNDA4NzMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzODE1NDg3MDkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDczOTkyMDQ0MQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMDc4MjI3NTcyMQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDUzMzU3Mjg0MgogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hbGRpdGFsay5kZSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL21lZGlvbi5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly93d3ctYWxkaXRhbGstZGUudHJhbnNsYXRlLmdvb2ciCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:59:48 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xc6651a9d646382500000000000000000","13":"0x5119c0d3efc38df20000000000000000","14":"0x1538c4e960aa02bb0000000000000000","15":"0x978abf8254b311da0000000000000000"},"debug_key":"3614641448951276703","debug_reporting":true,"destination":"https://alditalk.de","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11140873"]},"priority":"0","source_event_id":"9898573010754135304"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 banner Show response
ad1.adfarm1.adition.com/ Frame 350C 12 KB
5 KB 47ms
47ms Script
text/javascript 217.79.188.2
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad1.adfarm1.adition.com/banner?sid=4745915&adjsver=3&fvers=&iframe=1&ref=https%3A//googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-2108315636534052%26fa%3D1%26ifi%3D3%26uci%3Da%213%26btvi%3D1&ro=https%3A//googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html%3Ffsb%3D1&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/119.0.6045.199%20Safari/537.36&os=17&browser=11&userid=0&kid=6200163&screen_res=6&wpt=J&clickurl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYHgmwz1uZbnGM4eNwuIP%2DICo0AvBodaedIquitutEoyLhZ4LEAEgvYePDGCVgoCAlAegAfSLkqAByAEJqQJT6a7EdyWyPqgDAcgDmwSqBP0BT9DorcpCDJEBHHy6PVJ9deM34DNiTRUBZ2RN6fj5jwSa6h6LmMb97g55UHU%2DUj5suom1DNwXESQ34KuhdwWjUhikzpJDd1AFrONplXNamW4bmGruKq1E3ANlOylKuh1xkYkiAdwstQ0M7CrCUrv2ybHyQbUHCaVvvo8uUfh5tjDBs2B45QvO0fXYSBBLBwpocDB5IjH64jSB7qFY5yVFSoXfpfFBKemTe8%5F%2D6ngDbY9uYfQ7Vh6y5wb8gEwvrieTz6LqodC6%2DzqVlxj%2DamAtOD1p35conEhzbA0bcDR7mUply%5FkYtBdoyo4uCaAfS8Sw9T95v07LIrgdrWgAh8AE2L7dp90E4AQDiAWJueG1TZAGAaAGTYAH9PPt3wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj1lNav1vaCA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBPl68oV0BMA2BMK2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaN2D%5F%5F1phkoE9M08k5VXIW%2DkYt79Bv3fgNAp6YJ%5FeNFzOUCA2GEnD8pQNzd8BCmq47r6db9R%2DRLLoMUCx7J2ni%5FLYTOkvjZecgqboYAQ%26sig%3DAOD64%5F2C%5F%2DITTSFkwMUiw7078jH21t87HA%26client%3Dca%2Dpub%2D2108315636534052%26dbm%5Fc%3DAKAmf%2DAU7%5Fh7Io4ko44I3cYrJTSIr0DvgD%5Fg55SoTFdnmkikkNrW%5FwB5D1j9cWmYs%5F40m6IXTSUhCAEFF0e0yiltwDsLrzJkgTPAPXrQ7IP2oqq1uhTkqS2NZGDLeRwg%2DH%5FIyADNKrqV9GC4RCLwqzSBt7ShwuRLBMVDmCNuU55vr7xVtK1f01M%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBVpZoZd%2DP6g2DeEElFBRXSnH%5FpCsON4AU%5F%5FnR2V4gCeSpVq9Sxk8vqvjlj%5FBg9tqyXkDoflJ6emCL2oToKKprPMVB00VusVvYMlR%2DJhgohDxaKU1EzpPwGCvYIgtaPGnDM5V2JL3SHWoQSbMbt4CLotXyBO7CSeyfsDRHTBYLuPVANa%2Dp0A5%5FEycAhm2w6VgaMPZ7lS%5Fawqq6Y8bbgS1DRdIdHR64e3VeEkSkK1%2DejHJMNP6QeTdKT4EcyE%5FQ6hvdgj5X%5Fw%5F%2DPK9QzW3z%2DS00f6jsS%5FgGf1HcT%5FGtqSTTI2vId1f04on%5FGHfeLXk6RLQYpqt651299s%2DltnPiTlZ%2DHmlsWLyY0tZP7mpRE5XSLnxIXHDhmBJQEaYMJX4ieXxvb7KKCnIooF36TONLj3D6%2DzIFpjwQTb0AZWzT36GE91nRWY%2DhUeorclhHEebHMG8mPfjLnb8HTGMFdttjREfsl78f9Ri13bQkOz%2DV7rGy2VWlto0Dy7TGqdDeMQLBfsAgODglRBydF6FqnqN5yGlUOWUTQBERCXIpIvhMe6sxwHO5pKTQ%26adurl%3D
Requested by: Host: ad1.adfarm1.adition.com
URL: https://ad1.adfarm1.adition.com/js?wp_id=4745915&gdpr=&gdpr_consent=&kid=6200163&clickurl=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCYHgmwz1uZbnGM4eNwuIP-ICo0AvBodaedIquitutEoyLhZ4LEAEgvYePDGCVgoCAlAegAfSLkqAByAEJqQJT6a7EdyWyPqgDAcgDmwSqBP0BT9DorcpCDJEBHHy6PVJ9deM34DNiTRUBZ2RN6fj5jwSa6h6LmMb97g55UHU-Uj5suom1DNwXESQ34KuhdwWjUhikzpJDd1AFrONplXNamW4bmGruKq1E3ANlOylKuh1xkYkiAdwstQ0M7CrCUrv2ybHyQbUHCaVvvo8uUfh5tjDBs2B45QvO0fXYSBBLBwpocDB5IjH64jSB7qFY5yVFSoXfpfFBKemTe8_-6ngDbY9uYfQ7Vh6y5wb8gEwvrieTz6LqodC6-zqVlxj-amAtOD1p35conEhzbA0bcDR7mUply_kYtBdoyo4uCaAfS8Sw9T95v07LIrgdrWgAh8AE2L7dp90E4AQDiAWJueG1TZAGAaAGTYAH9PPt3wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj1lNav1vaCA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBPl68oV0BMA2BMK2BQB0BUB-BYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaN2D__1phkoE9M08k5VXIW-kYt79Bv3fgNAp6YJ_eNFzOUCA2GEnD8pQNzd8BCmq47r6db9R-RLLoMUCx7J2ni_LYTOkvjZecgqboYAQ%26sig%3DAOD64_2C_-ITTSFkwMUiw7078jH21t87HA%26client%3Dca-pub-2108315636534052%26dbm_c%3DAKAmf-AU7_h7Io4ko44I3cYrJTSIr0DvgD_g55SoTFdnmkikkNrW_wB5D1j9cWmYs_40m6IXTSUhCAEFF0e0yiltwDsLrzJkgTPAPXrQ7IP2oqq1uhTkqS2NZGDLeRwg-H_IyADNKrqV9GC4RCLwqzSBt7ShwuRLBMVDmCNuU55vr7xVtK1f01M%26cry%3D1%26dbm_d%3DAKAmf-BVpZoZd-P6g2DeEElFBRXSnH_pCsON4AU__nR2V4gCeSpVq9Sxk8vqvjlj_Bg9tqyXkDoflJ6emCL2oToKKprPMVB00VusVvYMlR-JhgohDxaKU1EzpPwGCvYIgtaPGnDM5V2JL3SHWoQSbMbt4CLotXyBO7CSeyfsDRHTBYLuPVANa-p0A5_EycAhm2w6VgaMPZ7lS_awqq6Y8bbgS1DRdIdHR64e3VeEkSkK1-ejHJMNP6QeTdKT4EcyE_Q6hvdgj5X_w_-PK9QzW3z-S00f6jsS_gGf1HcT_GtqSTTI2vId1f04on_GHfeLXk6RLQYpqt651299s-ltnPiTlZ-HmlsWLyY0tZP7mpRE5XSLnxIXHDhmBJQEaYMJX4ieXxvb7KKCnIooF36TONLj3D6-zIFpjwQTb0AZWzT36GE91nRWY-hUeorclhHEebHMG8mPfjLnb8HTGMFdttjREfsl78f9Ri13bQkOz-V7rGy2VWlto0Dy7TGqdDeMQLBfsAgODglRBydF6FqnqN5yGlUOWUTQBERCXIpIvhMe6sxwHO5pKTQ%26adurl%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.2 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad1.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: c08daaca112fc548ddae751a1fe129bfa52a4357c6b475510caad35b72f8524a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 21:59:48 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 amp-lightbox-gallery-0.1.js Show response
cdn.ampproject.org/rtv/012311171837000/v0/ 65 KB
19 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012311171837000/v0/amp-lightbox-gallery-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c082d623bede68c254a0cf584097c88428d4b3c066368376bb04972165deda7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mywhats.net/
Origin: https://mywhats.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 Nov 2023 20:23:44 GMT
age: 520564
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19060
x-xss-protection: 0
server: sffe
etag: "1c9d1521151bacf2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 27 Nov 2024 20:23:44 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame FC6C 38 KB
13 KB 39ms
39ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 83472
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 21:48:36 GMT
expires: Mon, 02 Dec 2024 21:48:36 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
imagesrv.adition.com/banners/3618/18772662/ Frame 2899 18 KB
3 KB 42ms
42ms Document
text/html 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/3618/18772662/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYHgmwz1uZbnGM4eNwuIP%2DICo0AvBodaedIquitutEoyLhZ4LEAEgvYePDGCVgoCAlAegAfSLkqAByAEJqQJT6a7EdyWyPqgDAcgDmwSqBP0BT9DorcpCDJEBHHy6PVJ9deM34DNiTRUBZ2RN6fj5jwSa6h6LmMb97g55UHU%2DUj5suom1DNwXESQ34KuhdwWjUhikzpJDd1AFrONplXNamW4bmGruKq1E3ANlOylKuh1xkYkiAdwstQ0M7CrCUrv2ybHyQbUHCaVvvo8uUfh5tjDBs2B45QvO0fXYSBBLBwpocDB5IjH64jSB7qFY5yVFSoXfpfFBKemTe8%5F%2D6ngDbY9uYfQ7Vh6y5wb8gEwvrieTz6LqodC6%2DzqVlxj%2DamAtOD1p35conEhzbA0bcDR7mUply%5FkYtBdoyo4uCaAfS8Sw9T95v07LIrgdrWgAh8AE2L7dp90E4AQDiAWJueG1TZAGAaAGTYAH9PPt3wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj1lNav1vaCA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBPl68oV0BMA2BMK2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaN2D%5F%5F1phkoE9M08k5VXIW%2DkYt79Bv3fgNAp6YJ%5FeNFzOUCA2GEnD8pQNzd8BCmq47r6db9R%2DRLLoMUCx7J2ni%5FLYTOkvjZecgqboYAQ%26sig%3DAOD64%5F2C%5F%2DITTSFkwMUiw7078jH21t87HA%26client%3Dca%2Dpub%2D2108315636534052%26dbm%5Fc%3DAKAmf%2DAU7%5Fh7Io4ko44I3cYrJTSIr0DvgD%5Fg55SoTFdnmkikkNrW%5FwB5D1j9cWmYs%5F40m6IXTSUhCAEFF0e0yiltwDsLrzJkgTPAPXrQ7IP2oqq1uhTkqS2NZGDLeRwg%2DH%5FIyADNKrqV9GC4RCLwqzSBt7ShwuRLBMVDmCNuU55vr7xVtK1f01M%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBVpZoZd%2DP6g2DeEElFBRXSnH%5FpCsON4AU%5F%5FnR2V4gCeSpVq9Sxk8vqvjlj%5FBg9tqyXkDoflJ6emCL2oToKKprPMVB00VusVvYMlR%2DJhgohDxaKU1EzpPwGCvYIgtaPGnDM5V2JL3SHWoQSbMbt4CLotXyBO7CSeyfsDRHTBYLuPVANa%2Dp0A5%5FEycAhm2w6VgaMPZ7lS%5Fawqq6Y8bbgS1DRdIdHR64e3VeEkSkK1%2DejHJMNP6QeTdKT4EcyE%5FQ6hvdgj5X%5Fw%5F%2DPK9QzW3z%2DS00f6jsS%5FgGf1HcT%5FGtqSTTI2vId1f04on%5FGHfeLXk6RLQYpqt651299s%2DltnPiTlZ%2DHmlsWLyY0tZP7mpRE5XSLnxIXHDhmBJQEaYMJX4ieXxvb7KKCnIooF36TONLj3D6%2DzIFpjwQTb0AZWzT36GE91nRWY%2DhUeorclhHEebHMG8mPfjLnb8HTGMFdttjREfsl78f9Ri13bQkOz%2DV7rGy2VWlto0Dy7TGqdDeMQLBfsAgODglRBydF6FqnqN5yGlUOWUTQBERCXIpIvhMe6sxwHO5pKTQ%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7308847157328284427%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7308847157328546827%2526sid%253D4745915%2526kid%253D6200163%2526bid%253D18772662%2526c%253D43414%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Requested by: Host: mywhats.net
URL: https://mywhats.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 1dbf50c930a76d6bced8fac842e24d2ec9843103b599b4673dd892f9e6dcd620

