d.aydogs.com Open in urlscan Pro
2606:4700:3030::6815:5a6c  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

• https://gum.criteo.com/sid/json?origin=publishertagids&domain=aydogs.com&sn=ChromeSyncframe&so=0&topUrl=d.aydogs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=F6nDYHxBeDM2MGE0WXJON0M0RWNOTVJPZmYwc2RTUld2czdhMnIzYjBsTXVKZUFOWEFuT2VLMzVOQVFoeWg0RHh6VEg5WW9ody80UzNnRGxyei9Wc09wdDBJOWhXODZyQ09QYlptNHFNa1NHTmw4STFyQUdxa2lRc0VzUlZnS3FSbmhOcFFuVTZ5alFTdFNuRlg4VXh1ejhBb041WC9NS3A3R3RDVjdOUWFqeGpNNDM0c0orL0N4VG5KajRpOFVFSy9jL3VqbTJwR1FRQzZEaXZDYnlLeGhvZzNSNWJ6MCtsYmlFdXNjZGF0N1Z6NjZpSXdjRG5SRFN1QUo2OGdyZzh5TnZkRUJkZTZGeXliL2xlNVBSNVFnN1RuQT09fA&cppv=2

Request Chain 129

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHKZYkTBfEso1GMxCNIpeRo&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHKZYkTBfEso1GMxCNIpeRo&google_cver=1&C=1

Request Chain 130

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKae5Dg9LIsGG14OcC2XHQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMWpECZUYhG2kItQyt3Z0po&google_cver=1

Request Chain 131

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEL_Nd5jG_bVrlko1Dyk-4hE&google_cver=1

Request Chain 132

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU4Nzc1ODQxNTUxNDAwMzM5NA%3D%3D

Request Chain 138

• https://gcdn.2mdn.net/videoplayback/id/112c87ac3c9195d6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720177251/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/B03A72C4844A2AEEA288B49331D6021FC0F68A6B.040E282B57014BEF09E79DB80C081F168C7B55E7/key/ck2/file/file.mp4 HTTP 302
• https://r2---sn-4g5edn6k.c.2mdn.net/videoplayback/id/112c87ac3c9195d6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720177251/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6A9E2C026A483A70E0135E8FC838623967EE275C.7586F77D9DE4FEC3949EB88A8FEDB61F30D931DF/key/cms1/cms_redirect/yes/mh/NA/mip/2001:1b60:2:240:3247::11/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1688640394/mv/u/mvi/2/pl/29/file/file.mp4

Request Chain 161

• https://gcdn.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/159381E7315D1C9D9B4000885A774696D56270A8.35C0DA70919C10E3E0BBE558E8F6C64647D373A4/key/ck2/file/file.mp4 HTTP 302
• https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/171B0D4449726BF005D92A53909FF97E0C13962E.737D9F5C6998C2D2D07115979187F0C33CF4E52F/key/cms1/cms_redirect/yes/mh/NA/mip/2001:1b60:2:240:3247::11/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1688640394/mv/u/mvi/1/pl/29/file/file.mp4

Request Chain 178

• https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU1RBUlQiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vOTg4ZTY0YjJiYWM4NTBhMjcyMWRjMTJmZTJhOWZjZjYuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTAxNDY2MSIsImN1c3RvbTgiOiI3MTM2NDQ4NSIsInJlZ2lvbiI6ImllIiwieHNpZCI6ImIxMTlkN2M4LTEzY2QtNDA3Mi05M2RjLTMyZjE1MWMwMzg5YyJ9LCJ0aW1lc3RhbXAiOiIwMDAxLTAxLTAxVDAwOjAwOjAwWiIsImhlYWRlcnMiOnsiaGVhZGVyMTIiOiJhZC5kb3VibGVjbGljay5uZXQiLCJoZWFkZXIzIjoiR29vZ2xlMiIsImhlYWRlcjQiOiI3IiwiaGVhZGVyOCI6Imlhc28iLCJoZWFkZXI5IjoiIn0sImNiIjoiMTY4ODY0MTI1MjMxMzc1MDcyNiIsImFkRHVyYXRpb24iOi05NDk2NzI5NjAsImlhc1NpbmdsZXRhZyI6dHJ1ZSwiaWFzU2luZ2xldGFnT3V0Y29tZSI6Ik9VVENPTUVfTV9fVkFTVF9fT01JRF9fV0VCX1BYTCJ9&advEntityId=1014661&pubEntityId=71364485 HTTP 303
• https://dt.adsafeprotected.com/dt?anId=10173&asId=b119d7c8-13cd-4072-93dc-32f151c0389c&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A-949672960%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D

Request Chain 183

• https://pixel.adsafeprotected.com/rfw/st/1014661/71364486/skeleton.gif?xmtp=v&xmapp=0&xsId=b119d7c8-13cd-4072-93dc-32f151c0389c&bidurl=&ias_campId=&ias_pubId=&ias_placementId=&ias_chanId=&ias_dealId=&ias_impId=v4~~&ias_dspId=3&ias_creativeId=191547418&ias_xappb=&mon=71364486 HTTP 302
• https://static.adsafeprotected.com/skeleton.js

202 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request ennovelas.php Show response d.aydogs.com/	172 KB 32 KB	186ms 116ms	Document text/html	2606:4700:3030::6815:5a6c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:5a6c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af9a4cf2dc854444808784ebd1f7a56ad4ed8f0dba87d253464b95d4a009f6fb Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7e2758a37d6e3825-FRA content-encoding br content-type text/html; charset=UTF-8 date Thu, 06 Jul 2023 11:00:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BrHG%2FCznZBE0GiBXcmprwFFbRCXcuL73l%2FiMjqo4GwmX%2B1tGUCrP4Qr4tiwU2Bdugh3%2BTpbpugZsCUIFPUdu80NyVlJWAqZ7OkEEZpCXpWc8panoIT32AFgKRRndjZ2a3HsUPNN5hYq9AcY%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	css fonts.googleapis.com/	2 KB 956 B	86ms 33ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Exo+2 Requested by Host: d.aydogs.com URL: https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c051762b605d360bc164406193d22717c1ad184c82863744fbb6e56bb5d869ad Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 06 Jul 2023 11:00:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 06 Jul 2023 09:16:03 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 06 Jul 2023 11:00:50 GMT
GET H2	200	33333.png ennovelas-tv.com/wp-content/uploads/2023/02/	5 KB 5 KB	335ms 116ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ennovelas-tv.com/wp-content/uploads/2023/02/33333.png Requested by Host: d.aydogs.com URL: https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4a66caf9217f882426c43749d2bc76a8d772c2ac8de0e845d5b1e7c8417b00d Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT cf-cache-status REVALIDATED last-modified Thu, 09 Feb 2023 17:59:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "63e5348e-13ce" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEgYvQWHuo8jHhVt4vxfsxfqell%2BSRQWGvB0iRSw45WQhQVpVuxx4gei5RKa79k7mJgHNvC8Q3tOFVKg%2F84IAtHP6Fg7z6ZVrQ5%2Fqvwse9Y8ixM4HoqTz85xUaDESW3asgyjaiGTlDsuaF%2FUgONu"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 7e2758a65955365c-FRA alt-svc h3=":443"; ma=86400 content-length 5070
GET H2	200	up.js Show response live.demand.supply/	5 KB 3 KB	363ms 300ms	Script application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/up.js Requested by Host: d.aydogs.com URL: https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fbc66c96706f6883227e3e2ee0b9f070dfbcec19bad9804472d442fe4feb4a05 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-nf-request-id 01H4KYQHPRQQAGWVFGAK9SR9QV date Thu, 06 Jul 2023 11:00:50 GMT content-encoding br cf-cache-status HIT age 1153 cf-polished origSize=4392 alt-svc h3=":443"; ma=86400 cf-bgj minify server cloudflare etag W/"6021e99c7411c68b8e8b55620fae898b-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=1200,must-revalidate,stale-while-revalidate=3600 cf-ray 7e2758a56df72c39-FRA link <https://live.demand.supply/impl.v17.3.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-10-0/ZC5heWRvZ3MuY29tLw==>; rel=preload; as=script timing-allow-origin *
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.3/	94 KB 33 KB	78ms 24ms	Script text/javascript	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js Requested by Host: d.aydogs.com URL: https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 10:36:31 GMT content-encoding gzip x-content-type-options nosniff age 1459 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33507 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 05 Jul 2024 10:36:31 GMT
GET H2	200	bootstrap.min.js Show response ennovelas-tv.com/wp-content/themes/vo2023/assets/bootstrap/js/	34 KB 10 KB	324ms 113ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ennovelas-tv.com/wp-content/themes/vo2023/assets/bootstrap/js/bootstrap.min.js?ver=2.0 Requested by Host: d.aydogs.com URL: https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 81106ddb86f999330c3dd90e9f7315f7341ca70e74f1b129e98ce66767c7a825 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sun, 31 May 2020 15:56:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"5ed3d3ca-89d2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6pZ9AMkP4fl8MBcsmzQBYvykidf11eBfgzlaYNW%2F7wcN%2BAPEFo7qlSa9hIx4QnA4H0Kl%2BkqChPTt14FQarSH1zMK0sKwAA1NpARJeKTByy2sPYU%2FEozZIptmzxxrXmEb4QXvWFJ63yuhK%2FCTtXf"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 cf-ray 7e2758a65954365c-FRA alt-svc h3=":443"; ma=86400
GET H2	200	core.js Show response ennovelas-tv.com/wp-content/themes/vo2023/assets/js/	4 KB 2 KB	325ms 114ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ennovelas-tv.com/wp-content/themes/vo2023/assets/js/core.js?ver=2.0 Requested by Host: d.aydogs.com URL: https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab9fa2aaad460e538420f5189c7718ec228f68b06aacbc7cf291bdf7275b043f Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT content-encoding br cf-cache-status REVALIDATED cf-bgj minify last-modified Sun, 04 Dec 2022 07:10:52 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=5818 etag W/"638c47fc-16ba" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2FFyyUePiaz65QBgeXRoG5DCRGWryygwh137yfNGYf5d26M1w6BE61Zz3QjutOaS1CPije2Lb9GEGlWP8SG2VDyE1p%2BFKLjdZpB30%2BuYxrfl9wziZqg%2FKVxQ5u0MlGH0QZSbmJ09DE49XPursIAj"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 cf-ray 7e2758a65956365c-FRA alt-svc h3=":443"; ma=86400
GET H2	200	embed-cxs0vgorfkyw.html Show response vidspeeds.com/ Frame 88B5	65 KB 21 KB	351ms 278ms	Document text/html	2606:4700:3031::ac43:873e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vidspeeds.com:2096/embed-cxs0vgorfkyw.html Requested by Host: d.aydogs.com URL: https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:873e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ba43098b6da8f92a3dbd435564d25a8267b46f551a7bd9c45b67635ba94b60de Security Headers Name Value X-Frame-Options 1 Request headers Referer https://d.aydogs.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":2096"; ma=86400 cf-cache-status DYNAMIC cf-ray 7e2758a58ff39201-FRA content-encoding br content-type text/html; charset=UTF-8 date Thu, 06 Jul 2023 11:00:50 GMT expires Wed, 05 Jul 2023 11:00:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ebTk3uC3CujHBcQrvwh6YXTY7e36XQCP%2Be%2FNoXd%2BAxZH2O1genAq70GXuRDMxdfPMLNIiBMezmR5zYY7u5c%2BfWLlril5ih1cXPoXbom66Lq%2Fv69vXlCwXKuryMxTkRNxL5Y1nslwqmHJEbrMt1rvwY%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-frame-options 1
GET		iconFont.ttf ennovelas-tv.com/wp-content/themes/vo2023/assets/fonts/	0 0
GET H2	200	7cH1v4okm5zmbvwkAx_sfcEuiD8jvvKsOdC_.woff2 fonts.gstatic.com/s/exo2/v20/	15 KB 15 KB	85ms 20ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/exo2/v20/7cH1v4okm5zmbvwkAx_sfcEuiD8jvvKsOdC_.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Exo+2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bf93ee919fd9a032a2584a57fc3323e966cfd25615c76315fb2d04367abab188 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://d.aydogs.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 04 Jul 2023 22:43:10 GMT x-content-type-options nosniff age 130660 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15156 x-xss-protection 0 last-modified Mon, 11 Jul 2022 19:19:34 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 03 Jul 2024 22:43:10 GMT
GET		iconFont.woff ennovelas-tv.com/wp-content/themes/vo2023/assets/fonts/	0 0
GET H2	200	impl.v17.3.0.js Show response live.demand.supply/	80 KB 26 KB	115ms 112ms	Script application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/impl.v17.3.0.js Requested by Host: d.aydogs.com URL: https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a043fd2fb8be3f7496f2ca5258f6504d79437023826467ee73257cad79a3e9d Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-nf-request-id 01H4KYQDME7C7GCS1EXTRVA5JT date Thu, 06 Jul 2023 11:00:50 GMT content-encoding br cf-cache-status HIT age 49342 cf-polished origSize=81625 alt-svc h3=":443"; ma=86400 cf-bgj minify server cloudflare etag W/"c8bfaf9ee0599692bdd5c65c856d41d3-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=2592000,immutable,stale-if-error=604800 timing-allow-origin * cf-ray 7e2758a748812c39-FRA
GET H2	200	ZC5heWRvZ3MuY29tLw== Show response live.demand.supply/p4/v16-10-0/	914 B 508 B	398ms 397ms	Script text/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/p4/v16-10-0/ZC5heWRvZ3MuY29tLw== Requested by Host: d.aydogs.com URL: https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1578687ead42a68712530ef5082ab8ab73828c6416b86746056108242a411f29 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT content-encoding br server cloudflare vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600 cf-ray 7e2758a748832c39-FRA alt-svc h3=":443"; ma=86400
GET H2	200	main.css vidspeeds.com/css/ Frame 88B5	48 KB 11 KB	259ms 259ms	Stylesheet text/css	2606:4700:3031::ac43:873e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vidspeeds.com:2096/css/main.css Requested by Host: vidspeeds.com URL: https://vidspeeds.com:2096/embed-cxs0vgorfkyw.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:873e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e0e41e9e43420d3ffd5cebbf3184a558bd4b546aeb87b2544ba28f61a45a503 Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/embed-cxs0vgorfkyw.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 24 Jan 2022 12:56:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"be25-5d6537de198d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BuI%2FXkqQBApK0xaP65ZNvQX2a0he1bBe6OnStD4DFf5801qSnmXIUpmQiuip6oYQFwK84Z%2BPcgrUAoi1sy5E%2BkCA%2F9DBSMu7h4%2BRdDZ6SHjZ89Myx1Mp%2BWjCjRjlHtGixGxskFAzPh2vPuxmW2ogui8%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cf-ray 7e2758a75a199201-FRA alt-svc h3=":2096"; ma=86400
GET H2	200	jquery.min.js Show response vidspeeds.com/js/ Frame 88B5	94 KB 34 KB	274ms 273ms	Script application/javascript	2606:4700:3031::ac43:873e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vidspeeds.com:2096/js/jquery.min.js Requested by Host: vidspeeds.com URL: https://vidspeeds.com:2096/embed-cxs0vgorfkyw.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:873e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/embed-cxs0vgorfkyw.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 24 Jan 2022 12:56:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1762a-5d6537de27f4f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAqDr5Dg0hMTOoAsAXDDQ8QBO54KdB2TbtIAPFatNuILrTVU%2FIgmduZIJns%2FLjTHyX8Zd1VCBD26VM1phwaGdwRPHgNpPQa2AMFnExSwQ4O%2FILuPDBJL%2BY832WlIpmU7VVnUbdhaf9Z7DOp7%2FGVXNCA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 7e2758a75a1a9201-FRA alt-svc h3=":2096"; ma=86400
GET H2	200	xupload.js Show response vidspeeds.com/js/ Frame 88B5	10 KB 4 KB	192ms 191ms	Script application/javascript	2606:4700:3031::ac43:873e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vidspeeds.com:2096/js/xupload.js Requested by Host: vidspeeds.com URL: https://vidspeeds.com:2096/embed-cxs0vgorfkyw.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:873e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f2f42bf6bd7d7ef2e610c717db7037be84a34c4085bbc299e498fe3251cd1222 Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/embed-cxs0vgorfkyw.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 24 Jan 2022 12:56:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2659-5d6537de2a277" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fw%2FCmEY2gMzvK1L%2BM0CbyX%2FlNKdB%2BPUOgdwP6LXjx0mXidyxYQsww%2BFVCbqeHDGVTfn7EefZ0YwZP4mPxrYBUxkT5k7%2BTeYtlEPeE2FJxLobiCFlILtw6UhsuKhSc7kZ4mC%2FEYbEAsTz%2F2Q3Jf6IzKg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 7e2758a75a1b9201-FRA alt-svc h3=":2096"; ma=86400
GET H2	200	jquery.cookie.js Show response vidspeeds.com/js/ Frame 88B5	4 KB 2 KB	194ms 194ms	Script application/javascript	2606:4700:3031::ac43:873e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vidspeeds.com:2096/js/jquery.cookie.js Requested by Host: vidspeeds.com URL: https://vidspeeds.com:2096/embed-cxs0vgorfkyw.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:873e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/embed-cxs0vgorfkyw.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 24 Jan 2022 12:56:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"10eb-5d6537de27b67" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vS7TjbirNk%2B03JAFVzep7zgjdC39ntC%2BQY%2FioK0VFyVjKkdOwq0CQFpiIDILTmO8yaFlNVaR1ex4QJbahUWPmgmx6W%2FbokxrpssniQcdIS0IK7RBbjR8EXSyu75AB6mUyWn7b2QFAkgADGFb1zP%2BSDU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 7e2758a75a1d9201-FRA alt-svc h3=":2096"; ma=86400