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
content-length: 3397
content-type: text/html
date: Mon, 04 Dec 2023 20:59:48 GMT
etag: "1701541106-br"
last-modified: Thu, 23 Nov 2023 11:07:03 GMT
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 350C 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcc37ba28e6f54c9d9daf5ee2dcc725a401af7b9775303dd085cd09c61d5341f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AditionH5_ClickTags.js Show response
imagesrv.adition.com/js/ Frame 2899 753 B
407 B 43ms
43ms Script
application/javascript 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/AditionH5_ClickTags.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/18772662/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYHgmwz1uZbnGM4eNwuIP%2DICo0AvBodaedIquitutEoyLhZ4LEAEgvYePDGCVgoCAlAegAfSLkqAByAEJqQJT6a7EdyWyPqgDAcgDmwSqBP0BT9DorcpCDJEBHHy6PVJ9deM34DNiTRUBZ2RN6fj5jwSa6h6LmMb97g55UHU%2DUj5suom1DNwXESQ34KuhdwWjUhikzpJDd1AFrONplXNamW4bmGruKq1E3ANlOylKuh1xkYkiAdwstQ0M7CrCUrv2ybHyQbUHCaVvvo8uUfh5tjDBs2B45QvO0fXYSBBLBwpocDB5IjH64jSB7qFY5yVFSoXfpfFBKemTe8%5F%2D6ngDbY9uYfQ7Vh6y5wb8gEwvrieTz6LqodC6%2DzqVlxj%2DamAtOD1p35conEhzbA0bcDR7mUply%5FkYtBdoyo4uCaAfS8Sw9T95v07LIrgdrWgAh8AE2L7dp90E4AQDiAWJueG1TZAGAaAGTYAH9PPt3wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj1lNav1vaCA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBPl68oV0BMA2BMK2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaN2D%5F%5F1phkoE9M08k5VXIW%2DkYt79Bv3fgNAp6YJ%5FeNFzOUCA2GEnD8pQNzd8BCmq47r6db9R%2DRLLoMUCx7J2ni%5FLYTOkvjZecgqboYAQ%26sig%3DAOD64%5F2C%5F%2DITTSFkwMUiw7078jH21t87HA%26client%3Dca%2Dpub%2D2108315636534052%26dbm%5Fc%3DAKAmf%2DAU7%5Fh7Io4ko44I3cYrJTSIr0DvgD%5Fg55SoTFdnmkikkNrW%5FwB5D1j9cWmYs%5F40m6IXTSUhCAEFF0e0yiltwDsLrzJkgTPAPXrQ7IP2oqq1uhTkqS2NZGDLeRwg%2DH%5FIyADNKrqV9GC4RCLwqzSBt7ShwuRLBMVDmCNuU55vr7xVtK1f01M%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBVpZoZd%2DP6g2DeEElFBRXSnH%5FpCsON4AU%5F%5FnR2V4gCeSpVq9Sxk8vqvjlj%5FBg9tqyXkDoflJ6emCL2oToKKprPMVB00VusVvYMlR%2DJhgohDxaKU1EzpPwGCvYIgtaPGnDM5V2JL3SHWoQSbMbt4CLotXyBO7CSeyfsDRHTBYLuPVANa%2Dp0A5%5FEycAhm2w6VgaMPZ7lS%5Fawqq6Y8bbgS1DRdIdHR64e3VeEkSkK1%2DejHJMNP6QeTdKT4EcyE%5FQ6hvdgj5X%5Fw%5F%2DPK9QzW3z%2DS00f6jsS%5FgGf1HcT%5FGtqSTTI2vId1f04on%5FGHfeLXk6RLQYpqt651299s%2DltnPiTlZ%2DHmlsWLyY0tZP7mpRE5XSLnxIXHDhmBJQEaYMJX4ieXxvb7KKCnIooF36TONLj3D6%2DzIFpjwQTb0AZWzT36GE91nRWY%2DhUeorclhHEebHMG8mPfjLnb8HTGMFdttjREfsl78f9Ri13bQkOz%2DV7rGy2VWlto0Dy7TGqdDeMQLBfsAgODglRBydF6FqnqN5yGlUOWUTQBERCXIpIvhMe6sxwHO5pKTQ%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7308847157328284427%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7308847157328546827%2526sid%253D4745915%2526kid%253D6200163%2526bid%253D18772662%2526c%253D43414%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/3618/18772662/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYHgmwz1uZbnGM4eNwuIP%2DICo0AvBodaedIquitutEoyLhZ4LEAEgvYePDGCVgoCAlAegAfSLkqAByAEJqQJT6a7EdyWyPqgDAcgDmwSqBP0BT9DorcpCDJEBHHy6PVJ9deM34DNiTRUBZ2RN6fj5jwSa6h6LmMb97g55UHU%2DUj5suom1DNwXESQ34KuhdwWjUhikzpJDd1AFrONplXNamW4bmGruKq1E3ANlOylKuh1xkYkiAdwstQ0M7CrCUrv2ybHyQbUHCaVvvo8uUfh5tjDBs2B45QvO0fXYSBBLBwpocDB5IjH64jSB7qFY5yVFSoXfpfFBKemTe8%5F%2D6ngDbY9uYfQ7Vh6y5wb8gEwvrieTz6LqodC6%2DzqVlxj%2DamAtOD1p35conEhzbA0bcDR7mUply%5FkYtBdoyo4uCaAfS8Sw9T95v07LIrgdrWgAh8AE2L7dp90E4AQDiAWJueG1TZAGAaAGTYAH9PPt3wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj1lNav1vaCA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBPl68oV0BMA2BMK2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaN2D%5F%5F1phkoE9M08k5VXIW%2DkYt79Bv3fgNAp6YJ%5FeNFzOUCA2GEnD8pQNzd8BCmq47r6db9R%2DRLLoMUCx7J2ni%5FLYTOkvjZecgqboYAQ%26sig%3DAOD64%5F2C%5F%2DITTSFkwMUiw7078jH21t87HA%26client%3Dca%2Dpub%2D2108315636534052%26dbm%5Fc%3DAKAmf%2DAU7%5Fh7Io4ko44I3cYrJTSIr0DvgD%5Fg55SoTFdnmkikkNrW%5FwB5D1j9cWmYs%5F40m6IXTSUhCAEFF0e0yiltwDsLrzJkgTPAPXrQ7IP2oqq1uhTkqS2NZGDLeRwg%2DH%5FIyADNKrqV9GC4RCLwqzSBt7ShwuRLBMVDmCNuU55vr7xVtK1f01M%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBVpZoZd%2DP6g2DeEElFBRXSnH%5FpCsON4AU%5F%5FnR2V4gCeSpVq9Sxk8vqvjlj%5FBg9tqyXkDoflJ6emCL2oToKKprPMVB00VusVvYMlR%2DJhgohDxaKU1EzpPwGCvYIgtaPGnDM5V2JL3SHWoQSbMbt4CLotXyBO7CSeyfsDRHTBYLuPVANa%2Dp0A5%5FEycAhm2w6VgaMPZ7lS%5Fawqq6Y8bbgS1DRdIdHR64e3VeEkSkK1%2DejHJMNP6QeTdKT4EcyE%5FQ6hvdgj5X%5Fw%5F%2DPK9QzW3z%2DS00f6jsS%5FgGf1HcT%5FGtqSTTI2vId1f04on%5FGHfeLXk6RLQYpqt651299s%2DltnPiTlZ%2DHmlsWLyY0tZP7mpRE5XSLnxIXHDhmBJQEaYMJX4ieXxvb7KKCnIooF36TONLj3D6%2DzIFpjwQTb0AZWzT36GE91nRWY%2DhUeorclhHEebHMG8mPfjLnb8HTGMFdttjREfsl78f9Ri13bQkOz%2DV7rGy2VWlto0Dy7TGqdDeMQLBfsAgODglRBydF6FqnqN5yGlUOWUTQBERCXIpIvhMe6sxwHO5pKTQ%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7308847157328284427%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7308847157328546827%2526sid%253D4745915%2526kid%253D6200163%2526bid%253D18772662%2526c%253D43414%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:48 GMT
content-encoding: br
last-modified: Wed, 22 Nov 2023 10:01:14 GMT
etag: "597418985-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 330

GET
H2 200 926dda2fe7a8aabfb9539a6397989e75.js Show response
imagesrv.adition.com/banners/3618/18772662/ Frame 2899 113 KB
28 KB 85ms
85ms Script
application/javascript 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/banners/3618/18772662/926dda2fe7a8aabfb9539a6397989e75.js
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/18772662/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYHgmwz1uZbnGM4eNwuIP%2DICo0AvBodaedIquitutEoyLhZ4LEAEgvYePDGCVgoCAlAegAfSLkqAByAEJqQJT6a7EdyWyPqgDAcgDmwSqBP0BT9DorcpCDJEBHHy6PVJ9deM34DNiTRUBZ2RN6fj5jwSa6h6LmMb97g55UHU%2DUj5suom1DNwXESQ34KuhdwWjUhikzpJDd1AFrONplXNamW4bmGruKq1E3ANlOylKuh1xkYkiAdwstQ0M7CrCUrv2ybHyQbUHCaVvvo8uUfh5tjDBs2B45QvO0fXYSBBLBwpocDB5IjH64jSB7qFY5yVFSoXfpfFBKemTe8%5F%2D6ngDbY9uYfQ7Vh6y5wb8gEwvrieTz6LqodC6%2DzqVlxj%2DamAtOD1p35conEhzbA0bcDR7mUply%5FkYtBdoyo4uCaAfS8Sw9T95v07LIrgdrWgAh8AE2L7dp90E4AQDiAWJueG1TZAGAaAGTYAH9PPt3wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj1lNav1vaCA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBPl68oV0BMA2BMK2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaN2D%5F%5F1phkoE9M08k5VXIW%2DkYt79Bv3fgNAp6YJ%5FeNFzOUCA2GEnD8pQNzd8BCmq47r6db9R%2DRLLoMUCx7J2ni%5FLYTOkvjZecgqboYAQ%26sig%3DAOD64%5F2C%5F%2DITTSFkwMUiw7078jH21t87HA%26client%3Dca%2Dpub%2D2108315636534052%26dbm%5Fc%3DAKAmf%2DAU7%5Fh7Io4ko44I3cYrJTSIr0DvgD%5Fg55SoTFdnmkikkNrW%5FwB5D1j9cWmYs%5F40m6IXTSUhCAEFF0e0yiltwDsLrzJkgTPAPXrQ7IP2oqq1uhTkqS2NZGDLeRwg%2DH%5FIyADNKrqV9GC4RCLwqzSBt7ShwuRLBMVDmCNuU55vr7xVtK1f01M%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBVpZoZd%2DP6g2DeEElFBRXSnH%5FpCsON4AU%5F%5FnR2V4gCeSpVq9Sxk8vqvjlj%5FBg9tqyXkDoflJ6emCL2oToKKprPMVB00VusVvYMlR%2DJhgohDxaKU1EzpPwGCvYIgtaPGnDM5V2JL3SHWoQSbMbt4CLotXyBO7CSeyfsDRHTBYLuPVANa%2Dp0A5%5FEycAhm2w6VgaMPZ7lS%5Fawqq6Y8bbgS1DRdIdHR64e3VeEkSkK1%2DejHJMNP6QeTdKT4EcyE%5FQ6hvdgj5X%5Fw%5F%2DPK9QzW3z%2DS00f6jsS%5FgGf1HcT%5FGtqSTTI2vId1f04on%5FGHfeLXk6RLQYpqt651299s%2DltnPiTlZ%2DHmlsWLyY0tZP7mpRE5XSLnxIXHDhmBJQEaYMJX4ieXxvb7KKCnIooF36TONLj3D6%2DzIFpjwQTb0AZWzT36GE91nRWY%2DhUeorclhHEebHMG8mPfjLnb8HTGMFdttjREfsl78f9Ri13bQkOz%2DV7rGy2VWlto0Dy7TGqdDeMQLBfsAgODglRBydF6FqnqN5yGlUOWUTQBERCXIpIvhMe6sxwHO5pKTQ%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7308847157328284427%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7308847157328546827%2526sid%253D4745915%2526kid%253D6200163%2526bid%253D18772662%2526c%253D43414%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 3d2d167f9dc902459d70879eff1b653ac35991ae1640ec0763bfb005f84d16c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/3618/18772662/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYHgmwz1uZbnGM4eNwuIP%2DICo0AvBodaedIquitutEoyLhZ4LEAEgvYePDGCVgoCAlAegAfSLkqAByAEJqQJT6a7EdyWyPqgDAcgDmwSqBP0BT9DorcpCDJEBHHy6PVJ9deM34DNiTRUBZ2RN6fj5jwSa6h6LmMb97g55UHU%2DUj5suom1DNwXESQ34KuhdwWjUhikzpJDd1AFrONplXNamW4bmGruKq1E3ANlOylKuh1xkYkiAdwstQ0M7CrCUrv2ybHyQbUHCaVvvo8uUfh5tjDBs2B45QvO0fXYSBBLBwpocDB5IjH64jSB7qFY5yVFSoXfpfFBKemTe8%5F%2D6ngDbY9uYfQ7Vh6y5wb8gEwvrieTz6LqodC6%2DzqVlxj%2DamAtOD1p35conEhzbA0bcDR7mUply%5FkYtBdoyo4uCaAfS8Sw9T95v07LIrgdrWgAh8AE2L7dp90E4AQDiAWJueG1TZAGAaAGTYAH9PPt3wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj1lNav1vaCA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBPl68oV0BMA2BMK2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaN2D%5F%5F1phkoE9M08k5VXIW%2DkYt79Bv3fgNAp6YJ%5FeNFzOUCA2GEnD8pQNzd8BCmq47r6db9R%2DRLLoMUCx7J2ni%5FLYTOkvjZecgqboYAQ%26sig%3DAOD64%5F2C%5F%2DITTSFkwMUiw7078jH21t87HA%26client%3Dca%2Dpub%2D2108315636534052%26dbm%5Fc%3DAKAmf%2DAU7%5Fh7Io4ko44I3cYrJTSIr0DvgD%5Fg55SoTFdnmkikkNrW%5FwB5D1j9cWmYs%5F40m6IXTSUhCAEFF0e0yiltwDsLrzJkgTPAPXrQ7IP2oqq1uhTkqS2NZGDLeRwg%2DH%5FIyADNKrqV9GC4RCLwqzSBt7ShwuRLBMVDmCNuU55vr7xVtK1f01M%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBVpZoZd%2DP6g2DeEElFBRXSnH%5FpCsON4AU%5F%5FnR2V4gCeSpVq9Sxk8vqvjlj%5FBg9tqyXkDoflJ6emCL2oToKKprPMVB00VusVvYMlR%2DJhgohDxaKU1EzpPwGCvYIgtaPGnDM5V2JL3SHWoQSbMbt4CLotXyBO7CSeyfsDRHTBYLuPVANa%2Dp0A5%5FEycAhm2w6VgaMPZ7lS%5Fawqq6Y8bbgS1DRdIdHR64e3VeEkSkK1%2DejHJMNP6QeTdKT4EcyE%5FQ6hvdgj5X%5Fw%5F%2DPK9QzW3z%2DS00f6jsS%5FgGf1HcT%5FGtqSTTI2vId1f04on%5FGHfeLXk6RLQYpqt651299s%2DltnPiTlZ%2DHmlsWLyY0tZP7mpRE5XSLnxIXHDhmBJQEaYMJX4ieXxvb7KKCnIooF36TONLj3D6%2DzIFpjwQTb0AZWzT36GE91nRWY%2DhUeorclhHEebHMG8mPfjLnb8HTGMFdttjREfsl78f9Ri13bQkOz%2DV7rGy2VWlto0Dy7TGqdDeMQLBfsAgODglRBydF6FqnqN5yGlUOWUTQBERCXIpIvhMe6sxwHO5pKTQ%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7308847157328284427%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7308847157328546827%2526sid%253D4745915%2526kid%253D6200163%2526bid%253D18772662%2526c%253D43414%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:48 GMT
content-encoding: br
last-modified: Thu, 23 Nov 2023 11:07:03 GMT
etag: "528103278-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 28995

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame FC6C 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:24:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 10:24:32 GMT

GET
H2 200 77a327458fd16a0871c396901ff3d200.svg
imagesrv.adition.com/banners/3618/18772662/media/ Frame 2899 16 KB
16 KB 80ms
79ms Image
image/svg+xml 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3618/18772662/media/77a327458fd16a0871c396901ff3d200.svg
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/18772662/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYHgmwz1uZbnGM4eNwuIP%2DICo0AvBodaedIquitutEoyLhZ4LEAEgvYePDGCVgoCAlAegAfSLkqAByAEJqQJT6a7EdyWyPqgDAcgDmwSqBP0BT9DorcpCDJEBHHy6PVJ9deM34DNiTRUBZ2RN6fj5jwSa6h6LmMb97g55UHU%2DUj5suom1DNwXESQ34KuhdwWjUhikzpJDd1AFrONplXNamW4bmGruKq1E3ANlOylKuh1xkYkiAdwstQ0M7CrCUrv2ybHyQbUHCaVvvo8uUfh5tjDBs2B45QvO0fXYSBBLBwpocDB5IjH64jSB7qFY5yVFSoXfpfFBKemTe8%5F%2D6ngDbY9uYfQ7Vh6y5wb8gEwvrieTz6LqodC6%2DzqVlxj%2DamAtOD1p35conEhzbA0bcDR7mUply%5FkYtBdoyo4uCaAfS8Sw9T95v07LIrgdrWgAh8AE2L7dp90E4AQDiAWJueG1TZAGAaAGTYAH9PPt3wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj1lNav1vaCA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBPl68oV0BMA2BMK2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaN2D%5F%5F1phkoE9M08k5VXIW%2DkYt79Bv3fgNAp6YJ%5FeNFzOUCA2GEnD8pQNzd8BCmq47r6db9R%2DRLLoMUCx7J2ni%5FLYTOkvjZecgqboYAQ%26sig%3DAOD64%5F2C%5F%2DITTSFkwMUiw7078jH21t87HA%26client%3Dca%2Dpub%2D2108315636534052%26dbm%5Fc%3DAKAmf%2DAU7%5Fh7Io4ko44I3cYrJTSIr0DvgD%5Fg55SoTFdnmkikkNrW%5FwB5D1j9cWmYs%5F40m6IXTSUhCAEFF0e0yiltwDsLrzJkgTPAPXrQ7IP2oqq1uhTkqS2NZGDLeRwg%2DH%5FIyADNKrqV9GC4RCLwqzSBt7ShwuRLBMVDmCNuU55vr7xVtK1f01M%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBVpZoZd%2DP6g2DeEElFBRXSnH%5FpCsON4AU%5F%5FnR2V4gCeSpVq9Sxk8vqvjlj%5FBg9tqyXkDoflJ6emCL2oToKKprPMVB00VusVvYMlR%2DJhgohDxaKU1EzpPwGCvYIgtaPGnDM5V2JL3SHWoQSbMbt4CLotXyBO7CSeyfsDRHTBYLuPVANa%2Dp0A5%5FEycAhm2w6VgaMPZ7lS%5Fawqq6Y8bbgS1DRdIdHR64e3VeEkSkK1%2DejHJMNP6QeTdKT4EcyE%5FQ6hvdgj5X%5Fw%5F%2DPK9QzW3z%2DS00f6jsS%5FgGf1HcT%5FGtqSTTI2vId1f04on%5FGHfeLXk6RLQYpqt651299s%2DltnPiTlZ%2DHmlsWLyY0tZP7mpRE5XSLnxIXHDhmBJQEaYMJX4ieXxvb7KKCnIooF36TONLj3D6%2DzIFpjwQTb0AZWzT36GE91nRWY%2DhUeorclhHEebHMG8mPfjLnb8HTGMFdttjREfsl78f9Ri13bQkOz%2DV7rGy2VWlto0Dy7TGqdDeMQLBfsAgODglRBydF6FqnqN5yGlUOWUTQBERCXIpIvhMe6sxwHO5pKTQ%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7308847157328284427%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7308847157328546827%2526sid%253D4745915%2526kid%253D6200163%2526bid%253D18772662%2526c%253D43414%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 89aca9f25f74315ee9c2235b376379bb019a28f8e56d01a44fbf312e083b9c90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/3618/18772662/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYHgmwz1uZbnGM4eNwuIP%2DICo0AvBodaedIquitutEoyLhZ4LEAEgvYePDGCVgoCAlAegAfSLkqAByAEJqQJT6a7EdyWyPqgDAcgDmwSqBP0BT9DorcpCDJEBHHy6PVJ9deM34DNiTRUBZ2RN6fj5jwSa6h6LmMb97g55UHU%2DUj5suom1DNwXESQ34KuhdwWjUhikzpJDd1AFrONplXNamW4bmGruKq1E3ANlOylKuh1xkYkiAdwstQ0M7CrCUrv2ybHyQbUHCaVvvo8uUfh5tjDBs2B45QvO0fXYSBBLBwpocDB5IjH64jSB7qFY5yVFSoXfpfFBKemTe8%5F%2D6ngDbY9uYfQ7Vh6y5wb8gEwvrieTz6LqodC6%2DzqVlxj%2DamAtOD1p35conEhzbA0bcDR7mUply%5FkYtBdoyo4uCaAfS8Sw9T95v07LIrgdrWgAh8AE2L7dp90E4AQDiAWJueG1TZAGAaAGTYAH9PPt3wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj1lNav1vaCA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBPl68oV0BMA2BMK2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaN2D%5F%5F1phkoE9M08k5VXIW%2DkYt79Bv3fgNAp6YJ%5FeNFzOUCA2GEnD8pQNzd8BCmq47r6db9R%2DRLLoMUCx7J2ni%5FLYTOkvjZecgqboYAQ%26sig%3DAOD64%5F2C%5F%2DITTSFkwMUiw7078jH21t87HA%26client%3Dca%2Dpub%2D2108315636534052%26dbm%5Fc%3DAKAmf%2DAU7%5Fh7Io4ko44I3cYrJTSIr0DvgD%5Fg55SoTFdnmkikkNrW%5FwB5D1j9cWmYs%5F40m6IXTSUhCAEFF0e0yiltwDsLrzJkgTPAPXrQ7IP2oqq1uhTkqS2NZGDLeRwg%2DH%5FIyADNKrqV9GC4RCLwqzSBt7ShwuRLBMVDmCNuU55vr7xVtK1f01M%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBVpZoZd%2DP6g2DeEElFBRXSnH%5FpCsON4AU%5F%5FnR2V4gCeSpVq9Sxk8vqvjlj%5FBg9tqyXkDoflJ6emCL2oToKKprPMVB00VusVvYMlR%2DJhgohDxaKU1EzpPwGCvYIgtaPGnDM5V2JL3SHWoQSbMbt4CLotXyBO7CSeyfsDRHTBYLuPVANa%2Dp0A5%5FEycAhm2w6VgaMPZ7lS%5Fawqq6Y8bbgS1DRdIdHR64e3VeEkSkK1%2DejHJMNP6QeTdKT4EcyE%5FQ6hvdgj5X%5Fw%5F%2DPK9QzW3z%2DS00f6jsS%5FgGf1HcT%5FGtqSTTI2vId1f04on%5FGHfeLXk6RLQYpqt651299s%2DltnPiTlZ%2DHmlsWLyY0tZP7mpRE5XSLnxIXHDhmBJQEaYMJX4ieXxvb7KKCnIooF36TONLj3D6%2DzIFpjwQTb0AZWzT36GE91nRWY%2DhUeorclhHEebHMG8mPfjLnb8HTGMFdttjREfsl78f9Ri13bQkOz%2DV7rGy2VWlto0Dy7TGqdDeMQLBfsAgODglRBydF6FqnqN5yGlUOWUTQBERCXIpIvhMe6sxwHO5pKTQ%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7308847157328284427%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7308847157328546827%2526sid%253D4745915%2526kid%253D6200163%2526bid%253D18772662%2526c%253D43414%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Dec 2023 20:59:48 GMT
last-modified: Thu, 23 Nov 2023 11:07:03 GMT
accept-ranges: bytes
etag: "912617711"
content-length: 16237
content-type: image/svg+xml