GET H2	200	jwplayer.js Show response vidspeeds.com/player8/ Frame 88B5	106 KB 35 KB	292ms 292ms	Script application/javascript	2606:4700:3031::ac43:873e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vidspeeds.com:2096/player8/jwplayer.js Requested by Host: vidspeeds.com URL: https://vidspeeds.com:2096/embed-cxs0vgorfkyw.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:873e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2af14e12abe35d667b3ea67877eb5f264cb617bb2526930ce0ae40c313782545 Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/embed-cxs0vgorfkyw.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 24 Jan 2022 12:56:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1a868-5d6537dee71eb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JwKxvnCruqLWIjy5t5CkQl6CYzBHL5dLpLJ9cPY87M7UpzyTw0QDz%2BJWrKXhhBlOp6WnJf4FdL%2BER5oQRn58U94aaxtE0vDF22EkN6RMeJFsZg2appquf%2Bm4ovzAKTybmfCl6CEE3xuEijuhQ0Z%2BJcw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 7e2758a75a1e9201-FRA alt-svc h3=":2096"; ma=86400
GET H2	200	googima.js Show response vidspeeds.com/js/ Frame 88B5	36 B 396 B	190ms 190ms	Script application/javascript	2606:4700:3031::ac43:873e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vidspeeds.com:2096/js/googima.js Requested by Host: vidspeeds.com URL: https://vidspeeds.com:2096/embed-cxs0vgorfkyw.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:873e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff687e2177537cc8e021014af056c22a44036a19c9101350dedf64a6666d47ba Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/embed-cxs0vgorfkyw.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT content-encoding br cf-cache-status DYNAMIC last-modified Mon, 24 Jan 2022 12:56:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"24-5d6537de27b67" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cknBIwtV%2FHyfKsWGMzN%2BXCEYrAHbiTPsmy%2BVAe9znhNJaoTY8cZIAbaMev6lHa6XwKFyFCr%2F%2BrxL6VO8C4i6Db71XxdxWokCwKplimvzDFuM5D7xJjsTF14YoNi768pVhjdXUiGWLDlWFJVTJdgMSY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 7e2758a75a1f9201-FRA alt-svc h3=":2096"; ma=86400
GET H/1.1	200 OK	cxs0vgorfkyw.jpg cdn-cached-fs-35-w.dailymotians.cam/i/02/00111/ Frame 88B5	28 KB 28 KB	271ms 148ms	Image image/jpeg	185.181.60.35 TERRAHOST
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-cached-fs-35-w.dailymotians.cam/i/02/00111/cxs0vgorfkyw.jpg Requested by Host: vidspeeds.com URL: https://vidspeeds.com:2096/embed-cxs0vgorfkyw.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.181.60.35 Sandefjord, Norway, ASN56655 (TERRAHOST, NO), Reverse DNS Software nginx / Resource Hash 6d4f86cf164f58e550fbb0d5e14e0b5c11c46409b961395f3ea85ff91ded91cd Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Thu, 06 Jul 2023 11:00:50 GMT Last-Modified Fri, 30 Jun 2023 18:09:22 GMT Server nginx ETag "649f1a52-6e00" Content-Type image/jpeg Cache-Control max-age=1209600 Connection keep-alive Accept-Ranges bytes Content-Length 28160 Expires Thu, 20 Jul 2023 11:00:50 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 88B5	175 KB 64 KB	85ms 30ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-128078349-1 Requested by Host: vidspeeds.com URL: https://vidspeeds.com:2096/embed-cxs0vgorfkyw.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 40dd239e5f766e4a4b959bb3c378637feec678d704934d80b107085b78c75590 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65325 x-xss-protection 0 last-modified Thu, 06 Jul 2023 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 06 Jul 2023 11:00:50 GMT
HEAD H3	200	e.js Show response live.demand.supply/e/	0 516 B	54ms 31ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?e=ll&d=372&cs=c&dsReferer=ZC5heWRvZ3MuY29tL2Vubm92ZWxhcy5waHA= Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-nf-request-id 01H3HG5DNKPZFQC69BSXE3QYR2 date Thu, 06 Jul 2023 11:00:50 GMT cf-cache-status HIT age 1205456 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "081b1367cd2301d3bf23f0a40952d236-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7e2758a77e485b3e-FRA
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	77 KB 26 KB	134ms 71ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3dcf893df6f90547ebd3f33e933fca436e85566b22e96c5b6f76a3709e536ad1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26324 x-xss-protection 0 server cafe etag 523 / 19544 / m202306280101 / config-hash: 16897811651769644562 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 06 Jul 2023 11:00:50 GMT
GET H2	200	cG9zdD1leUoyYVdSemNHVmxaSE1pT2lKb2RIUndjenBjTDF3dmRtbGtjM0JsWldSekxtTnZiVG95TURrMlhDOWxiV0psWkMxamVITXdkbWR2Y21acmVYY3VhSFJ0YkNJc0ltOXJJam9pYUhSMGNITTZYQzljTDI5ckxuSjFYQzkyYVdSbGIyVnRZbVZrWEM4ME5EZ... Show response live.demand.supply/p4/v16-10-0/ZC5heWRvZ3MuY29tL2Vubm92ZWxhcy5waHA/	156 B 224 B	202ms 201ms	Script text/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/p4/v16-10-0/ZC5heWRvZ3MuY29tL2Vubm92ZWxhcy5waHA/cG9zdD1leUoyYVdSemNHVmxaSE1pT2lKb2RIUndjenBjTDF3dmRtbGtjM0JsWldSekxtTnZiVG95TURrMlhDOWxiV0psWkMxamVITXdkbWR2Y21acmVYY3VhSFJ0YkNJc0ltOXJJam9pYUhSMGNITTZYQzljTDI5ckxuSjFYQzkyYVdSbGIyVnRZbVZrWEM4ME5EZzROemswTlRRd056STRJaXdpZFhGc2IyRmtJam9pYUhSMGNITTZYQzljTDNWeGJHOWhaQzVqYjF3dlpXMWlaV1F0WVRCNFpISnJlbmcwYnpWaExtaDBiV3dpTENKbVpXMWlaV1FpT2lKb2RIUndjenBjTDF3dmQzZDNMbVpsYldKbFpDNWpiMjFjTDNaY0x6UjRhemRxTVdsNk1ISnNibXBuYm0waUxDSjFjSFJ2YzNSeVpXRnRJam9pYUhSMGNITTZYQzljTDNWd2RHOXpkSEpsWVcwdVkyOXRYQzlwWm5KaGJXVmNMM0U0ZVc5bFpYbzNiM2N3Y1NJc0lubHZkV1JpYjI5NElqb2lhSFIwY0hNNlhDOWNMM2x2ZFdSaWIyOTRMbU52YlZ3dlpXMWlaV1F0T0RWc2VHZzJkalEzYzNWeUxtaDBiV3dpZlE9PQ== Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb94b462f27f138f78bc2f58584c8e4377ea23828ec4bf2de9a76b624419b6d0 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT content-encoding br server cloudflare vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600 cf-ray 7e2758a758892c39-FRA alt-svc h3=":443"; ma=86400
GET H3	200	ds.2.html Show response live.demand.supply/	413 B 587 B	135ms 112ms	XHR text/html	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/ds.2.html Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-nf-request-id 01H3HG5DJF20F9YCYT6CA2A031 date Thu, 06 Jul 2023 11:00:50 GMT content-encoding br cf-cache-status HIT server cloudflare age 1204429 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control max-age=2592000,immutable,stale-if-error=604800 timing-allow-origin * cf-ray 7e2758a77e4d5b3e-FRA alt-svc h3=":443"; ma=86400
HEAD H3	200	e.js Show response live.demand.supply/x/	0 479 B	134ms 111ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/x/e.js?ce=rl&dsReferer=ZC5heWRvZ3MuY29tL2Vubm92ZWxhcy5waHA= Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-nf-request-id 01H3HG5DJ97TDQ1R9EEFRQYPX9 date Thu, 06 Jul 2023 11:00:50 GMT cf-cache-status HIT age 1205456 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "081b1367cd2301d3bf23f0a40952d236-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7e2758a77e525b3e-FRA
HEAD H3	200	e.js Show response live.demand.supply/x/	0 480 B	131ms 111ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/x/e.js?ce=rl&dsReferer=ZC5heWRvZ3MuY29tL2Vubm92ZWxhcy5waHA= Requested by Host: live.demand.supply URL: https://live.demand.supply/up.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-nf-request-id 01H3HG5DJ97TDQ1R9EEFRQYPX9 date Thu, 06 Jul 2023 11:00:50 GMT cf-cache-status HIT age 1205456 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "081b1367cd2301d3bf23f0a40952d236-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7e2758a77e545b3e-FRA
GET H3	200	aydogs.com_fluid_all_topadfluid Show response live.demand.supply/cp/	27 B 370 B	178ms 176ms	XHR text/plain	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/aydogs.com_fluid_all_topadfluid?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZC5heWRvZ3MuY29tL2Vubm92ZWxhcy5waHA= Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.3.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 114112161708ed43a98f7d0b62d9fe95f80a81b83a79eae5c4abffd48c8ea762 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 7e2758a82f4b5b3e-FRA alt-svc h3=":443"; ma=86400 content-length 27
GET H3	200	aydogs.com_fluid_all_down.ad Show response live.demand.supply/cp/	29 B 374 B	314ms 312ms	XHR text/plain	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/aydogs.com_fluid_all_down.ad?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZC5heWRvZ3MuY29tL2Vubm92ZWxhcy5waHA= Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.3.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15e349f9eac9ebf9850e828934f1f7898bbd4d2c5e1816142bda6c538dade42e Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 7e2758a82f4c5b3e-FRA alt-svc h3=":443"; ma=86400 content-length 29
GET H3	200	aydogs.com_728x90_sticky_display_bottom_stickyadsnew Show response live.demand.supply/cp/	29 B 375 B	234ms 233ms	XHR text/plain	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/cp/aydogs.com_728x90_sticky_display_bottom_stickyadsnew?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=ZC5heWRvZ3MuY29tL2Vubm92ZWxhcy5waHA= Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.3.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 99531e1e80dc29f95ed045275f6abbda919bc9baf65882c53f485bbc8e85f16e Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private,max-age=3600 cf-ray 7e2758a82f4e5b3e-FRA alt-svc h3=":443"; ma=86400 content-length 29
HEAD H3	200	e.js Show response live.demand.supply/x/	0 480 B	106ms 105ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/x/e.js?ce=od&pp=DIV&dsReferer=ZC5heWRvZ3MuY29tL2Vubm92ZWxhcy5waHA= Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.3.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-nf-request-id 01H3HG5DJ97TDQ1R9EEFRQYPX9 date Thu, 06 Jul 2023 11:00:50 GMT cf-cache-status HIT age 1205456 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "081b1367cd2301d3bf23f0a40952d236-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7e2758a82f475b3e-FRA
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/	392 KB 125 KB	28ms 27ms	Script text/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 06:03:52 GMT content-encoding br x-content-type-options nosniff age 17818 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 127514 x-xss-protection 0 server cafe etag 13498126467117012333 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Fri, 05 Jul 2024 06:03:52 GMT
HEAD H3	200	e.js Show response live.demand.supply/e/	0 482 B	112ms 111ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=aydogs.com_fluid_all_topadfluid&pdc=0.62747220993042&ucv=null&e=tcp&dsReferer=ZC5heWRvZ3MuY29tL2Vubm92ZWxhcy5waHA= Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.3.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-nf-request-id 01H3HG5DNKPZFQC69BSXE3QYR2 date Thu, 06 Jul 2023 11:00:50 GMT cf-cache-status HIT age 1205456 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "081b1367cd2301d3bf23f0a40952d236-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7e2758a9586a5b3e-FRA
GET H2	200	aydogs.com_fluid_all_topadfluid Show response api.demand.supply/v16-10-0/a/	316 B 504 B	203ms 118ms	XHR application/json	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.demand.supply/v16-10-0/a/aydogs.com_fluid_all_topadfluid?&dsReferer=ZC5heWRvZ3MuY29tL2Vubm92ZWxhcy5waHA= Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.3.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e3d776e69b41fdb144172ed19a414c7e84b34afa82409be7b853b9068ac2e78 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT content-encoding br cf-cache-status HIT server cloudflare etag W/"13c-z07sIkdKKCpQ3+YYu4lQVZNDOI4" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600 cf-ray 7e2758a9dd303a76-FRA alt-svc h3=":443"; ma=86400
GET H2	200	jwpsrv.js Show response ssl.p.jwpcdn.com/player/v/8.9.5/ Frame 88B5	58 KB 17 KB	125ms 49ms	Script application/javascript	2a04:4e42:600::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.9.5/jwpsrv.js Requested by Host: vidspeeds.com URL: https://vidspeeds.com:2096/player8/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 917650b0b99dcfa1360b8ace75ab13d3278e88506985af114193d3611febaac5 Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT content-encoding gzip via 1.1 varnish age 3380 x-cache HIT content-length 17400 x-served-by cache-fra-eddf8230059-FRA last-modified Wed, 25 Nov 2020 15:46:32 GMT server AmazonS3 x-timer S1688641251.852396,VS0,VE0 etag "dc6ac994f6a929ba177587504ee3c159" vary Accept-Encoding content-type application/javascript access-control-allow-origin * accept-ranges bytes x-cache-hits 139
GET H2	200	jwplayer.core.controls.js Show response ssl.p.jwpcdn.com/player/v/8.9.5/ Frame 88B5	272 KB 66 KB	95ms 20ms	Script application/javascript	2a04:4e42:600::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.9.5/jwplayer.core.controls.js Requested by Host: vidspeeds.com URL: https://vidspeeds.com:2096/player8/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash a3db025e4faa2e904c5b99522f90205bbc5d9f0d43a42916eec2e6d2ffa8b06e Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT content-encoding gzip via 1.1 varnish age 22307854 x-cache HIT content-length 67405 x-served-by cache-fra-eddf8230059-FRA last-modified Fri, 26 Jul 2019 21:30:49 GMT server AmazonS3 x-timer S1688641251.851988,VS0,VE0 etag "1a9869122184328930c8b5dcb9124cc0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 28030
GET H2	200	provider.hlsjs.js Show response ssl.p.jwpcdn.com/player/v/8.9.5/ Frame 88B5	307 KB 86 KB	121ms 48ms	Script application/javascript	2a04:4e42:600::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.9.5/provider.hlsjs.js Requested by Host: vidspeeds.com URL: https://vidspeeds.com:2096/player8/jwplayer.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 35373276dcac97c7c7a39cc6d56e71d86e586cd305f59834d5c2b2a0741e4d72 Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT content-encoding gzip via 1.1 varnish age 22307854 x-cache HIT content-length 87639 x-served-by cache-fra-eddf8230059-FRA last-modified Fri, 26 Jul 2019 21:30:52 GMT server AmazonS3 x-timer S1688641251.852121,VS0,VE0 etag "c1b935a682ff8774bd95d07321409839" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 28660
HEAD H3	200	embed-cxs0vgorfkyw.html Show response vidspeeds.com/ Frame 88B5	0 489 B	199ms 198ms	XHR text/html	2606:4700:3031::ac43:873e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vidspeeds.com:2096/embed-cxs0vgorfkyw.html Requested by Host: vidspeeds.com URL: https://vidspeeds.com:2096/embed-cxs0vgorfkyw.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:873e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Frame-Options 1 Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/embed-cxs0vgorfkyw.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:51 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-frame-options 1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6kF9grpEpMC9kQ%2BhFdeHn%2FSVbkDUyxlw3yJLP8jRthxZ5JyxSxCB3O3mZ%2FzQ73ch83FF7uoLI2iOhKMW3TgVi8%2BOoZbZ%2BlAdyjkml%2BK%2Fc44IvFp85ePTH1hmlBBOw%2BXT3fSdaps36XXN4PkMATHMqU%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 7e2758a9b98d5c50-FRA alt-svc h3=":2096"; ma=86400 expires Wed, 05 Jul 2023 11:00:50 GMT
HEAD H3	200	e.js Show response live.demand.supply/e/	0 478 B	33ms 32ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=aydogs.com_728x90_sticky_display_bottom_stickyadsnew&pdc=0.5934201240539551&ucv=null&e=tcp&dsReferer=ZC5heWRvZ3MuY29tL2Vubm92ZWxhcy5waHA= Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.3.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-nf-request-id 01H3HG5DNKPZFQC69BSXE3QYR2 date Thu, 06 Jul 2023 11:00:50 GMT cf-cache-status HIT age 1205456 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "081b1367cd2301d3bf23f0a40952d236-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7e2758a9b8cc5b3e-FRA
GET H2	200	aydogs.com_728x90_sticky_display_bottom_stickyadsnew Show response api.demand.supply/v16-10-0/a/	305 B 668 B	133ms 117ms	XHR application/json	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.demand.supply/v16-10-0/a/aydogs.com_728x90_sticky_display_bottom_stickyadsnew?&dsReferer=ZC5heWRvZ3MuY29tL2Vubm92ZWxhcy5waHA= Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.3.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef6082c9ff18d3795f4acd934ca643ef4db48448a19038f740af189fdd67b0fc Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT content-encoding br cf-cache-status HIT server cloudflare etag W/"131-/VlSW8/FXZrPLh8abKrOnbJfHxg" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600 cf-ray 7e2758a9dd313a76-FRA alt-svc h3=":443"; ma=86400
GET H2	200	/ Show response glersakr.com/5/3909259/ Frame 88B5	3 KB 2 KB	152ms 54ms	XHR application/json	139.45.197.239 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://glersakr.com/5/3909259/?oo=1&aab=1 Requested by Host: vidspeeds.com URL: https://vidspeeds.com:2096/embed-cxs0vgorfkyw.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 229cf10ae60dd54664f05e487ec526ca53a0b0c4346ecbd3742e84fa757550d9 Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-trace-id c595cdfffb6c2a36815b68dc33b0cde4 pragma no-cache, no-cache date Thu, 06 Jul 2023 11:00:50 GMT content-encoding gzip server nginx access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://vidspeeds.com:2096 cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * link <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch" access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace expires Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	tag.min.js Show response glersakr.com/ Frame 88B5	76 KB 25 KB	151ms 52ms	Script text/javascript	139.45.197.239 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://glersakr.com/tag.min.js Requested by Host: vidspeeds.com URL: https://vidspeeds.com:2096/embed-cxs0vgorfkyw.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 672234040288b63de9bdb4e9e5eed605c661bcec62ade7f5a0673c4893554561 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=1 content-length 24710 x-trace-id 2f14edc0e599e772f8da826a62b7cfb9 pragma no-cache last-modified Wed, 05 Jul 2023 13:29:40 GMT server nginx access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true accept-ranges bytes timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 88B5	217 KB 77 KB	29ms 28ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-SPT2L8NN46&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-128078349-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 483fa075637771671445b69e5625a0d71ef9dbdf7a638770696144720ae053df Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 79124 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 06 Jul 2023 11:00:50 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 88B5	52 KB 21 KB	80ms 19ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-128078349-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 06 Jul 2023 10:35:20 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 1530 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Thu, 06 Jul 2023 12:35:20 GMT
HEAD H3	200	e.js Show response live.demand.supply/e/	0 480 B	32ms 31ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?r=aydogs.com_fluid_all_down.ad&pdc=0.4977005004882813&ucv=null&e=tcp&dsReferer=ZC5heWRvZ3MuY29tL2Vubm92ZWxhcy5waHA= Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.3.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-nf-request-id 01H3HG5DNKPZFQC69BSXE3QYR2 date Thu, 06 Jul 2023 11:00:50 GMT cf-cache-status HIT age 1205456 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "081b1367cd2301d3bf23f0a40952d236-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7e2758aa29335b3e-FRA
GET H2	200	aydogs.com_fluid_all_down.ad Show response api.demand.supply/v16-10-0/a/	316 B 502 B	118ms 116ms	XHR application/json	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.demand.supply/v16-10-0/a/aydogs.com_fluid_all_down.ad?&dsReferer=ZC5heWRvZ3MuY29tL2Vubm92ZWxhcy5waHA= Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.3.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 493f7280f1210ae9d6eb92d4d643098120ecaff650c55ba0d1c4f139a7e04e09 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:50 GMT content-encoding br cf-cache-status HIT server cloudflare etag W/"13c-uD/1T8GbU1Pwo4iHv6kf4tPOuW0" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600 cf-ray 7e2758aa2d953a76-FRA alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	master.m3u8 Show response cdn-cached-fs-35-w.dailymotians.cam/hls/liwaikcuke2nsti77e6cuxqdunq52rnpyx4qdm74z,vgjzkpze4pa3ovapvaq,4rjzkpze4pasggnowja,.urlset/ Frame 88B5	925 B 1 KB	175ms 78ms	XHR application/vnd.apple.mpegurl	185.181.60.35 TERRAHOST
General Check archive.org Show headers Download Go to Full URL https://cdn-cached-fs-35-w.dailymotians.cam/hls/liwaikcuke2nsti77e6cuxqdunq52rnpyx4qdm74z,vgjzkpze4pa3ovapvaq,4rjzkpze4pasggnowja,.urlset/master.m3u8 Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.9.5/provider.hlsjs.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.181.60.35 Sandefjord, Norway, ASN56655 (TERRAHOST, NO), Reverse DNS Software nginx / Resource Hash 5e32295de4026eb53f57767d012b16d9d8f9eaf4b20ff6f4975325e95b023ea4 Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Thu, 06 Jul 2023 11:00:51 GMT Last-Modified Sun, 11 Sep 2000 09:00:00 GMT Server nginx ETag "-1-39d" Content-Type application/vnd.apple.mpegurl Access-Control-Allow-Origin * Cache-Control max-age=43200 Connection keep-alive Accept-Ranges bytes Content-Length 925 Expires Thu, 06 Jul 2023 23:00:51 GMT
GET H3	200	sdb.css live.demand.supply/css/	4 KB 2 KB	112ms 112ms	Stylesheet text/css	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/css/sdb.css Requested by Host: client URL: about:client Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-nf-request-id 01H1Y05AGFG29ZH03J7RFS19F8 date Thu, 06 Jul 2023 11:00:51 GMT content-encoding br cf-cache-status HIT cf-bgj minify server cloudflare age 1479865 etag W/"f22f1835d396aa5be9932139c44fe2f7-ssl-df" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control max-age=2592000,immutable,stale-if-error=604800 cf-ray 7e2758aafd9bbbec-FRA alt-svc h3=":443"; ma=86400
HEAD H3	200	e.js Show response live.demand.supply/x/	0 480 B	27ms 27ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/x/e.js?ce=bb&r=aydogs.com_728x90_sticky_display_bottom_stickyadsnew&dsReferer=ZC5heWRvZ3MuY29tL2Vubm92ZWxhcy5waHA= Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.3.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-nf-request-id 01H3HG5DJ97TDQ1R9EEFRQYPX9 date Thu, 06 Jul 2023 11:00:51 GMT cf-cache-status HIT age 1205457 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "081b1367cd2301d3bf23f0a40952d236-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7e2758aafaad5b3e-FRA
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 456 B	89ms 31ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=d.aydogs.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:51 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	pubcid.min.js Show response cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/	732 B 878 B	79ms 23ms	Script application/javascript	2a04:4e42:400::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 06 Jul 2023 11:00:51 GMT x-content-type-options nosniff content-encoding br age 42059 x-jsd-version master x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 439 x-served-by cache-fra-eddf8230084-FRA x-jsd-version-type branch etag W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	publishertag.ids.js Show response static.criteo.net/js/ld/	42 KB 13 KB	157ms 65ms	Script text/javascript	2a02:2638:d::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.ids.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:51 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 29 Jun 2023 05:28:55 GMT server nginx etag W/"649d1697-a980" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Fri, 07 Jul 2023 11:00:51 GMT
GET H2	200	ob.js Show response cdn-ima.33across.com/	12 KB 4 KB	111ms 38ms	Script application/javascript	172.64.152.222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-ima.33across.com/ob.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.152.222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d285ae6755d52c452904f5bdfa4a6c2082186d695304b242e9db2f12461f02e Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:51 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 15 Jun 2023 16:15:13 GMT server cloudflare age 54225 etag W/"648b3911-2e4b" vary Accept-Encoding content-type application/javascript cache-control public, max-age=86400 cf-ray 7e2758ab9c739134-FRA expires Fri, 07 Jul 2023 11:00:51 GMT
GET H2	200	sync.min.js Show response tags.crwdcntrl.net/lt/c/16589/	38 KB 12 KB	120ms 28ms	Script text/javascript	108.138.36.27 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/16589/sync.min.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.36.27 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-36-27.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 03:04:08 GMT content-encoding gzip via 1.1 9f8416bf8a85d328bf3649469ef2a474.cloudfront.net (CloudFront) last-modified Wed, 31 May 2023 20:34:33 GMT server AmazonS3 x-amz-cf-pop MUC50-P2 age 28604 etag W/"550ead3a95bd6cfcd917d45c5f8f4553" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=86400 x-amz-cf-id DJ6Mzsv0bqREpULtFyYtqkVLMTyROg-SpzSb55V2eqsxlrigvsHhSg==