GET
H2 200 53fe411fa96ba21c74d0f6b84997dcaf.svg
imagesrv.adition.com/banners/3618/18772662/media/ Frame 2899 12 KB
12 KB 81ms
80ms Image
image/svg+xml 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3618/18772662/media/53fe411fa96ba21c74d0f6b84997dcaf.svg
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/18772662/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYHgmwz1uZbnGM4eNwuIP%2DICo0AvBodaedIquitutEoyLhZ4LEAEgvYePDGCVgoCAlAegAfSLkqAByAEJqQJT6a7EdyWyPqgDAcgDmwSqBP0BT9DorcpCDJEBHHy6PVJ9deM34DNiTRUBZ2RN6fj5jwSa6h6LmMb97g55UHU%2DUj5suom1DNwXESQ34KuhdwWjUhikzpJDd1AFrONplXNamW4bmGruKq1E3ANlOylKuh1xkYkiAdwstQ0M7CrCUrv2ybHyQbUHCaVvvo8uUfh5tjDBs2B45QvO0fXYSBBLBwpocDB5IjH64jSB7qFY5yVFSoXfpfFBKemTe8%5F%2D6ngDbY9uYfQ7Vh6y5wb8gEwvrieTz6LqodC6%2DzqVlxj%2DamAtOD1p35conEhzbA0bcDR7mUply%5FkYtBdoyo4uCaAfS8Sw9T95v07LIrgdrWgAh8AE2L7dp90E4AQDiAWJueG1TZAGAaAGTYAH9PPt3wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj1lNav1vaCA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBPl68oV0BMA2BMK2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaN2D%5F%5F1phkoE9M08k5VXIW%2DkYt79Bv3fgNAp6YJ%5FeNFzOUCA2GEnD8pQNzd8BCmq47r6db9R%2DRLLoMUCx7J2ni%5FLYTOkvjZecgqboYAQ%26sig%3DAOD64%5F2C%5F%2DITTSFkwMUiw7078jH21t87HA%26client%3Dca%2Dpub%2D2108315636534052%26dbm%5Fc%3DAKAmf%2DAU7%5Fh7Io4ko44I3cYrJTSIr0DvgD%5Fg55SoTFdnmkikkNrW%5FwB5D1j9cWmYs%5F40m6IXTSUhCAEFF0e0yiltwDsLrzJkgTPAPXrQ7IP2oqq1uhTkqS2NZGDLeRwg%2DH%5FIyADNKrqV9GC4RCLwqzSBt7ShwuRLBMVDmCNuU55vr7xVtK1f01M%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBVpZoZd%2DP6g2DeEElFBRXSnH%5FpCsON4AU%5F%5FnR2V4gCeSpVq9Sxk8vqvjlj%5FBg9tqyXkDoflJ6emCL2oToKKprPMVB00VusVvYMlR%2DJhgohDxaKU1EzpPwGCvYIgtaPGnDM5V2JL3SHWoQSbMbt4CLotXyBO7CSeyfsDRHTBYLuPVANa%2Dp0A5%5FEycAhm2w6VgaMPZ7lS%5Fawqq6Y8bbgS1DRdIdHR64e3VeEkSkK1%2DejHJMNP6QeTdKT4EcyE%5FQ6hvdgj5X%5Fw%5F%2DPK9QzW3z%2DS00f6jsS%5FgGf1HcT%5FGtqSTTI2vId1f04on%5FGHfeLXk6RLQYpqt651299s%2DltnPiTlZ%2DHmlsWLyY0tZP7mpRE5XSLnxIXHDhmBJQEaYMJX4ieXxvb7KKCnIooF36TONLj3D6%2DzIFpjwQTb0AZWzT36GE91nRWY%2DhUeorclhHEebHMG8mPfjLnb8HTGMFdttjREfsl78f9Ri13bQkOz%2DV7rGy2VWlto0Dy7TGqdDeMQLBfsAgODglRBydF6FqnqN5yGlUOWUTQBERCXIpIvhMe6sxwHO5pKTQ%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7308847157328284427%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7308847157328546827%2526sid%253D4745915%2526kid%253D6200163%2526bid%253D18772662%2526c%253D43414%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: de7294256def249b9e6c6f831601b951e90396b09e96e92924231e43460b6b07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/3618/18772662/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYHgmwz1uZbnGM4eNwuIP%2DICo0AvBodaedIquitutEoyLhZ4LEAEgvYePDGCVgoCAlAegAfSLkqAByAEJqQJT6a7EdyWyPqgDAcgDmwSqBP0BT9DorcpCDJEBHHy6PVJ9deM34DNiTRUBZ2RN6fj5jwSa6h6LmMb97g55UHU%2DUj5suom1DNwXESQ34KuhdwWjUhikzpJDd1AFrONplXNamW4bmGruKq1E3ANlOylKuh1xkYkiAdwstQ0M7CrCUrv2ybHyQbUHCaVvvo8uUfh5tjDBs2B45QvO0fXYSBBLBwpocDB5IjH64jSB7qFY5yVFSoXfpfFBKemTe8%5F%2D6ngDbY9uYfQ7Vh6y5wb8gEwvrieTz6LqodC6%2DzqVlxj%2DamAtOD1p35conEhzbA0bcDR7mUply%5FkYtBdoyo4uCaAfS8Sw9T95v07LIrgdrWgAh8AE2L7dp90E4AQDiAWJueG1TZAGAaAGTYAH9PPt3wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj1lNav1vaCA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBPl68oV0BMA2BMK2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaN2D%5F%5F1phkoE9M08k5VXIW%2DkYt79Bv3fgNAp6YJ%5FeNFzOUCA2GEnD8pQNzd8BCmq47r6db9R%2DRLLoMUCx7J2ni%5FLYTOkvjZecgqboYAQ%26sig%3DAOD64%5F2C%5F%2DITTSFkwMUiw7078jH21t87HA%26client%3Dca%2Dpub%2D2108315636534052%26dbm%5Fc%3DAKAmf%2DAU7%5Fh7Io4ko44I3cYrJTSIr0DvgD%5Fg55SoTFdnmkikkNrW%5FwB5D1j9cWmYs%5F40m6IXTSUhCAEFF0e0yiltwDsLrzJkgTPAPXrQ7IP2oqq1uhTkqS2NZGDLeRwg%2DH%5FIyADNKrqV9GC4RCLwqzSBt7ShwuRLBMVDmCNuU55vr7xVtK1f01M%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBVpZoZd%2DP6g2DeEElFBRXSnH%5FpCsON4AU%5F%5FnR2V4gCeSpVq9Sxk8vqvjlj%5FBg9tqyXkDoflJ6emCL2oToKKprPMVB00VusVvYMlR%2DJhgohDxaKU1EzpPwGCvYIgtaPGnDM5V2JL3SHWoQSbMbt4CLotXyBO7CSeyfsDRHTBYLuPVANa%2Dp0A5%5FEycAhm2w6VgaMPZ7lS%5Fawqq6Y8bbgS1DRdIdHR64e3VeEkSkK1%2DejHJMNP6QeTdKT4EcyE%5FQ6hvdgj5X%5Fw%5F%2DPK9QzW3z%2DS00f6jsS%5FgGf1HcT%5FGtqSTTI2vId1f04on%5FGHfeLXk6RLQYpqt651299s%2DltnPiTlZ%2DHmlsWLyY0tZP7mpRE5XSLnxIXHDhmBJQEaYMJX4ieXxvb7KKCnIooF36TONLj3D6%2DzIFpjwQTb0AZWzT36GE91nRWY%2DhUeorclhHEebHMG8mPfjLnb8HTGMFdttjREfsl78f9Ri13bQkOz%2DV7rGy2VWlto0Dy7TGqdDeMQLBfsAgODglRBydF6FqnqN5yGlUOWUTQBERCXIpIvhMe6sxwHO5pKTQ%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7308847157328284427%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7308847157328546827%2526sid%253D4745915%2526kid%253D6200163%2526bid%253D18772662%2526c%253D43414%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Dec 2023 20:59:48 GMT
last-modified: Wed, 15 Nov 2023 09:40:16 GMT
accept-ranges: bytes
etag: "1159471451"
content-length: 12470
content-type: image/svg+xml