GET H2	200	encrypted-tag-g.js Show response invstatic101.creativecdn.com/encrypted-signals/	1 KB 2 KB	100ms 37ms	Script text/javascript	34.96.70.87 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 87.70.96.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:51 GMT via 1.1 google, 1.1 google last-modified Wed, 05 Jul 2023 19:08:57 GMT server Google Frontend etag 6c49a4094d9a446bdc7fe3d19d23b4c7 content-type text/javascript; charset=utf-8 x-cloud-trace-context 23d3f964c7a4d726fa7365dfb3f028d2 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1311
GET H/1.1	200 OK	uid2SecureSignal.js Show response cdn.prod.uidapi.com/	2 KB 2 KB	134ms 20ms	Script text/javascript	2600:9000:2250:6000:a:e047:753:be1
General Check archive.org Show headers Download Go to Full URL https://cdn.prod.uidapi.com/uid2SecureSignal.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:6000:a:e047:753:be1 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-amz-version-id null Date Thu, 06 Jul 2023 05:33:17 GMT Via 1.1 03249875678629095a5ec311a6f1a298.cloudfront.net (CloudFront) Last-Modified Thu, 04 May 2023 00:14:06 GMT Server AmazonS3 X-Amz-Cf-Pop FRA60-P2 Age 19655 x-amz-server-side-encryption AES256 ETag "4d5acbf33f4a0592ac0515db92fe88e6" X-Cache Hit from cloudfront Content-Type text/javascript Connection keep-alive Accept-Ranges bytes Content-Length 1858 X-Amz-Cf-Id iGAPkHylZkicMwb1CFry9Eywroupl55JPhkYEM5ejhc2370TQZUovw==
GET H2	200	esp.js Show response cdn.id5-sync.com/api/1.0/	102 KB 25 KB	94ms 31ms	Script text/javascript	2606:4700:10::6816:3456 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/esp.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:51 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT last-modified Thu, 22 Jun 2023 08:35:03 GMT server cloudflare x-amz-request-id EQ0977RHP48FT9KC age 1429 etag W/"9b8b8eb50e4814cbdc325ce477c96910" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 7e2758ab8d589bee-FRA x-amz-id-2 KMrFcklZyn75cMPfTnxiItG8HSYFuSkiOS+1xId12+2RrGWj1m1jpBxDB4L+Gq4dPou3GKA02q+Mf02nyR46EA==
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	21 KB 10 KB	422ms 420ms	XHR text/plain	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3480017721456100&correlator=1892318998190725&eid=31075759&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=44890869%3A22863248739%2Cca-pub-3831894559014614-tag%2Cdc3b5e8b-dcdc-4fb2-8aaa-74aa23a4db34&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=676617758&sfv=1-0-40&prev_scp=ti%3D06bbdc9f-9d5f-422f-b712-5bb852bd6b0b%26chrand%3Dy%26pof%3D0%26bid%3D0.3%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D79&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1688641251065&lmt=1688641251&dlt=1688641250066&idt=624&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fd.aydogs.com%2Fennovelas.php%3Fpost%3DeyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ%3D%3D&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=505618354.1688641251&ga_sid=1688641251&ga_hid=1982442796&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY8s3y1pIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjzzfLWkjFIAFICCGQSGQoKcHViY2lkLm9yZxjyzfLWkjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y8s3y1pIxSABSAghkEhcKCHJ0YmhvdXNlGPPN8taSMUgAUgIIZBIZCgp1aWRhcGkuY29tGPPN8taSMUgAUgIIZA.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8209f3e180daf3faf1e54cdbb28bb1476fac4fa471af60a8e03c84b460933b57 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:51 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics true p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10114 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://d.aydogs.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 050E	6 KB 3 KB	153ms 27ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://d.aydogs.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 06 Jul 2023 11:00:51 GMT expires Fri, 05 Jul 2024 11:00:51 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	81 KB 26 KB	251ms 250ms	XHR text/plain	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3480017721456100&correlator=3841775811511112&eid=31075759&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=44890869%3A22863248739%2Cca-pub-3831894559014614-tag%2C08bc4b9e-eb3b-46e9-a724-0e7dcab44141&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x600&ifi=2&adks=1494785770&sfv=1-0-40&prev_scp=ti%3D06bbdc9f-9d5f-422f-b712-5bb852bd6b0b%26chrand%3Dy%26pof%3D0%26bid%3D0.35%26bid-p%3Dgoogle%26bsc%3D79&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1688641251111&lmt=1688641251&dlt=1688641250066&idt=624&adxs=30&adys=95&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fd.aydogs.com%2Fennovelas.php%3Fpost%3DeyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ%3D%3D&frm=20&vis=1&psz=1540x616&msz=1540x616&fws=4&ohw=1560&ga_vid=505618354.1688641251&ga_sid=1688641251&ga_hid=1982442796&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY8s3y1pIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjzzfLWkjFIAFICCGQSGQoKcHViY2lkLm9yZxjyzfLWkjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y8s3y1pIxSABSAghkEhcKCHJ0YmhvdXNlGPPN8taSMUgAUgIIZBIZCgp1aWRhcGkuY29tGPPN8taSMUgAUgIIZA.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9fbf97f3614040ed38487d3980939b863030c3dc10707f6a322e417c11dd1506 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:51 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics true p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26124 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://d.aydogs.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	81 KB 25 KB	401ms 400ms	XHR text/plain	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3480017721456100&correlator=722607189173197&eid=31075759&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fif&iu_parts=44890869%3A22863248739%2Cca-pub-3831894559014614-tag%2Cf246f2ad-a300-4e2f-9aef-667adcf7885b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x600&ifi=3&adks=3322645144&sfv=1-0-40&prev_scp=ti%3D06bbdc9f-9d5f-422f-b712-5bb852bd6b0b%26chrand%3Dy%26pof%3D0%26bid%3D0.27%26bid-p%3Dgoogle%26bsc%3D79&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1688641251139&lmt=1688641251&dlt=1688641250066&idt=624&adxs=30&adys=1430&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fd.aydogs.com%2Fennovelas.php%3Fpost%3DeyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ%3D%3D&frm=20&vis=1&psz=1540x616&msz=1540x616&fws=4&ohw=1560&ga_vid=505618354.1688641251&ga_sid=1688641251&ga_hid=1982442796&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY8s3y1pIxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjzzfLWkjFIAFICCGQSGQoKcHViY2lkLm9yZxjyzfLWkjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y8s3y1pIxSABSAghkEhcKCHJ0YmhvdXNlGPPN8taSMUgAUgIIZBIZCgp1aWRhcGkuY29tGPPN8taSMUgAUgIIZA.. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2e28cd3bd3e6038cfbce12b50150e792a930b1c33f3715ffe8c72976082a43e7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:51 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics true p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26016 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://d.aydogs.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	5188470 Show response oaphoace.net/401/ Frame 88B5	86 KB 33 KB	123ms 53ms	Script application/javascript	139.45.197.239 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://oaphoace.net/401/5188470 Requested by Host: glersakr.com URL: https://glersakr.com/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash bf8d797222f7a595011a56a537312a0ee204c29080fe4d087901c921c53c6706 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-trace-id 90d6a20e2703728df3dd0742c7f976c4 pragma no-cache date Thu, 06 Jul 2023 11:00:51 GMT strict-transport-security max-age=1 x-content-type-options nosniff content-encoding gzip server nginx vary Origin content-type application/javascript access-control-allow-origin * access-control-expose-headers Link cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true timing-allow-origin *, * expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	4923548 Show response betotodilea.com/400/ Frame 88B5	80 KB 31 KB	136ms 59ms	Script application/javascript	139.45.197.237 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://betotodilea.com/400/4923548 Requested by Host: glersakr.com URL: https://glersakr.com/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 73aab674a5bdcbe9a96dbcd07d7536c74af0db076cdf9082ee2a6ac11455c99a Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-trace-id 76c9bf6e776e31d413c43b3f88115a5a pragma no-cache date Thu, 06 Jul 2023 11:00:51 GMT strict-transport-security max-age=1 x-content-type-options nosniff content-encoding gzip server nginx vary Origin content-type application/javascript access-control-allow-origin * access-control-expose-headers Link cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true timing-allow-origin *, * expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	1 Show response nanouwho.com/ Frame 88B5	42 KB 16 KB	137ms 53ms	Script text/javascript	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://nanouwho.com/1?z=4923580 Requested by Host: glersakr.com URL: https://glersakr.com/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 52d6eab4afcebaca0a95f8de72e9e77fa068fc8765b2e8900a468cc0fc8561e1 Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-trace-id 59347ba8b251006f98c872c4b008e839 pragma no-cache date Thu, 06 Jul 2023 11:00:51 GMT content-encoding gzip x-sc LN0iDA0tkj4DJSLgQxkHVIwlMRDcuP4k7-_m-hHAhPMSTf_YoZucFy7lv0_FU_hNaR3c4NUfcI4i3HDPozZDBjYXTwo= server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type text/javascript access-control-allow-origin access-control-expose-headers X-Sc cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	gid.js Show response my.rtmark.net/ Frame 88B5	65 B 546 B	107ms 29ms	XHR application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?userId=2d9e1577fae049b2b2283621c6f2df5a Requested by Host: glersakr.com URL: https://glersakr.com/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 763fe4527704e4b7374b9746ba960c155a1522737a7448939ecfaf82657bf85d Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:51 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://vidspeeds.com:2096 access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H/1.1	200 OK	index-v1-a1.m3u8 Show response cdn-cached-fs-35-w.dailymotians.cam/hls/liwaikcuke2nsti77e6cuxqdunq52rnpyx4qdm74zvgjzkpze4pa3ovapvaq/ Frame 88B5	4 KB 4 KB	48ms 47ms	XHR application/vnd.apple.mpegurl	185.181.60.35 TERRAHOST
General Check archive.org Show headers Download Go to Full URL https://cdn-cached-fs-35-w.dailymotians.cam/hls/liwaikcuke2nsti77e6cuxqdunq52rnpyx4qdm74zvgjzkpze4pa3ovapvaq/index-v1-a1.m3u8 Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.9.5/provider.hlsjs.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.181.60.35 Sandefjord, Norway, ASN56655 (TERRAHOST, NO), Reverse DNS Software nginx / Resource Hash 43f2845a47068e14f152b01facf1c63ac918524eed892cc0c00c5b84711c3819 Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Thu, 06 Jul 2023 11:00:51 GMT Last-Modified Sun, 11 Sep 2000 09:00:00 GMT Server nginx ETag "-1-107b" Content-Type application/vnd.apple.mpegurl Access-Control-Allow-Origin * Cache-Control max-age=43200 Connection keep-alive Accept-Ranges bytes Content-Length 4219 Expires Thu, 06 Jul 2023 23:00:51 GMT
POST H2	200	encrypt Show response esp.rtbhouse.com/	649 B 744 B	40ms 39ms	Fetch application/json	35.190.39.111 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://esp.rtbhouse.com/encrypt Requested by Host: invstatic101.creativecdn.com URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 111.39.190.35.bc.googleusercontent.com Software Google Frontend / Resource Hash 77072706c651062200554a904f95a5d7c65eb91092fb0cf1be28cadf4a6dfb40 Request headers Referer https://d.aydogs.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json Response headers date Thu, 06 Jul 2023 11:00:51 GMT via 1.1 google, 1.1 google server Google Frontend content-type application/json access-control-allow-origin * x-cloud-trace-context 2d440315359ab0826b9e817f65bd1779 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 649