GET
H2 200 41ce2d48527802c94de81b420423b11d.svg
imagesrv.adition.com/banners/3618/18772662/media/ Frame 2899 3 KB
3 KB 83ms
82ms Image
image/svg+xml 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3618/18772662/media/41ce2d48527802c94de81b420423b11d.svg
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/18772662/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYHgmwz1uZbnGM4eNwuIP%2DICo0AvBodaedIquitutEoyLhZ4LEAEgvYePDGCVgoCAlAegAfSLkqAByAEJqQJT6a7EdyWyPqgDAcgDmwSqBP0BT9DorcpCDJEBHHy6PVJ9deM34DNiTRUBZ2RN6fj5jwSa6h6LmMb97g55UHU%2DUj5suom1DNwXESQ34KuhdwWjUhikzpJDd1AFrONplXNamW4bmGruKq1E3ANlOylKuh1xkYkiAdwstQ0M7CrCUrv2ybHyQbUHCaVvvo8uUfh5tjDBs2B45QvO0fXYSBBLBwpocDB5IjH64jSB7qFY5yVFSoXfpfFBKemTe8%5F%2D6ngDbY9uYfQ7Vh6y5wb8gEwvrieTz6LqodC6%2DzqVlxj%2DamAtOD1p35conEhzbA0bcDR7mUply%5FkYtBdoyo4uCaAfS8Sw9T95v07LIrgdrWgAh8AE2L7dp90E4AQDiAWJueG1TZAGAaAGTYAH9PPt3wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj1lNav1vaCA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBPl68oV0BMA2BMK2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaN2D%5F%5F1phkoE9M08k5VXIW%2DkYt79Bv3fgNAp6YJ%5FeNFzOUCA2GEnD8pQNzd8BCmq47r6db9R%2DRLLoMUCx7J2ni%5FLYTOkvjZecgqboYAQ%26sig%3DAOD64%5F2C%5F%2DITTSFkwMUiw7078jH21t87HA%26client%3Dca%2Dpub%2D2108315636534052%26dbm%5Fc%3DAKAmf%2DAU7%5Fh7Io4ko44I3cYrJTSIr0DvgD%5Fg55SoTFdnmkikkNrW%5FwB5D1j9cWmYs%5F40m6IXTSUhCAEFF0e0yiltwDsLrzJkgTPAPXrQ7IP2oqq1uhTkqS2NZGDLeRwg%2DH%5FIyADNKrqV9GC4RCLwqzSBt7ShwuRLBMVDmCNuU55vr7xVtK1f01M%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBVpZoZd%2DP6g2DeEElFBRXSnH%5FpCsON4AU%5F%5FnR2V4gCeSpVq9Sxk8vqvjlj%5FBg9tqyXkDoflJ6emCL2oToKKprPMVB00VusVvYMlR%2DJhgohDxaKU1EzpPwGCvYIgtaPGnDM5V2JL3SHWoQSbMbt4CLotXyBO7CSeyfsDRHTBYLuPVANa%2Dp0A5%5FEycAhm2w6VgaMPZ7lS%5Fawqq6Y8bbgS1DRdIdHR64e3VeEkSkK1%2DejHJMNP6QeTdKT4EcyE%5FQ6hvdgj5X%5Fw%5F%2DPK9QzW3z%2DS00f6jsS%5FgGf1HcT%5FGtqSTTI2vId1f04on%5FGHfeLXk6RLQYpqt651299s%2DltnPiTlZ%2DHmlsWLyY0tZP7mpRE5XSLnxIXHDhmBJQEaYMJX4ieXxvb7KKCnIooF36TONLj3D6%2DzIFpjwQTb0AZWzT36GE91nRWY%2DhUeorclhHEebHMG8mPfjLnb8HTGMFdttjREfsl78f9Ri13bQkOz%2DV7rGy2VWlto0Dy7TGqdDeMQLBfsAgODglRBydF6FqnqN5yGlUOWUTQBERCXIpIvhMe6sxwHO5pKTQ%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7308847157328284427%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7308847157328546827%2526sid%253D4745915%2526kid%253D6200163%2526bid%253D18772662%2526c%253D43414%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 74321d63f7f1c71cc8ed1c9c24cadbecda66d5c8d684a4d36f7558f4135710e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/3618/18772662/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYHgmwz1uZbnGM4eNwuIP%2DICo0AvBodaedIquitutEoyLhZ4LEAEgvYePDGCVgoCAlAegAfSLkqAByAEJqQJT6a7EdyWyPqgDAcgDmwSqBP0BT9DorcpCDJEBHHy6PVJ9deM34DNiTRUBZ2RN6fj5jwSa6h6LmMb97g55UHU%2DUj5suom1DNwXESQ34KuhdwWjUhikzpJDd1AFrONplXNamW4bmGruKq1E3ANlOylKuh1xkYkiAdwstQ0M7CrCUrv2ybHyQbUHCaVvvo8uUfh5tjDBs2B45QvO0fXYSBBLBwpocDB5IjH64jSB7qFY5yVFSoXfpfFBKemTe8%5F%2D6ngDbY9uYfQ7Vh6y5wb8gEwvrieTz6LqodC6%2DzqVlxj%2DamAtOD1p35conEhzbA0bcDR7mUply%5FkYtBdoyo4uCaAfS8Sw9T95v07LIrgdrWgAh8AE2L7dp90E4AQDiAWJueG1TZAGAaAGTYAH9PPt3wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj1lNav1vaCA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBPl68oV0BMA2BMK2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaN2D%5F%5F1phkoE9M08k5VXIW%2DkYt79Bv3fgNAp6YJ%5FeNFzOUCA2GEnD8pQNzd8BCmq47r6db9R%2DRLLoMUCx7J2ni%5FLYTOkvjZecgqboYAQ%26sig%3DAOD64%5F2C%5F%2DITTSFkwMUiw7078jH21t87HA%26client%3Dca%2Dpub%2D2108315636534052%26dbm%5Fc%3DAKAmf%2DAU7%5Fh7Io4ko44I3cYrJTSIr0DvgD%5Fg55SoTFdnmkikkNrW%5FwB5D1j9cWmYs%5F40m6IXTSUhCAEFF0e0yiltwDsLrzJkgTPAPXrQ7IP2oqq1uhTkqS2NZGDLeRwg%2DH%5FIyADNKrqV9GC4RCLwqzSBt7ShwuRLBMVDmCNuU55vr7xVtK1f01M%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBVpZoZd%2DP6g2DeEElFBRXSnH%5FpCsON4AU%5F%5FnR2V4gCeSpVq9Sxk8vqvjlj%5FBg9tqyXkDoflJ6emCL2oToKKprPMVB00VusVvYMlR%2DJhgohDxaKU1EzpPwGCvYIgtaPGnDM5V2JL3SHWoQSbMbt4CLotXyBO7CSeyfsDRHTBYLuPVANa%2Dp0A5%5FEycAhm2w6VgaMPZ7lS%5Fawqq6Y8bbgS1DRdIdHR64e3VeEkSkK1%2DejHJMNP6QeTdKT4EcyE%5FQ6hvdgj5X%5Fw%5F%2DPK9QzW3z%2DS00f6jsS%5FgGf1HcT%5FGtqSTTI2vId1f04on%5FGHfeLXk6RLQYpqt651299s%2DltnPiTlZ%2DHmlsWLyY0tZP7mpRE5XSLnxIXHDhmBJQEaYMJX4ieXxvb7KKCnIooF36TONLj3D6%2DzIFpjwQTb0AZWzT36GE91nRWY%2DhUeorclhHEebHMG8mPfjLnb8HTGMFdttjREfsl78f9Ri13bQkOz%2DV7rGy2VWlto0Dy7TGqdDeMQLBfsAgODglRBydF6FqnqN5yGlUOWUTQBERCXIpIvhMe6sxwHO5pKTQ%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7308847157328284427%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7308847157328546827%2526sid%253D4745915%2526kid%253D6200163%2526bid%253D18772662%2526c%253D43414%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Dec 2023 20:59:48 GMT
last-modified: Wed, 15 Nov 2023 09:42:21 GMT
accept-ranges: bytes
etag: "1506315140"
content-length: 3409
content-type: image/svg+xml

GET
H2 200 b2d7d8d48d3df04fa21f3e3520cc96cd.svg
imagesrv.adition.com/banners/3618/18772662/media/ Frame 2899 2 KB
2 KB 84ms
83ms Image
image/svg+xml 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3618/18772662/media/b2d7d8d48d3df04fa21f3e3520cc96cd.svg
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/18772662/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYHgmwz1uZbnGM4eNwuIP%2DICo0AvBodaedIquitutEoyLhZ4LEAEgvYePDGCVgoCAlAegAfSLkqAByAEJqQJT6a7EdyWyPqgDAcgDmwSqBP0BT9DorcpCDJEBHHy6PVJ9deM34DNiTRUBZ2RN6fj5jwSa6h6LmMb97g55UHU%2DUj5suom1DNwXESQ34KuhdwWjUhikzpJDd1AFrONplXNamW4bmGruKq1E3ANlOylKuh1xkYkiAdwstQ0M7CrCUrv2ybHyQbUHCaVvvo8uUfh5tjDBs2B45QvO0fXYSBBLBwpocDB5IjH64jSB7qFY5yVFSoXfpfFBKemTe8%5F%2D6ngDbY9uYfQ7Vh6y5wb8gEwvrieTz6LqodC6%2DzqVlxj%2DamAtOD1p35conEhzbA0bcDR7mUply%5FkYtBdoyo4uCaAfS8Sw9T95v07LIrgdrWgAh8AE2L7dp90E4AQDiAWJueG1TZAGAaAGTYAH9PPt3wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj1lNav1vaCA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBPl68oV0BMA2BMK2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaN2D%5F%5F1phkoE9M08k5VXIW%2DkYt79Bv3fgNAp6YJ%5FeNFzOUCA2GEnD8pQNzd8BCmq47r6db9R%2DRLLoMUCx7J2ni%5FLYTOkvjZecgqboYAQ%26sig%3DAOD64%5F2C%5F%2DITTSFkwMUiw7078jH21t87HA%26client%3Dca%2Dpub%2D2108315636534052%26dbm%5Fc%3DAKAmf%2DAU7%5Fh7Io4ko44I3cYrJTSIr0DvgD%5Fg55SoTFdnmkikkNrW%5FwB5D1j9cWmYs%5F40m6IXTSUhCAEFF0e0yiltwDsLrzJkgTPAPXrQ7IP2oqq1uhTkqS2NZGDLeRwg%2DH%5FIyADNKrqV9GC4RCLwqzSBt7ShwuRLBMVDmCNuU55vr7xVtK1f01M%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBVpZoZd%2DP6g2DeEElFBRXSnH%5FpCsON4AU%5F%5FnR2V4gCeSpVq9Sxk8vqvjlj%5FBg9tqyXkDoflJ6emCL2oToKKprPMVB00VusVvYMlR%2DJhgohDxaKU1EzpPwGCvYIgtaPGnDM5V2JL3SHWoQSbMbt4CLotXyBO7CSeyfsDRHTBYLuPVANa%2Dp0A5%5FEycAhm2w6VgaMPZ7lS%5Fawqq6Y8bbgS1DRdIdHR64e3VeEkSkK1%2DejHJMNP6QeTdKT4EcyE%5FQ6hvdgj5X%5Fw%5F%2DPK9QzW3z%2DS00f6jsS%5FgGf1HcT%5FGtqSTTI2vId1f04on%5FGHfeLXk6RLQYpqt651299s%2DltnPiTlZ%2DHmlsWLyY0tZP7mpRE5XSLnxIXHDhmBJQEaYMJX4ieXxvb7KKCnIooF36TONLj3D6%2DzIFpjwQTb0AZWzT36GE91nRWY%2DhUeorclhHEebHMG8mPfjLnb8HTGMFdttjREfsl78f9Ri13bQkOz%2DV7rGy2VWlto0Dy7TGqdDeMQLBfsAgODglRBydF6FqnqN5yGlUOWUTQBERCXIpIvhMe6sxwHO5pKTQ%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7308847157328284427%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7308847157328546827%2526sid%253D4745915%2526kid%253D6200163%2526bid%253D18772662%2526c%253D43414%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 2949ad87f5759aa23a8447e1f38f53f4003bc7f30da5b2e7b65db2f687dd4dfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/3618/18772662/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYHgmwz1uZbnGM4eNwuIP%2DICo0AvBodaedIquitutEoyLhZ4LEAEgvYePDGCVgoCAlAegAfSLkqAByAEJqQJT6a7EdyWyPqgDAcgDmwSqBP0BT9DorcpCDJEBHHy6PVJ9deM34DNiTRUBZ2RN6fj5jwSa6h6LmMb97g55UHU%2DUj5suom1DNwXESQ34KuhdwWjUhikzpJDd1AFrONplXNamW4bmGruKq1E3ANlOylKuh1xkYkiAdwstQ0M7CrCUrv2ybHyQbUHCaVvvo8uUfh5tjDBs2B45QvO0fXYSBBLBwpocDB5IjH64jSB7qFY5yVFSoXfpfFBKemTe8%5F%2D6ngDbY9uYfQ7Vh6y5wb8gEwvrieTz6LqodC6%2DzqVlxj%2DamAtOD1p35conEhzbA0bcDR7mUply%5FkYtBdoyo4uCaAfS8Sw9T95v07LIrgdrWgAh8AE2L7dp90E4AQDiAWJueG1TZAGAaAGTYAH9PPt3wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj1lNav1vaCA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBPl68oV0BMA2BMK2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaN2D%5F%5F1phkoE9M08k5VXIW%2DkYt79Bv3fgNAp6YJ%5FeNFzOUCA2GEnD8pQNzd8BCmq47r6db9R%2DRLLoMUCx7J2ni%5FLYTOkvjZecgqboYAQ%26sig%3DAOD64%5F2C%5F%2DITTSFkwMUiw7078jH21t87HA%26client%3Dca%2Dpub%2D2108315636534052%26dbm%5Fc%3DAKAmf%2DAU7%5Fh7Io4ko44I3cYrJTSIr0DvgD%5Fg55SoTFdnmkikkNrW%5FwB5D1j9cWmYs%5F40m6IXTSUhCAEFF0e0yiltwDsLrzJkgTPAPXrQ7IP2oqq1uhTkqS2NZGDLeRwg%2DH%5FIyADNKrqV9GC4RCLwqzSBt7ShwuRLBMVDmCNuU55vr7xVtK1f01M%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBVpZoZd%2DP6g2DeEElFBRXSnH%5FpCsON4AU%5F%5FnR2V4gCeSpVq9Sxk8vqvjlj%5FBg9tqyXkDoflJ6emCL2oToKKprPMVB00VusVvYMlR%2DJhgohDxaKU1EzpPwGCvYIgtaPGnDM5V2JL3SHWoQSbMbt4CLotXyBO7CSeyfsDRHTBYLuPVANa%2Dp0A5%5FEycAhm2w6VgaMPZ7lS%5Fawqq6Y8bbgS1DRdIdHR64e3VeEkSkK1%2DejHJMNP6QeTdKT4EcyE%5FQ6hvdgj5X%5Fw%5F%2DPK9QzW3z%2DS00f6jsS%5FgGf1HcT%5FGtqSTTI2vId1f04on%5FGHfeLXk6RLQYpqt651299s%2DltnPiTlZ%2DHmlsWLyY0tZP7mpRE5XSLnxIXHDhmBJQEaYMJX4ieXxvb7KKCnIooF36TONLj3D6%2DzIFpjwQTb0AZWzT36GE91nRWY%2DhUeorclhHEebHMG8mPfjLnb8HTGMFdttjREfsl78f9Ri13bQkOz%2DV7rGy2VWlto0Dy7TGqdDeMQLBfsAgODglRBydF6FqnqN5yGlUOWUTQBERCXIpIvhMe6sxwHO5pKTQ%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7308847157328284427%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7308847157328546827%2526sid%253D4745915%2526kid%253D6200163%2526bid%253D18772662%2526c%253D43414%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Dec 2023 20:59:48 GMT
last-modified: Mon, 06 Jun 2022 08:57:30 GMT
accept-ranges: bytes
etag: "1264739588"
content-length: 1758
content-type: image/svg+xml