OPTIONS H2	200	encrypt esp.rtbhouse.com/ Frame	0 0	108ms 39ms	Preflight text/plain	35.190.39.111 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://esp.rtbhouse.com/encrypt Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 111.39.190.35.bc.googleusercontent.com Software Google Frontend / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://d.aydogs.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST, GET access-control-allow-origin https://d.aydogs.com access-control-max-age 600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 content-type text/plain; charset=utf-8 date Thu, 06 Jul 2023 11:00:51 GMT server Google Frontend vary Origin via 1.1 google, 1.1 google x-cloud-trace-context 83e8c49e7f03973ff30d6ef97c4246f0
GET H/1.1	204	increment Show response id5-sync.com/api/esp/	0 321 B	66ms 21ms	XHR text/plain	162.19.138.82 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/api/esp/increment?counter=no-config Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/esp.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31532337.ip-162-19-138.eu Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://d.aydogs.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://d.aydogs.com date Thu, 06 Jul 2023 11:00:50 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
GET H2	200	syncframe Show response gum.criteo.com/ Frame 41B5	15 KB 6 KB	161ms 38ms	Document text/html	2a02:2638:3::c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=d.aydogs.com Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.ids.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://d.aydogs.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 06 Jul 2023 11:00:50 GMT server Kestrel server-processing-duration-in-ticks 267441 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
POST H2	200	map Show response bcp.crwdcntrl.net/6/	60 B 332 B	157ms 45ms	XHR application/json	52.48.64.133 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/6/map Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.48.64.133 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-48-64-133.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash c11a39310cf49242feb22eda87bd38d03170abcb64bfeeb2b62ae104f1608667 Request headers Referer https://d.aydogs.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:51 GMT server Jetty(9.4.38.v20210224) content-type application/json;charset=utf-8 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://d.aydogs.com cache-control no-cache x-server 10.45.7.86 access-control-allow-credentials true content-length 60 expires 0
GET H/1.1	200 OK	seg-1-v1-a1.ts Show response cdn-cached-fs-35-w.dailymotians.cam/hls/liwaikcuke2nsti77e6cuxqdunq52rnpyx4qdm74zvgjzkpze4pa3ovapvaq/ Frame 88B5	635 KB 635 KB	107ms 106ms	XHR video/mp2t	185.181.60.35 TERRAHOST
General Check archive.org Show headers Download Go to Full URL https://cdn-cached-fs-35-w.dailymotians.cam/hls/liwaikcuke2nsti77e6cuxqdunq52rnpyx4qdm74zvgjzkpze4pa3ovapvaq/seg-1-v1-a1.ts Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.9.5/provider.hlsjs.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.181.60.35 Sandefjord, Norway, ASN56655 (TERRAHOST, NO), Reverse DNS Software nginx / Resource Hash 102744dbe6515c7ee3d7a92d1eef545ec4391d25d12d9f69002a82499562fe5a Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Thu, 06 Jul 2023 11:00:51 GMT Last-Modified Sun, 11 Sep 2000 09:00:00 GMT Server nginx ETag "-1-9eb78" Content-Type video/MP2T Access-Control-Allow-Origin * Cache-Control max-age=43200 Connection keep-alive Accept-Ranges bytes Content-Length 650104 Expires Thu, 06 Jul 2023 23:00:51 GMT
GET BLOB	200 OK	4ec5b398-ce54-4fb3-9073-7f2b4dd47194 https://vidspeeds.com:2096/ Frame 88B5	66 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://vidspeeds.com:2096/4ec5b398-ce54-4fb3-9073-7f2b4dd47194 Requested by Host: vidspeeds.com URL: https://vidspeeds.com:2096/embed-cxs0vgorfkyw.html Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 0650272a2cfb2751300ae0612286f03aac9c9bdcca8a574ebb5e52bfaf746243 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Length 68010 Content-Type text/javascript
GET H2	200	/ Show response glersakr.com/ Frame 88B5	2 KB 2 KB	29ms 28ms	Fetch application/json	139.45.197.239 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://glersakr.com/?rb=STKWOU6d5rE1oQWKcz8qVga7uv7udu7oVpTB5lDL1IXCkVjjLsXsVWfnD7M7Ga7-OoVh9jt-0M-Hxax75hZCaMh1IxDw2pr8sb3cgJLAwrZF4HQ0YTvM4VpyWzia9r332RQJTqEsvPge2Ls7m_O2iuCYGuDvzpF4JCy9z2SKTNoUHTdqHuX99_L7FMwLhuDAx1cMaxLp_9fa4SP48-hAYxTAvkFkPTmvElY7-Wne_0okGmm4IAukoFM484FZBAeZ6X8omC3rrYlg3_uz0qi3lSwBF9ibUr-o&request_ab2=0&zoneid=3909259&js_build=iclick-v1.572.1&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1019&wih=563&wiw=1019&wfc=2&pl=https%3A%2F%2Fvidspeeds.com%3A2096%2Fembed-cxs0vgorfkyw.html&drf=https%3A%2F%2Fd.aydogs.com%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.572.1&bs=74e1e4ef-438b-4d3a-b6b9-bf0fabf62a07&userId=2d9e1577fae049b2b2283621c6f2df5a&m=link Requested by Host: glersakr.com URL: https://glersakr.com/tag.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash db83557854792598dd5b63ca7747ee7f94bb031b7118bfc54c91d0728e951d2e Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:51 GMT strict-transport-security max-age=1 x-content-type-options nosniff content-encoding gzip x-trace-id eb1fcdb3f0d107f00fe9c1f5cab7206f pragma no-cache server nginx access-control-max-age 86400 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://vidspeeds.com:2096 cache-control no-transform, no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace expires Tue, 11 Jan 1994 10:00:00 GMT
GET H2	200	stattag.js Show response tzegilo.com/ Frame 88B5	17 KB 7 KB	102ms 34ms	Script application/javascript	2606:4700:3035::6815:16f5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tzegilo.com/stattag.js Requested by Host: oaphoace.net URL: https://oaphoace.net/401/5188470 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:16f5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63f957dde1ae04a83eaff7e442e693725562c4aa1062bc072b7509640ec4f663 Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:51 GMT content-encoding br cf-cache-status HIT last-modified Fri, 19 May 2023 08:43:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3732 etag W/"646736cf-4447" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgly5GqHkvACz26kOVbPjfcHzSBjDIOgBXJdnOE%2F1Gxp%2B63xth2Bo6WeTphdaSnSodKr0Uwjit8zVW3YS8MABjKF5adb938AXSs%2Fr4J7H2LSFYZI4IsuXs9OXQyIR%2FARo%2BRw%2BwVEsenmhA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7e2758ad8b8e30c6-FRA link <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin alt-svc h3=":443"; ma=86400
GET H2	200	f3152f06f3df4266df1737c2dcc1d015 Show response nanouwho.com/27/ Frame 88B5	403 KB 128 KB	30ms 29ms	Script application/javascript	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://nanouwho.com/27/f3152f06f3df4266df1737c2dcc1d015 Requested by Host: nanouwho.com URL: https://nanouwho.com/1?z=4923580 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash eb2224e60ee842f034267d4e814004a638858c39c782693e6b75c475af44d80e Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-trace-id 3d812f7a2ec19ce28e107e2aa356f062 date Thu, 06 Jul 2023 11:00:51 GMT strict-transport-security max-age=1 x-content-type-options nosniff last-modified Thu, 06 Jul 2023 05:09:14 GMT server nginx content-encoding gzip access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/javascript access-control-allow-origin access-control-expose-headers X-Sc cache-control max-age:290304000, public access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace expires Thu, 05 Aug 2083 05:09:14 GMT
GET H2	200	1 Show response upgulpinon.com/ Frame 88B5	42 KB 16 KB	151ms 56ms	Script text/javascript	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://upgulpinon.com/1?z=5030881 Requested by Host: nanouwho.com URL: https://nanouwho.com/1?z=4923580 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 759adb6b5252122b258cd6ad871fecd75edbf78d6683e561c31d10f222bba8a4 Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-trace-id 007a471fb7e163a2f340363d743fc4a8 pragma no-cache date Thu, 06 Jul 2023 11:00:51 GMT content-encoding gzip x-sc JRMAN75aognkdxFhYO9rtemH-YxNNOGzCa8Tgtqf3ma4XIs7CZD7C5_HWQo9ghgImZ0Sar2bIgRWlpvn9mnIFP1kkRg= server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type text/javascript access-control-allow-origin access-control-expose-headers X-Sc cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	container.html Show response 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 02D8	6 KB 3 KB	21ms 20ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://d.aydogs.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 06 Jul 2023 11:00:51 GMT expires Fri, 05 Jul 2024 11:00:51 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
HEAD H3	200	e.js Show response live.demand.supply/e/	0 480 B	105ms 105ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0.35&b=2&r=aydogs.com_fluid_all_topadfluid&sy=f17f113d-1ad9-4e8d-b626-9f30a09f47a3&ts=79&cd=2&pud=372&pus=c&pue=687&pid=120&pis=c&pie=807&ppd=400&pps=a&ppe=1088&pcl=656&ttc=1323&tti=1656&ttif=0&lca=1088&lcak=ppe&lct=1088&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=d.aydogs.com&mlre=undefined&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=06bbdc9f-9d5f-422f-b712-5bb852bd6b0b&e=lm&dsReferer=ZC5heWRvZ3MuY29tL2Vubm92ZWxhcy5waHA= Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.3.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-nf-request-id 01H3HG5DNKPZFQC69BSXE3QYR2 date Thu, 06 Jul 2023 11:00:51 GMT cf-cache-status HIT age 1205457 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "081b1367cd2301d3bf23f0a40952d236-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7e2758ad5d865b3e-FRA
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230628/r20110914/ Frame 02D8	23 KB 9 KB	207ms 24ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/abg_lite_fy2021.js Requested by Host: 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com URL: https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 05 Jul 2023 23:12:36 GMT content-encoding br x-content-type-options nosniff age 42495 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9104 x-xss-protection 0 server cafe etag 12939045362079141464 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 19 Jul 2023 23:12:36 GMT
GET H2	200	css fonts.googleapis.com/ Frame 02D8	8 KB 847 B	32ms 31ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Requested by Host: 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com URL: https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 06 Jul 2023 11:00:51 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 06 Jul 2023 10:33:56 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 06 Jul 2023 11:00:51 GMT
GET H2	200	outstream.min.css imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 02D8	15 KB 3 KB	203ms 22ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css Requested by Host: 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com URL: https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 07:46:02 GMT content-encoding gzip x-content-type-options nosniff age 11689 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2883 x-xss-protection 0 last-modified Wed, 17 May 2023 00:43:28 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 05 Jul 2024 07:46:02 GMT
GET H2	200	outstream.min.js Show response imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 02D8	371 KB 127 KB	203ms 22ms	Script text/javascript	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Requested by Host: 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com URL: https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 10:39:06 GMT content-encoding gzip x-content-type-options nosniff age 1305 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 130330 x-xss-protection 0 last-modified Wed, 17 May 2023 00:43:28 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 05 Jul 2024 10:39:06 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame 02D8	20 KB 9 KB	202ms 21ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com URL: https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 05 Jul 2023 23:12:36 GMT content-encoding br x-content-type-options nosniff age 42495 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8314 x-xss-protection 0 server cafe etag 15120507268597061312 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 19 Jul 2023 23:12:36 GMT