GET
H2 200 ac4848f5dbf9aff1f6f13ddd9583fb81.svg
imagesrv.adition.com/banners/3618/18772662/media/ Frame 2899 13 KB
13 KB 121ms
120ms Image
image/svg+xml 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3618/18772662/media/ac4848f5dbf9aff1f6f13ddd9583fb81.svg
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/18772662/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYHgmwz1uZbnGM4eNwuIP%2DICo0AvBodaedIquitutEoyLhZ4LEAEgvYePDGCVgoCAlAegAfSLkqAByAEJqQJT6a7EdyWyPqgDAcgDmwSqBP0BT9DorcpCDJEBHHy6PVJ9deM34DNiTRUBZ2RN6fj5jwSa6h6LmMb97g55UHU%2DUj5suom1DNwXESQ34KuhdwWjUhikzpJDd1AFrONplXNamW4bmGruKq1E3ANlOylKuh1xkYkiAdwstQ0M7CrCUrv2ybHyQbUHCaVvvo8uUfh5tjDBs2B45QvO0fXYSBBLBwpocDB5IjH64jSB7qFY5yVFSoXfpfFBKemTe8%5F%2D6ngDbY9uYfQ7Vh6y5wb8gEwvrieTz6LqodC6%2DzqVlxj%2DamAtOD1p35conEhzbA0bcDR7mUply%5FkYtBdoyo4uCaAfS8Sw9T95v07LIrgdrWgAh8AE2L7dp90E4AQDiAWJueG1TZAGAaAGTYAH9PPt3wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj1lNav1vaCA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBPl68oV0BMA2BMK2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaN2D%5F%5F1phkoE9M08k5VXIW%2DkYt79Bv3fgNAp6YJ%5FeNFzOUCA2GEnD8pQNzd8BCmq47r6db9R%2DRLLoMUCx7J2ni%5FLYTOkvjZecgqboYAQ%26sig%3DAOD64%5F2C%5F%2DITTSFkwMUiw7078jH21t87HA%26client%3Dca%2Dpub%2D2108315636534052%26dbm%5Fc%3DAKAmf%2DAU7%5Fh7Io4ko44I3cYrJTSIr0DvgD%5Fg55SoTFdnmkikkNrW%5FwB5D1j9cWmYs%5F40m6IXTSUhCAEFF0e0yiltwDsLrzJkgTPAPXrQ7IP2oqq1uhTkqS2NZGDLeRwg%2DH%5FIyADNKrqV9GC4RCLwqzSBt7ShwuRLBMVDmCNuU55vr7xVtK1f01M%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBVpZoZd%2DP6g2DeEElFBRXSnH%5FpCsON4AU%5F%5FnR2V4gCeSpVq9Sxk8vqvjlj%5FBg9tqyXkDoflJ6emCL2oToKKprPMVB00VusVvYMlR%2DJhgohDxaKU1EzpPwGCvYIgtaPGnDM5V2JL3SHWoQSbMbt4CLotXyBO7CSeyfsDRHTBYLuPVANa%2Dp0A5%5FEycAhm2w6VgaMPZ7lS%5Fawqq6Y8bbgS1DRdIdHR64e3VeEkSkK1%2DejHJMNP6QeTdKT4EcyE%5FQ6hvdgj5X%5Fw%5F%2DPK9QzW3z%2DS00f6jsS%5FgGf1HcT%5FGtqSTTI2vId1f04on%5FGHfeLXk6RLQYpqt651299s%2DltnPiTlZ%2DHmlsWLyY0tZP7mpRE5XSLnxIXHDhmBJQEaYMJX4ieXxvb7KKCnIooF36TONLj3D6%2DzIFpjwQTb0AZWzT36GE91nRWY%2DhUeorclhHEebHMG8mPfjLnb8HTGMFdttjREfsl78f9Ri13bQkOz%2DV7rGy2VWlto0Dy7TGqdDeMQLBfsAgODglRBydF6FqnqN5yGlUOWUTQBERCXIpIvhMe6sxwHO5pKTQ%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7308847157328284427%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7308847157328546827%2526sid%253D4745915%2526kid%253D6200163%2526bid%253D18772662%2526c%253D43414%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 63faa8b7384c37c4834b77615586404ad7d7591d5ab8ac0c50c2b10470b35b0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/3618/18772662/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYHgmwz1uZbnGM4eNwuIP%2DICo0AvBodaedIquitutEoyLhZ4LEAEgvYePDGCVgoCAlAegAfSLkqAByAEJqQJT6a7EdyWyPqgDAcgDmwSqBP0BT9DorcpCDJEBHHy6PVJ9deM34DNiTRUBZ2RN6fj5jwSa6h6LmMb97g55UHU%2DUj5suom1DNwXESQ34KuhdwWjUhikzpJDd1AFrONplXNamW4bmGruKq1E3ANlOylKuh1xkYkiAdwstQ0M7CrCUrv2ybHyQbUHCaVvvo8uUfh5tjDBs2B45QvO0fXYSBBLBwpocDB5IjH64jSB7qFY5yVFSoXfpfFBKemTe8%5F%2D6ngDbY9uYfQ7Vh6y5wb8gEwvrieTz6LqodC6%2DzqVlxj%2DamAtOD1p35conEhzbA0bcDR7mUply%5FkYtBdoyo4uCaAfS8Sw9T95v07LIrgdrWgAh8AE2L7dp90E4AQDiAWJueG1TZAGAaAGTYAH9PPt3wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj1lNav1vaCA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBPl68oV0BMA2BMK2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaN2D%5F%5F1phkoE9M08k5VXIW%2DkYt79Bv3fgNAp6YJ%5FeNFzOUCA2GEnD8pQNzd8BCmq47r6db9R%2DRLLoMUCx7J2ni%5FLYTOkvjZecgqboYAQ%26sig%3DAOD64%5F2C%5F%2DITTSFkwMUiw7078jH21t87HA%26client%3Dca%2Dpub%2D2108315636534052%26dbm%5Fc%3DAKAmf%2DAU7%5Fh7Io4ko44I3cYrJTSIr0DvgD%5Fg55SoTFdnmkikkNrW%5FwB5D1j9cWmYs%5F40m6IXTSUhCAEFF0e0yiltwDsLrzJkgTPAPXrQ7IP2oqq1uhTkqS2NZGDLeRwg%2DH%5FIyADNKrqV9GC4RCLwqzSBt7ShwuRLBMVDmCNuU55vr7xVtK1f01M%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBVpZoZd%2DP6g2DeEElFBRXSnH%5FpCsON4AU%5F%5FnR2V4gCeSpVq9Sxk8vqvjlj%5FBg9tqyXkDoflJ6emCL2oToKKprPMVB00VusVvYMlR%2DJhgohDxaKU1EzpPwGCvYIgtaPGnDM5V2JL3SHWoQSbMbt4CLotXyBO7CSeyfsDRHTBYLuPVANa%2Dp0A5%5FEycAhm2w6VgaMPZ7lS%5Fawqq6Y8bbgS1DRdIdHR64e3VeEkSkK1%2DejHJMNP6QeTdKT4EcyE%5FQ6hvdgj5X%5Fw%5F%2DPK9QzW3z%2DS00f6jsS%5FgGf1HcT%5FGtqSTTI2vId1f04on%5FGHfeLXk6RLQYpqt651299s%2DltnPiTlZ%2DHmlsWLyY0tZP7mpRE5XSLnxIXHDhmBJQEaYMJX4ieXxvb7KKCnIooF36TONLj3D6%2DzIFpjwQTb0AZWzT36GE91nRWY%2DhUeorclhHEebHMG8mPfjLnb8HTGMFdttjREfsl78f9Ri13bQkOz%2DV7rGy2VWlto0Dy7TGqdDeMQLBfsAgODglRBydF6FqnqN5yGlUOWUTQBERCXIpIvhMe6sxwHO5pKTQ%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7308847157328284427%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7308847157328546827%2526sid%253D4745915%2526kid%253D6200163%2526bid%253D18772662%2526c%253D43414%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Dec 2023 20:59:48 GMT
last-modified: Wed, 16 Nov 2022 12:35:48 GMT
accept-ranges: bytes
etag: "675566260"
content-length: 13735
content-type: image/svg+xml

GET
H2 200 4e2bb212d95a70e4903e5396c5a2029f.svg
imagesrv.adition.com/banners/3618/18772662/media/ Frame 2899 14 KB
14 KB 122ms
122ms Image
image/svg+xml 217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3618/18772662/media/4e2bb212d95a70e4903e5396c5a2029f.svg
Requested by: Host: imagesrv.adition.com
URL: https://imagesrv.adition.com/banners/3618/18772662/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYHgmwz1uZbnGM4eNwuIP%2DICo0AvBodaedIquitutEoyLhZ4LEAEgvYePDGCVgoCAlAegAfSLkqAByAEJqQJT6a7EdyWyPqgDAcgDmwSqBP0BT9DorcpCDJEBHHy6PVJ9deM34DNiTRUBZ2RN6fj5jwSa6h6LmMb97g55UHU%2DUj5suom1DNwXESQ34KuhdwWjUhikzpJDd1AFrONplXNamW4bmGruKq1E3ANlOylKuh1xkYkiAdwstQ0M7CrCUrv2ybHyQbUHCaVvvo8uUfh5tjDBs2B45QvO0fXYSBBLBwpocDB5IjH64jSB7qFY5yVFSoXfpfFBKemTe8%5F%2D6ngDbY9uYfQ7Vh6y5wb8gEwvrieTz6LqodC6%2DzqVlxj%2DamAtOD1p35conEhzbA0bcDR7mUply%5FkYtBdoyo4uCaAfS8Sw9T95v07LIrgdrWgAh8AE2L7dp90E4AQDiAWJueG1TZAGAaAGTYAH9PPt3wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj1lNav1vaCA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBPl68oV0BMA2BMK2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaN2D%5F%5F1phkoE9M08k5VXIW%2DkYt79Bv3fgNAp6YJ%5FeNFzOUCA2GEnD8pQNzd8BCmq47r6db9R%2DRLLoMUCx7J2ni%5FLYTOkvjZecgqboYAQ%26sig%3DAOD64%5F2C%5F%2DITTSFkwMUiw7078jH21t87HA%26client%3Dca%2Dpub%2D2108315636534052%26dbm%5Fc%3DAKAmf%2DAU7%5Fh7Io4ko44I3cYrJTSIr0DvgD%5Fg55SoTFdnmkikkNrW%5FwB5D1j9cWmYs%5F40m6IXTSUhCAEFF0e0yiltwDsLrzJkgTPAPXrQ7IP2oqq1uhTkqS2NZGDLeRwg%2DH%5FIyADNKrqV9GC4RCLwqzSBt7ShwuRLBMVDmCNuU55vr7xVtK1f01M%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBVpZoZd%2DP6g2DeEElFBRXSnH%5FpCsON4AU%5F%5FnR2V4gCeSpVq9Sxk8vqvjlj%5FBg9tqyXkDoflJ6emCL2oToKKprPMVB00VusVvYMlR%2DJhgohDxaKU1EzpPwGCvYIgtaPGnDM5V2JL3SHWoQSbMbt4CLotXyBO7CSeyfsDRHTBYLuPVANa%2Dp0A5%5FEycAhm2w6VgaMPZ7lS%5Fawqq6Y8bbgS1DRdIdHR64e3VeEkSkK1%2DejHJMNP6QeTdKT4EcyE%5FQ6hvdgj5X%5Fw%5F%2DPK9QzW3z%2DS00f6jsS%5FgGf1HcT%5FGtqSTTI2vId1f04on%5FGHfeLXk6RLQYpqt651299s%2DltnPiTlZ%2DHmlsWLyY0tZP7mpRE5XSLnxIXHDhmBJQEaYMJX4ieXxvb7KKCnIooF36TONLj3D6%2DzIFpjwQTb0AZWzT36GE91nRWY%2DhUeorclhHEebHMG8mPfjLnb8HTGMFdttjREfsl78f9Ri13bQkOz%2DV7rGy2VWlto0Dy7TGqdDeMQLBfsAgODglRBydF6FqnqN5yGlUOWUTQBERCXIpIvhMe6sxwHO5pKTQ%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7308847157328284427%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7308847157328546827%2526sid%253D4745915%2526kid%253D6200163%2526bid%253D18772662%2526c%253D43414%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 7173ebd27e0b568bf90bd86665d7ec7910c243723fb4731a7a8e67b3d110579d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imagesrv.adition.com/banners/3618/18772662/index.html?clicktag=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCYHgmwz1uZbnGM4eNwuIP%2DICo0AvBodaedIquitutEoyLhZ4LEAEgvYePDGCVgoCAlAegAfSLkqAByAEJqQJT6a7EdyWyPqgDAcgDmwSqBP0BT9DorcpCDJEBHHy6PVJ9deM34DNiTRUBZ2RN6fj5jwSa6h6LmMb97g55UHU%2DUj5suom1DNwXESQ34KuhdwWjUhikzpJDd1AFrONplXNamW4bmGruKq1E3ANlOylKuh1xkYkiAdwstQ0M7CrCUrv2ybHyQbUHCaVvvo8uUfh5tjDBs2B45QvO0fXYSBBLBwpocDB5IjH64jSB7qFY5yVFSoXfpfFBKemTe8%5F%2D6ngDbY9uYfQ7Vh6y5wb8gEwvrieTz6LqodC6%2DzqVlxj%2DamAtOD1p35conEhzbA0bcDR7mUply%5FkYtBdoyo4uCaAfS8Sw9T95v07LIrgdrWgAh8AE2L7dp90E4AQDiAWJueG1TZAGAaAGTYAH9PPt3wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf%2DnrECqAfVyRuoB6a%2DG6gHmgaoB%5FPRG6gHltgbqAeqm7ECqAeDrbECqAf%5FnrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj1lNav1vaCA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBPl68oV0BMA2BMK2BQB0BUB%2DBYBgBcB6BcB%26ae%3D1%26num%3D1%26cid%3DCAQSTwDICaaN2D%5F%5F1phkoE9M08k5VXIW%2DkYt79Bv3fgNAp6YJ%5FeNFzOUCA2GEnD8pQNzd8BCmq47r6db9R%2DRLLoMUCx7J2ni%5FLYTOkvjZecgqboYAQ%26sig%3DAOD64%5F2C%5F%2DITTSFkwMUiw7078jH21t87HA%26client%3Dca%2Dpub%2D2108315636534052%26dbm%5Fc%3DAKAmf%2DAU7%5Fh7Io4ko44I3cYrJTSIr0DvgD%5Fg55SoTFdnmkikkNrW%5FwB5D1j9cWmYs%5F40m6IXTSUhCAEFF0e0yiltwDsLrzJkgTPAPXrQ7IP2oqq1uhTkqS2NZGDLeRwg%2DH%5FIyADNKrqV9GC4RCLwqzSBt7ShwuRLBMVDmCNuU55vr7xVtK1f01M%26cry%3D1%26dbm%5Fd%3DAKAmf%2DBVpZoZd%2DP6g2DeEElFBRXSnH%5FpCsON4AU%5F%5FnR2V4gCeSpVq9Sxk8vqvjlj%5FBg9tqyXkDoflJ6emCL2oToKKprPMVB00VusVvYMlR%2DJhgohDxaKU1EzpPwGCvYIgtaPGnDM5V2JL3SHWoQSbMbt4CLotXyBO7CSeyfsDRHTBYLuPVANa%2Dp0A5%5FEycAhm2w6VgaMPZ7lS%5Fawqq6Y8bbgS1DRdIdHR64e3VeEkSkK1%2DejHJMNP6QeTdKT4EcyE%5FQ6hvdgj5X%5Fw%5F%2DPK9QzW3z%2DS00f6jsS%5FgGf1HcT%5FGtqSTTI2vId1f04on%5FGHfeLXk6RLQYpqt651299s%2DltnPiTlZ%2DHmlsWLyY0tZP7mpRE5XSLnxIXHDhmBJQEaYMJX4ieXxvb7KKCnIooF36TONLj3D6%2DzIFpjwQTb0AZWzT36GE91nRWY%2DhUeorclhHEebHMG8mPfjLnb8HTGMFdttjREfsl78f9Ri13bQkOz%2DV7rGy2VWlto0Dy7TGqdDeMQLBfsAgODglRBydF6FqnqN5yGlUOWUTQBERCXIpIvhMe6sxwHO5pKTQ%26adurl%3Dhttps%253A%252F%252Fad1.adfarm1.adition.com%252Fredi%253Flid%253D7308847157328284427%2526gdpr%253D0%2526gdpr%255Fconsent%253D%2526gdpr%255Fpd%253D0%2526userid%253D7308847157328546827%2526sid%253D4745915%2526kid%253D6200163%2526bid%253D18772662%2526c%253D43414%2526keyword%253D%2526sr%253D6%2526gk%253D0%2526mdev%253D0%2526clickurl%253D&gdpr=0&gdpr_consent=&h5Params=%7B%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Dec 2023 20:59:48 GMT
last-modified: Thu, 23 Nov 2023 10:58:41 GMT
accept-ranges: bytes
etag: "3442378632"
content-length: 13838
content-type: image/svg+xml

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC6C 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BDxDSxD1uZYOIHdqNjuwPhbaukA0AAAAAOAHgBAI&bg=!VlWlVRrNAAY3kmNgF5I7ADQBe5WfOErZ9zHqoawqfatChI7qaw8wZiFDU_vbKafsBtdMw25KPS6yLyaujBV4a5L_SiuJAgAAAEJSAAAAAmgBB5kDDsmXQuAvLnX9JX6S3LsddaMLDUKXBGIxIjc9rjbXVptWNgvdFXI7jZ-WcRzTzk2OA598FpUxDP85QQz19taiBDx7sr6-Z_D2I4ipSCacO218vQHLG38PCp7iHcqz2XocZcO00ZhYHQefbwrn4AutQgZGE-NQDbI06Mh6V5uWdC0ciIP-iaHZth2iedR6kMYndfB7kgl10wGZcpbtEowna-aLwSzdoU7KYb6Z6O028s96V6JOeIVKs0qrKvxL0cpyRg1ZOyIcZVVw3krm-6kVW0CsBOHG-Frnoy6jRZVkPLnPqqPfXvyreF6h9vulGVpbcHPe4jYgV3OQ5SpvR0GP56fZ44EQHrpDqKMe3xXbErulJZzYh3_4odRao4IalsirF6SWaa7dLa002KNZ_DOWZ1SsDxnPR9YF_TfISqHHSxlH9O3XU1UCu1fwYwZcwnYdO8h1MLhDqGEJ_1GM1bVEIgKO7sBqid4Uf3g89dP9Lyr--Tv_UN1jyGb5lylvVhtakAd7E3iKSFE0uBQPWwgToBIzY9N12w3uiVV9_PrUlT9rTL_HZH_WXG6pescpDJecGT09O0uRKDwGCjTBTzkAYU9jYrFDLzggbdsAaj-u0FDNl8K1-7zleZkXankc_MnZsQnAMPPKts0G9TENPmggax6rWfKyBN3BzWxzIsHTz6F0nR15cvJC8t3LHzNjh9D2QFL0NiIogbVGEVVdKuk9L2-DG90eRGPqk9VuuAewxa0k0jzXiiHL2F_JFLojgtNKh5gmXoFGg8Zu3wN8sFy7-IeBg8iEy-lmrALUhYQKBY70pQSF02qixZjGcLFnQebP5eu84OlTsJ2iZaaK-Y8pNOpglEu2X4phGKUPyXW19tZWgs24bT0Kt-gRDCiUe-R5OohmSNoq0krhqQvr5sSwT4SOlKxJsmJql24_WRx7Cf9I7R_NmN1iSePIYPMycUnUn2Sui1lgRyW9JTsHkURyQI07D8JOw9ZWF_VymJUQAdFBm_yfF17L9WwGACEQdgUx_iPwviKYuwKSqEn6scV1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:59:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 169ms
88ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231130&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e780e6b00a04497a36916a5feaeec8160c5f4cb2746ebd93faeb33b9f642e2ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12325
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 20:59:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F744 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mywhats.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 11321
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 17:51:08 GMT
expires: Tue, 03 Dec 2024 17:51:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F153 829 B
1 KB 138ms
51ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f2e9d5a0b5e3b3a7150284d36afacb02fefef73db85114e0488e876fa61013bc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ra0kO1XW_Jcq6_lMHUa-kQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mywhats.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Ra0kO1XW_Jcq6_lMHUa-kQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 20:59:49 GMT
expires: Mon, 04 Dec 2023 20:59:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame F744 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 10:24:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 10:24:32 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F744 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6AC41w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:59:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F153 0
0 79ms
78ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231130&jk=1104294720372796&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H/1.1 200
OK d
vt.adition.com/ Frame 350C 68 B
301 B 190ms
42ms Image
image/gif 217.79.188.53
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vt.adition.com/d?lid=7308847157328284427&n=3618&c=6200163&b=18772662&cu=4745915&vt=0&elapsed=1&ma=100&suvt=0&h=0&v=0&vt_50=0&vt_60=0&vt_100=0&vt_cust=0&version=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.53 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: vt.adition.com
Software: openresty /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 20:59:49 GMT
Last-Modified: Thu, 15 Dec 2016 08:50:40 GMT
Server: openresty
ETag: "58525960-44"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 350C 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssaEg3p2YO1TP36lBartx0GOq_7_zrFdGNaEw3HXsV4v_2IAxjFWK7zB6p8KJhJE8BO_ZE3bKHK4DO1VdZszv3_02w8MCg-z2youE1Cmfk07AtS8X5waT_ABcSvRoA0fS_FNsqeKTlGdLw&sai=AMfl-YQ2fTBLk06hU2GUFqbf3QI33y7n-fyoLvNCtPf0gCKUfytoW85WWi2vr9CH5-M9Ml4yTf6s_g10wNi43qT554D3dWPGP9sOJ3zMgCDu3ehdeX_FaMpcEPdUIh1GsVIhJggq3YGbRBK29itEhmNAPSgThqMMTLGdkQHC&sig=Cg0ArKJSzGLRLrSfgDwEEAE&cid=CAQSTwDICaaN2D__1phkoE9M08k5VXIW-kYt79Bv3fgNAp6YJ_eNFzOUCA2GEnD8pQNzd8BCmq47r6db9R-RLLoMUCx7J2ni_LYTOkvjZecgqboYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=517,1000,1000,1000,1000&tos=517,483,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701723588266&rpt=487&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:59:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
75ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231130&jk=1104294720372796&bg=!w8ClwI_NAAY3kmNgF5I7ADQBe5WfOJ8so6rI5zuMyLBL1Muu-ITTCinixLHF7Rtooq7xHOSx_gw3Ieayb8m_5t-M7uJnAgAAAEBSAAAAAmgBBwoAvhu1M2PN6UbqIq_QKDG7zuma04qxFx-HNLfKBa18xr9wzCnU3m6mqYqdQ1cSVTXeHYDN779d2lAJACD74lCQ-Hfh80MetzJnauPU3Qte3Hetdtev6LQFLuB0j9oR4IeHIyX-Qxv9JAMGvSv8WekIp1JqyJ567R0R1RjO-qnAhzkWmUzd2dyAaLtkY4QRMm38PbNqYDrLsxwVmPJwDqwpxJ0VK4lIG_3jY35YkcIVko4wnVaqamu37kaFAcOrteWZAq2A2TwQ2J_3zn8KKBFZlg2Hom_Wmth44A4eqH27J5ZUj8i16-EjazQgoLZIGJZXfXuZTPRNQ9RE4lg7GZ8CA2KaeEJW_NtWkyo5XliTFp1dIGiiwU9_kMmkKFWmPHFN2ZHRdV5ujwSPcWRXcJrEzK1ELXmFVVcf7zvHlOrt3cqucUbOoTrUkT1br3eDpfBXVCZatPFY9ixZh2tmJsktHOSDB-H8yZYdYWvLntpRIF1jgw8tGlQejVbdelaLyzyiuNlUy0OVzP65E5Gz4qsF4YQEQFbsAT-_iRGV4EDUTri3CAWwPKsVATsHLid5d4QnBvo4L0P_XtfUanFVX2BIF4hunP7hBYzekvUpIj31UjJdGkHw43WVzO9sRIzPA8TrR-BcSOyABGSoCGcTml0EiFmQpzmxLBLpXXp5c-84-7yQ923UHD6TEJyfDsaIYfGQSjYhEAwc2rS5dpMB_vTEb68lGZZiwtdNDLcirBHR0lfgBAigsczyzKep-1itCNcYOzVx_-fYZ07d012k1eG5vwQoFJsjzJBh04kRm_WEVy6kaX1Fr-EJfcwfSi7m1h8UECUqWGgZjHPp7KnTd1ZMmvkA__xJKMq91DAaEd9nAD6knkg6hiORQ9lOHdP2xLRiqQE7Bf79QscVcdhSbCyAMChtrwZhSATK9EmAjzqSDdRUsm02xSOQ4DQa8Jqns6xiuHm3dr-JRkDGqlU3ux1dC8weexKFcxVCoFcdgMdUHCaigECZzaWiQk8_mrnfJX0uMB5-htjqsxwax6iwGJ5gNNvMi3eV0d6QSYT8_tFBTz-Kr7x9GXdhwUVAzvcFv9FZC29fnYOYAaFlY0pMxUi0HGi98pVcU1J1qeXXd0Z_vcwO0WZpBeuD1fn_h0Ve4yQzuCnbRjW7e8_uyYW4c-QR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mywhats.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 350C 0
20 B 221ms
221ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=864859243071&version=m202309260101&ct=77&x=1&cor=1352976385361616100