GET H2	200	sid Show response mug.criteo.com/ Frame 41B5 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertagids&domain=aydogs.com&sn=ChromeSyncframe&so=0&topUrl=d.aydogs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=F6nDYHxBeDM2MGE0WXJON0M0RWNOTVJPZmYwc2RTUld2czdhMnIzYjBsTXVKZUFOWEFuT2VLMzVOQVFoeWg0RHh6VEg5WW9ody80UzNnRGxyei9Wc09wdDBJOWhXODZyQ09QYlptNHFNa1NHTmw4STFyQUdxa2lRc0VzUl...	436 B 655 B	132ms 29ms	Fetch application/json	178.250.1.11 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=F6nDYHxBeDM2MGE0WXJON0M0RWNOTVJPZmYwc2RTUld2czdhMnIzYjBsTXVKZUFOWEFuT2VLMzVOQVFoeWg0RHh6VEg5WW9ody80UzNnRGxyei9Wc09wdDBJOWhXODZyQ09QYlptNHFNa1NHTmw4STFyQUdxa2lRc0VzUlZnS3FSbmhOcFFuVTZ5alFTdFNuRlg4VXh1ejhBb041WC9NS3A3R3RDVjdOUWFqeGpNNDM0c0orL0N4VG5KajRpOFVFSy9jL3VqbTJwR1FRQzZEaXZDYnlLeGhvZzNSNWJ6MCtsYmlFdXNjZGF0N1Z6NjZpSXdjRG5SRFN1QUo2OGdyZzh5TnZkRUJkZTZGeXliL2xlNVBSNVFnN1RuQT09fA&cppv=2 Requested by Host: d.aydogs.com URL: https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== Protocol H2 Server 178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 6e8bfecf1496f415d53b22c91fb4e638c046c591bceb9b2980d1e6e4af1b999b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:51 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1630855 expires 0 Redirect headers pragma no-cache date Thu, 06 Jul 2023 11:00:51 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=F6nDYHxBeDM2MGE0WXJON0M0RWNOTVJPZmYwc2RTUld2czdhMnIzYjBsTXVKZUFOWEFuT2VLMzVOQVFoeWg0RHh6VEg5WW9ody80UzNnRGxyei9Wc09wdDBJOWhXODZyQ09QYlptNHFNa1NHTmw4STFyQUdxa2lRc0VzUlZnS3FSbmhOcFFuVTZ5alFTdFNuRlg4VXh1ejhBb041WC9NS3A3R3RDVjdOUWFqeGpNNDM0c0orL0N4VG5KajRpOFVFSy9jL3VqbTJwR1FRQzZEaXZDYnlLeGhvZzNSNWJ6MCtsYmlFdXNjZGF0N1Z6NjZpSXdjRG5SRFN1QUo2OGdyZzh5TnZkRUJkZTZGeXliL2xlNVBSNVFnN1RuQT09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 231644 content-length 0 expires 0
POST H2	200	9 Show response nanouwho.com/ Frame 88B5	7 B 621 B	32ms 29ms	XHR application/javascript	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://nanouwho.com/9?z=4923580&ng=1&ix=1&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fvidspeeds.com%3A2096%2Fembed-cxs0vgorfkyw.html&wy=0&wx=0&ww=1600&wh=1200&cw=1019&wiw=1019&wih=563&wfc=1&sah=1200&drf=https%3A%2F%2Fd.aydogs.com%2F&hil=1&ist=0&oaid=2d9e1577fae049b2b2283621c6f2df5a Requested by Host: nanouwho.com URL: https://nanouwho.com/27/f3152f06f3df4266df1737c2dcc1d015 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821 Request headers Referer https://vidspeeds.com:2096/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json Response headers x-trace-id 6d824adbf1c13a89526c95edcabcf3a2 pragma no-cache date Thu, 06 Jul 2023 11:00:51 GMT server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/javascript access-control-allow-origin https://vidspeeds.com:2096 access-control-expose-headers X-Sc cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace content-length 7 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H3	200	container.html Show response 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 181A	6 KB 3 KB	32ms 26ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://d.aydogs.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 06 Jul 2023 11:00:51 GMT expires Fri, 05 Jul 2024 11:00:51 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated /	182 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	834 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/svg+xml
HEAD H3	200	e.js Show response live.demand.supply/e/	0 481 B	32ms 31ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0.3&b=2&r=aydogs.com_728x90_sticky_display_bottom_stickyadsnew&sy=f17f113d-1ad9-4e8d-b626-9f30a09f47a3&ts=79&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=d.aydogs.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=06bbdc9f-9d5f-422f-b712-5bb852bd6b0b&e=lm&dsReferer=ZC5heWRvZ3MuY29tL2Vubm92ZWxhcy5waHA= Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.3.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-nf-request-id 01H3HG5DNKPZFQC69BSXE3QYR2 date Thu, 06 Jul 2023 11:00:51 GMT cf-cache-status HIT age 1205457 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "081b1367cd2301d3bf23f0a40952d236-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7e2758ae5ece5b3e-FRA
GET H3	200	container.html Show response 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6B4A	6 KB 3 KB	31ms 26ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://d.aydogs.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 06 Jul 2023 11:00:51 GMT expires Fri, 05 Jul 2024 11:00:51 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
HEAD H3	200	e.js Show response live.demand.supply/e/	0 480 B	28ms 28ms	XHR application/javascript	2606:4700::6810:8516 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://live.demand.supply/e/e.js?gl=0.27&b=2&r=aydogs.com_fluid_all_down.ad&sy=f17f113d-1ad9-4e8d-b626-9f30a09f47a3&ts=79&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=d.aydogs.com&mlre=undefined&mlin=0&mlsi=1024x600&mlbw=4g&mlcs=NaN&mltp=06bbdc9f-9d5f-422f-b712-5bb852bd6b0b&e=lm&dsReferer=ZC5heWRvZ3MuY29tL2Vubm92ZWxhcy5waHA= Requested by Host: live.demand.supply URL: https://live.demand.supply/impl.v17.3.0.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers x-nf-request-id 01H3HG5DNKPZFQC69BSXE3QYR2 date Thu, 06 Jul 2023 11:00:51 GMT cf-cache-status HIT age 1205457 cf-polished origSize=2 alt-svc h3=":443"; ma=86400 content-length 1 cf-bgj minify server cloudflare etag "081b1367cd2301d3bf23f0a40952d236-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control s-maxage=2592000,stale-if-error=604800 accept-ranges bytes cf-ray 7e2758ae8f515b3e-FRA
GET H2	204	5188470 Show response oaphoace.net/500/ Frame 88B5	0 463 B	34ms 33ms	XHR text/plain	139.45.197.239 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://oaphoace.net/500/5188470?excludes=&oaid=2d9e1577fae049b2b2283621c6f2df5a&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1019&wiw=1019&wih=563&wfc=6&pl=https%3A%2F%2Fvidspeeds.com%3A2096%2Fembed-cxs0vgorfkyw.html&drf=https%3A%2F%2Fd.aydogs.com%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false Requested by Host: oaphoace.net URL: https://oaphoace.net/401/5188470 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://vidspeeds.com:2096/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json Response headers x-trace-id d76b1d807994b625a26120fc9c4bc4ec pragma no-cache date Thu, 06 Jul 2023 11:00:51 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx vary Origin access-control-allow-origin https://vidspeeds.com:2096 access-control-expose-headers Link cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true timing-allow-origin *, * expires Tue, 11 Jan 1994 10:00:00 GMT
OPTIONS H2	204	9 nanouwho.com/ Frame	0 0	94ms 29ms	Preflight	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://nanouwho.com/9?z=4923580&ng=1&ix=1&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fvidspeeds.com%3A2096%2Fembed-cxs0vgorfkyw.html&wy=0&wx=0&ww=1600&wh=1200&cw=1019&wiw=1019&wih=563&wfc=1&sah=1200&drf=https%3A%2F%2Fd.aydogs.com%2F&hil=1&ist=0&oaid=2d9e1577fae049b2b2283621c6f2df5a Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://vidspeeds.com:2096 Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE access-control-allow-origin https://vidspeeds.com:2096 cache-control no-store, no-cache, must-revalidate, max-age=0 date Thu, 06 Jul 2023 11:00:51 GMT expires Mon, 26 Jul 1997 05:00:00 GMT pragma no-cache server nginx
OPTIONS H2	200	5188470 oaphoace.net/500/ Frame	0 0	82ms 25ms	Preflight	139.45.197.239 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://oaphoace.net/500/5188470?excludes=&oaid=2d9e1577fae049b2b2283621c6f2df5a&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1019&wiw=1019&wih=563&wfc=6&pl=https%3A%2F%2Fvidspeeds.com%3A2096%2Fembed-cxs0vgorfkyw.html&drf=https%3A%2F%2Fd.aydogs.com%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://vidspeeds.com:2096 Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://vidspeeds.com:2096 access-control-max-age 600 allow GET, OPTIONS content-length 0 date Thu, 06 Jul 2023 11:00:51 GMT server nginx strict-transport-security max-age=1 timing-allow-origin * vary Origin Access-Control-Request-Method Access-Control-Request-Headers x-content-type-options nosniff
POST H/1.1	200 OK	add Show response fleraprt.com/log/ Frame 88B5	12 B 488 B	112ms 33ms	XHR application/json	139.45.195.254 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f Requested by Host: tzegilo.com URL: https://tzegilo.com/stattag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx/1.19.10 / Resource Hash 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed Request headers Referer https://vidspeeds.com:2096/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Thu, 06 Jul 2023 11:01:05 GMT Server nginx/1.19.10 Access-Control-Allow-Methods POST, GET, OPTIONS, PUT, DELETE Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://vidspeeds.com:2096 Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match Content-Length 12
OPTIONS H2	204	9 upgulpinon.com/ Frame	0 0	84ms 28ms	Preflight	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://upgulpinon.com/9?z=5030881&ng=1&ix=1&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fvidspeeds.com%3A2096%2Fembed-cxs0vgorfkyw.html&wy=0&wx=0&ww=1600&wh=1200&cw=1019&wiw=1019&wih=563&wfc=1&sah=1200&drf=https%3A%2F%2Fd.aydogs.com%2F&hil=1&ist=0&oaid=2d9e1577fae049b2b2283621c6f2df5a Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://vidspeeds.com:2096 Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE access-control-allow-origin https://vidspeeds.com:2096 cache-control no-store, no-cache, must-revalidate, max-age=0 date Thu, 06 Jul 2023 11:00:51 GMT expires Mon, 26 Jul 1997 05:00:00 GMT pragma no-cache server nginx
POST H2	200	9 Show response upgulpinon.com/ Frame 88B5	7 B 621 B	35ms 32ms	XHR application/javascript	139.45.197.242 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://upgulpinon.com/9?z=5030881&ng=1&ix=1&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fvidspeeds.com%3A2096%2Fembed-cxs0vgorfkyw.html&wy=0&wx=0&ww=1600&wh=1200&cw=1019&wiw=1019&wih=563&wfc=1&sah=1200&drf=https%3A%2F%2Fd.aydogs.com%2F&hil=1&ist=0&oaid=2d9e1577fae049b2b2283621c6f2df5a Requested by Host: nanouwho.com URL: https://nanouwho.com/27/f3152f06f3df4266df1737c2dcc1d015 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821 Request headers Referer https://vidspeeds.com:2096/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json Response headers x-trace-id ebe5bb114eee0e10958766e7ae0378b6 pragma no-cache date Thu, 06 Jul 2023 11:00:51 GMT server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/javascript access-control-allow-origin https://vidspeeds.com:2096 access-control-expose-headers X-Sc cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace content-length 7 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	204	4923548 Show response betotodilea.com/500/ Frame 88B5	0 463 B	31ms 30ms	XHR text/plain	139.45.197.237 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://betotodilea.com/500/4923548?excludes=&oaid=2d9e1577fae049b2b2283621c6f2df5a&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1019&wiw=1019&wih=563&wfc=6&pl=https%3A%2F%2Fvidspeeds.com%3A2096%2Fembed-cxs0vgorfkyw.html&drf=https%3A%2F%2Fd.aydogs.com%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false Requested by Host: betotodilea.com URL: https://betotodilea.com/400/4923548 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer https://vidspeeds.com:2096/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json Response headers x-trace-id 740c27dda522d37adceeebfdf15e9b70 pragma no-cache date Thu, 06 Jul 2023 11:00:51 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx vary Origin access-control-allow-origin https://vidspeeds.com:2096 access-control-expose-headers Link cache-control no-cache, no-store, no-transform, must-revalidate, private, max-age=0 access-control-allow-credentials true timing-allow-origin *, * expires Tue, 11 Jan 1994 10:00:00 GMT
OPTIONS H2	200	4923548 betotodilea.com/500/ Frame	0 0	142ms 26ms	Preflight	139.45.197.237 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://betotodilea.com/500/4923548?excludes=&oaid=2d9e1577fae049b2b2283621c6f2df5a&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1019&wiw=1019&wih=563&wfc=6&pl=https%3A%2F%2Fvidspeeds.com%3A2096%2Fembed-cxs0vgorfkyw.html&drf=https%3A%2F%2Fd.aydogs.com%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://vidspeeds.com:2096 Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://vidspeeds.com:2096 access-control-max-age 600 allow GET, OPTIONS content-length 0 date Thu, 06 Jul 2023 11:00:51 GMT server nginx strict-transport-security max-age=1 timing-allow-origin * vary Origin Access-Control-Request-Method Access-Control-Request-Headers x-content-type-options nosniff