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 20:59:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mywhats.net/	1970-01-21 02:18:03	Name: _ga Value: GA1.2.736808670.1701723588
.mywhats.net/	1970-01-20 16:43:29	Name: _gid Value: GA1.2.129327494.1701723588
.mywhats.net/	1970-01-20 16:42:03	Name: _gat Value: 1
mywhats.net/	1970-01-20 17:25:15	Name: clever-last-tracker-53094 Value: 0
.mywhats.net/	1970-01-21 02:18:03	Name: _ga_62M42V12V7 Value: GS1.2.1701723588.1.0.1701723588.0.0.0
.mywhats.net/	1970-01-21 02:03:39	Name: __gads Value: ID=d90b7c939a647a25:T=1701723587:RT=1701723587:S=ALNI_MYjvsAYQ2Ge-4qCQXOir9gt3xaCsw
.mywhats.net/	1970-01-21 02:03:39	Name: __gpi Value: UID=00000ce2ff335569:T=1701723587:RT=1701723587:S=ALNI_MaYWzxAKc8JsaXvtIZrez0tEIoVtg
.doubleclick.net/	1970-01-21 02:03:39	Name: IDE Value: AHWqTUkk5WNjBo-7tq6ZP1sudxY41e5BR9GDkn0qn3v1jVfH9g16aKMD7QG2M8u6
.adfarm1.adition.com/	1970-01-20 18:51:39	Name: UserID1 Value: 7308847157328546827
.adnxs.com/	1970-01-20 18:51:39	Name: uuid2 Value: 4944951484397916729
.doubleclick.net/	1970-01-20 21:01:15	Name: APC Value: AfxxVi4GIgtKeY3UNtPdM5qLoYXm6CuOkmnj8AePVRDmcuV-cOmKpQ
.adnxs.com/	1970-01-20 18:51:39	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HbywWtfZ!@wnfH8K6pQK`!5=E<L5?%LjfSt9.hsDT]g[oVsjFTsC1Uk/]Bn@bq-RVoAbpRzqF1`bavGG0F
.casalemedia.com/	1970-01-20 18:51:39	Name: CMPS Value: 5221
.adfarm1.adition.com/	1970-01-20 16:42:05	Name: lv_6200163 Value: w=4745915\|t=1701723587
.casalemedia.com/	1970-01-21 01:27:39	Name: CMID Value: ZW49xEE015kQb1vyMDf.SAAA
.casalemedia.com/	1970-01-20 18:51:39	Name: CMPRO Value: 5221
.doubleclick.net/	1970-01-20 17:25:15	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad1.adfarm1.adition.com
call.cleverwebserver.com
cdn.ampproject.org
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
imagesrv.adition.com
mywhats.net
pagead2.googlesyndication.com
region1.google-analytics.com
scripts.cleverwebserver.com
tpc.googlesyndication.com
ui.cleverwebserver.com
vt.adition.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
138.118.166.201
142.250.181.230
142.250.186.34
172.64.151.101
185.89.211.84
2001:4860:4802:34::36
217.79.188.10
217.79.188.2
217.79.188.53
2606:4700:4400::ac40:919c
2a00:1450:4001:800::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
2a00:1450:4001:81c::2001
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
0113183759702a81c9a73a88fcad1181872bf743fac62847b2ad9abd63c6f8ed
02a7cd67c545041654af047f04ce327f2df086386eab421adc16269010c50365
0582a7dfb16fd8a8b62be5dbdb00a33387975cfe553c7b2d8012e4fb190c5574
0b17f6a2c4a355d8085035ddf0247bd0b8cc9d00f44c0f74f102f5bf4d04b4c6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d686f2ab1157df64803644aceb025dda3e21438ee6167951feb732b82c163c5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1dbf50c930a76d6bced8fac842e24d2ec9843103b599b4673dd892f9e6dcd620
240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e
2700b1b68a2c98b532f3ba97b034c3f57ad45d6726723eadda56dc2886171c9e
2949ad87f5759aa23a8447e1f38f53f4003bc7f30da5b2e7b65db2f687dd4dfc
2c42146f6110c620d5f727d57a0c3fe4209552e8c2e97130ca1481da45844fba
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3d2d167f9dc902459d70879eff1b653ac35991ae1640ec0763bfb005f84d16c7
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
55866ae5d782017ca32e292cbbbce38b235b3a4c9c9aad52c6e6b6f8343837cd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5a0cecf509251de7b796c7c34ca1374bbb3fabe582e9e9394f1a1ebd9d421997
5e4da7ed58924514dace248aa7251e502c9c6a4b6e8754a65a0a0545e4179914
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
60c3b52cd0ccdd06ed3150c732c0cca8782ac1cd45d61d9865122d0dd64ecec2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6356dca74d480f9fe67e7a08ad460f342880cfb3004f3ef6d8df6db39edae277
63faa8b7384c37c4834b77615586404ad7d7591d5ab8ac0c50c2b10470b35b0b
667df2c77484aaf87892961f827380961d1acbb055ab14dfa56c8d2bdc037856
7173ebd27e0b568bf90bd86665d7ec7910c243723fb4731a7a8e67b3d110579d
74321d63f7f1c71cc8ed1c9c24cadbecda66d5c8d684a4d36f7558f4135710e7
74b2253c348a5413c6295de918041c25c75f2a87e343120401ccd6b64da8fc99
7b4efb158b059cfc1a03f7e0df7ad255427cb707414e0cce6c41800b0ef376e3
7c082d623bede68c254a0cf584097c88428d4b3c066368376bb04972165deda7
7d794dc24f1f66108b095b4c4a07343f88a2c5c6d82943cbd828562e9809cad5
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
89aca9f25f74315ee9c2235b376379bb019a28f8e56d01a44fbf312e083b9c90
8a3175e185b0c778f6000dd846789b43d26ea77cf89f8948facf68db2f3c0576
92e6ab2a99e89df3164afe1c21a9dc8473677f2a8e91c4866c19789a545502b7
9490f2bb8d22cf23953bd1cc028e6405f228e7918b18aa914fa8f56ba9db0087
9cbf0c1c29d7d53fe4f0e81e312ca1d03838d718bb066e968900c909330e3cf3
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad283e318f924449151e637dbab2041f75dde73f90f05d9453c918383c5f94db
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c08daaca112fc548ddae751a1fe129bfa52a4357c6b475510caad35b72f8524a
c6819a6659ec256385539385d8195edddc92933a1e5cb4885fb10674e98d2d52
d8a90316d369864045ef1b7032e53918d21971267fdfdf8cebf45b4caddd0315
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de7294256def249b9e6c6f831601b951e90396b09e96e92924231e43460b6b07
e368978abf01ecccadb64e7cad112d4e152a6ff7ff4f7028e7aacb2a432f30d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e445ed8c048ec80e2f3980bd34e9c86e778fe931285d406ef79fb1e9ca0772ae
e780e6b00a04497a36916a5feaeec8160c5f4cb2746ebd93faeb33b9f642e2ee
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e9d5a0b5e3b3a7150284d36afacb02fefef73db85114e0488e876fa61013bc
f57a95a16180ff1142d489bd173f19bbf863ab03f647010d158bd88b323cdecb
fcc37ba28e6f54c9d9daf5ee2dcc725a401af7b9775303dd085cd09c61d5341f

mywhats.net Open in urlscan Pro 138.118.166.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

74 Requests

95 %HTTPS

60 %IPv6

14 Domains

22 Subdomains

21 IPs

3 Countries

1606 kBTransfer

3783 kBSize

17 Cookies

1 Outgoing links

Page URL History

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mywhats.net Open in urlscan Pro
138.118.166.201 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

95 %
HTTPS

60 %
IPv6

14
Domains

22
Subdomains

21
IPs

3
Countries

1606 kB
Transfer

3783 kB
Size

17
Cookies

74 HTTP transactions
1 data transactions