GET H/1.1	200 OK	index-v1-a1.m3u8 Show response cdn-cached-fs-35-w.dailymotians.cam/hls/liwaikcuke2nsti77e6cuxqdunq52rnpyx4qdm74z4rjzkpze4pasggnowja/ Frame 88B5	4 KB 4 KB	50ms 49ms	XHR application/vnd.apple.mpegurl	185.181.60.35 TERRAHOST
General Check archive.org Show headers Download Go to Full URL https://cdn-cached-fs-35-w.dailymotians.cam/hls/liwaikcuke2nsti77e6cuxqdunq52rnpyx4qdm74z4rjzkpze4pasggnowja/index-v1-a1.m3u8 Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.9.5/provider.hlsjs.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.181.60.35 Sandefjord, Norway, ASN56655 (TERRAHOST, NO), Reverse DNS Software nginx / Resource Hash 597f3bbc29c4b24e7f5fdd4260096d5dc7d71fddf0be73c168717716571c5b17 Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Thu, 06 Jul 2023 11:00:51 GMT Last-Modified Sun, 11 Sep 2000 09:00:00 GMT Server nginx ETag "-1-107b" Content-Type application/vnd.apple.mpegurl Access-Control-Allow-Origin * Cache-Control max-age=43200 Connection keep-alive Accept-Ranges bytes Content-Length 4219 Expires Thu, 06 Jul 2023 23:00:51 GMT
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 0EF9	624 B 826 B	122ms 62ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjoqcLbATAB&v=APEucNVt3mYsk7F9j98SHVF-j_0QTiXEzZ1Dz_W2KU8VnQ7qDCT9jW7fa7v3m1zZR4lChSDPWF15XHGS0Feodn9DE6K7nokKTVGBu7yFsCmcf0nBOc7aUZ9_rMZN6UNzHXxhG3nO9iLymGWykQymEEQYUuwoqbAMEUzthdEUoQdGLeWFOW0hZG17yk3IyAJZvFO4aYZxIV64AJDKfepu0e1OpPOvNeVHxg Requested by Host: 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com URL: https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 06 Jul 2023 11:00:51 GMT expires Thu, 06 Jul 2023 11:00:51 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 181A	78 KB 28 KB	177ms 83ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com URL: https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:51 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28042 x-xss-protection 0 server cafe etag 3261498652431352696 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Thu, 06 Jul 2023 11:00:51 GMT
GET H2	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 181A	42 B 110 B	151ms 57ms	Image image/gif	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DERnKzcREHgCiNvZkcq72CyFptjYgaCbkJ7JoMkMy69qdOXRex5EbJOsN2fn_RCdu5hd-gR-MQhbq1gNSGvQeC07dsjQo_lgjSXv7q1pMgBGVNJpI Requested by Host: 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com URL: https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 181A	0 349 B	148ms 54ms	Image image/gif	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10361204185516399042&x=1&ct=76 Requested by Host: 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com URL: https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame 181A	3 KB 1 KB	34ms 29ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/window_focus_fy2021.js Requested by Host: 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com URL: https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 09:47:59 GMT content-encoding br x-content-type-options nosniff age 4372 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 20 Jul 2023 09:47:59 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame 181A	20 KB 8 KB	25ms 20ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com URL: https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 05 Jul 2023 23:12:36 GMT content-encoding br x-content-type-options nosniff age 42495 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8314 x-xss-protection 0 server cafe etag 15120507268597061312 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 19 Jul 2023 23:12:36 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 181A	179 KB 57 KB	138ms 32ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com URL: https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:51 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57260 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1687952195399670" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Thu, 06 Jul 2023 11:00:51 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230628/r20110914/ Frame 6B4A	23 KB 9 KB	33ms 29ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/abg_lite_fy2021.js Requested by Host: 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com URL: https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 05 Jul 2023 23:12:36 GMT content-encoding br x-content-type-options nosniff age 42495 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9104 x-xss-protection 0 server cafe etag 12939045362079141464 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 19 Jul 2023 23:12:36 GMT
GET H3	200	css fonts.googleapis.com/ Frame 6B4A	8 KB 750 B	38ms 35ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Requested by Host: 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com URL: https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 06 Jul 2023 11:00:51 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 06 Jul 2023 10:18:48 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 06 Jul 2023 11:00:51 GMT
GET H2	200	outstream.min.css imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 6B4A	15 KB 3 KB	24ms 21ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.css Requested by Host: 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com URL: https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7d4095ea226f3f80d6d4fc62e3737dd5107fd9d4aa4a443cac11378b102f64b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 07:46:02 GMT content-encoding gzip x-content-type-options nosniff age 11689 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2883 x-xss-protection 0 last-modified Wed, 17 May 2023 00:43:28 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 05 Jul 2024 07:46:02 GMT
GET H2	200	outstream.min.js Show response imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/ Frame 6B4A	371 KB 127 KB	25ms 22ms	Script text/javascript	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Requested by Host: 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com URL: https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 464be521d749b2ba1c7e8c1f87223b56a03ee0bd05484baa0e9067ce9eb9d2be Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 10:39:06 GMT content-encoding gzip x-content-type-options nosniff age 1305 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 130330 x-xss-protection 0 last-modified Wed, 17 May 2023 00:43:28 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 05 Jul 2024 10:39:06 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/ Frame 6B4A	20 KB 8 KB	26ms 23ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230628/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com URL: https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5dff1c5185bfe98d10fd4b80ad1e2a04d57365a09e631840dce7fd3c79d19971 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 05 Jul 2023 23:12:36 GMT content-encoding br x-content-type-options nosniff age 42495 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8314 x-xss-protection 0 server cafe etag 15120507268597061312 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 19 Jul 2023 23:12:36 GMT
POST H2	204	csi csi.gstatic.com/ Frame 02D8	0 234 B	451ms 145ms	Ping image/gif	2607:f8b0:4023:1002::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ljr1egti&c=8284531598989&slotId=4142265799494.5&qqid=CPHytu_2-f8CFY8EVQgd9A8DjA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C45390960%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:1002::5e Fort Worth, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:52 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 02D8	15 KB 16 KB	23ms 22ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 01 Jul 2023 17:04:15 GMT x-content-type-options nosniff age 410196 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 30 Jun 2024 17:04:15 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 02D8	15 KB 15 KB	29ms 29ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 01 Jul 2023 03:30:27 GMT x-content-type-options nosniff age 459024 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 30 Jun 2024 03:30:27 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 02D8	0 56 B	112ms 58ms	Image image/gif	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C-3p0456mZLH1CY-J1PIP9J-M4AiA6YfNcJ-BmeGzEYWQ36SHMhABIJWbyiFglYKAgMgHoAHe_KCDA8gBBakCRzIujSU5sj6oAwHIA5sEqgT-AU_QplvjZsSd6XUcxn09RK0yywZDra9y5_2_Q8TNUnPpFCaGO6Jk3HEZoPjsYTBCRzw1HXJweqpElG-lVwHx7gVADL4sXwRkR7Vmzbo-SW9QwFM05IMiIwlFHQOAB_MrfeF3pXLSNa_lccbCeYXebDd2RFt2nkO1iDteFOXjm1Jw342mm3JEa9CcWfKqlpfPN4waCb3lkbVG1kgWtJ68WIbMYHiBXjbnCD2TNDrV3AvxGwqrZVEoDcEwmrcHK8BvQ2R9SeL_spE85bD3aXRocaJf28MZueoVhUQoKKkibY0tYCW_rawDkxlgRE0240RgI5Arlhur7o_aggfRCLgmwAS1mrG3_wPgBAOQBgGgBk6AB4qD33yoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATgfeAFNATANgTDYgUBNgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1688641251757&ai=C-3p0456mZLH1CY-J1PIP9J-M4AiA6YfNcJ-BmeGzEYWQ36SHMhABIJWbyiFglYKAgMgHoAHe_KCDA8gBBakCRzIujSU5sj6oAwHIA5sEqgT-AU_QplvjZsSd6XUcxn09RK0yywZDra9y5_2_Q8TNUnPpFCaGO6Jk3HEZoPjsYTBCRzw1HXJweqpElG-lVwHx7gVADL4sXwRkR7Vmzbo-SW9QwFM05IMiIwlFHQOAB_MrfeF3pXLSNa_lccbCeYXebDd2RFt2nkO1iDteFOXjm1Jw342mm3JEa9CcWfKqlpfPN4waCb3lkbVG1kgWtJ68WIbMYHiBXjbnCD2TNDrV3AvxGwqrZVEoDcEwmrcHK8BvQ2R9SeL_spE85bD3aXRocaJf28MZueoVhUQoKKkibY0tYCW_rawDkxlgRE0240RgI5Arlhur7o_aggfRCLgmwAS1mrG3_wPgBAOQBgGgBk6AB4qD33yoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATgfeAFNATANgTDYgUBNgUAdAVAfgWAYAXAQ Requested by Host: 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com URL: https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame 02D8	0 54 B	438ms 146ms	Ping image/gif	2607:f8b0:4023:1002::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ljr1egtq&c=8284531598989&slotId=4142265799494.5&qqid=CPHytu_2-f8CFY8EVQgd9A8DjA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.ia&vast_v=4.0&lima_p_ich=0&lima_p_icu=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:1002::5e Fort Worth, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:52 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	vast Show response bid.g.doubleclick.net/dbm/ Frame 02D8	25 KB 17 KB	238ms 126ms	XHR text/xml	64.233.184.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-A0H2DdJzT7U2qhLhvVgstU1W8WY2oLwMhiSIwovUWsY3r1uQz3XxgcCXx6LufQkc23ZmLn0ssu3soLBCEhfWNewzh44g&dbm_d=AKAmf-AItLC9cjNO-FSv4LzbeOi7fot3XN3YC60nBRe_SQzdTtYlpAoZ5gtg1jiptdGZbYN0JNi9n4rCI5IR2xvXOnrDHtbW4Zs3nowz46K6Hv08HsZM4pbdmHbINmuGVQvpuA2tTjPArDDGWblCGL782YT6Uo9aMGfxtg9CuotPKOYR-qu8K7j0CYzFNTIVrkfwzlfkGHasOwQ35fZfVBFphVfmt8DNEZo_CuOFUJEFpG18bF5hBBQDcYqsHy8hJD6mcJtNF8JceN3KWntR_VXDc0t2Pp3T2wcTwNGX3mWvY_mhkWmMD75b8MY1rbEF2CncvrnrC6hdakE8etFZMENafpgi7eXh8dalsua2hlgb-s1RuKix6atAGTnWtP50AJfz__BkcMC759mcLDlE37CLtJqP-jl65SaHZ_R5wMUyq1INldHbY9hU0R-KyNMHrM7ubwjeoWbOowWWvsRfN9zaN_w6qd5_PD9thdKIFKMMmrqhGgR93Ct4tzgEixBoOGsof5yPubQsb3Tcy0AmCIF6H3O2xl-QeI7qGbXgT5SIbHXriSQxavGBCk5TqV6stjCKGg7aQpCZPw4hoRuX7MvISFEqY7f5vLcCfXb9Vf6G54UuwE5iPv0a40tdACvK0F9Rek7dn_svumeOFJIk-Kt4DSdrBb3_ntHSqXqouwp0ETGWUGTT0QwnIzy8m3e0tejq5Qh51Bh_8buadiaZPkSGX2J4KVH7YXsdfLiyhwAl4xI21ZZUwabBK6iXEFoyNwbjEJWugROipJn6pQvZMdr0fVsX8uHhgqagUtzjjAmQldfuazotQN8grKqMI5n-qEBx6dSCbYOJMIiN38epiWaabV7d32iIblNwRkMKwK3FyilFeuhuLMGDlfLFyqKY_B5YBiNTO0EdxGDpCDXxsdzhbqaFA09pMmB9VI1UZYHBv8Y8-Td1gCMpqF2D4WqK2G3yMwtYGyoO5tj8Dt6hib7ogZ1qE_OJhn7RN39BzpMV-LCOqkqfoWRjmTK6diDsX33U4QPPynPYr-rkDk8pJ0Uyl9RBz9HSZ-QQzIpvU0Loe4uP_O9tiUhMqWcbN3QJe2aQ1YR-xF8cqkjF1KfRbkIucvqCeL7-l8-fbEczm6wx8eSQCgZUC6Cbon8xZBhc8MNS3ohg4SMQn1ndbT5PcPb3N71Q65kIXqEWjCETKOxRvKYIdjoXr3wLm96PY8ctV2sqOcMe8gmD2dzUwRSBM7OKLFnyGXuD8VuF_R8oqNixhQRG_wQqyBZDDeuEJk56vPYYs2jrfJJrBKr0RCYjHZ9i4HCoQGoTCAhYWbgwpLeaDZ576b2HF9bkL9bjfRkojxkMnEIdhJt84k6KS9gSNXaZQC3Zi1zhNHVLjX9syb6sbH0b4Pa2uOaWwgTnLKYfLDEl1GboEUYk7zXSYElTkrYC0ipEp8QXeRXR-5YG97wbB5OzYJ7CKSgMf8uziqd-S2tfjssOmFfjf9ZqM70XWHVzLzKi5Ooy5TSZ4m87hjgw2UeZEmGsXCwnKNt-FxSPmz2UEDTA5Piay745kQnX4nvepKhFjGvsCB7Vlo7_jvgge4-fgk2r1amz_cN6HFJycmo9ID9YWnpiqJXc5pTItD7KouYA1YgZ7jRFeCKQva219GllcHNgmKAqH9wDTm7X9vqgDfo6SSHn2kaHcBb041Ibeu1zhRXAhsBWUdihswFJf9Jxl0H1PDVqiPmwq83ucbnFqPZHCUhcFwMPsxS3jMOwKGQ_kbk51scxlqKXP6R7fnj5JeBpLIjMCPpWSGyiW7jVawk_3eJn02KhN6Zd2GvLypNfMwKoui6qVPf4imGZwayuGNwWXw5_ru8AqvAoA7cewIh1au6PBu--zmu8ltasylv74rxJ3E1u_VGB2um9HOGfsgq9x0JfFTT0HQ1JQd2Nms8HnO_6eJk7LMzN-2EH_8ops0CmNeZ-9t3YYCoCXCTHl1hLe1Zl5-gqnwLll-Co6bv60vyhABM3AQJdM5g7DSC94cqd4q2BdC821_Riu7gFuLbYeqG8RButRbhcV-9u5Iw8bOyVG4Rj5U4cNiyTD-idETEDVgUeBmGgZv_AdPmMNqnON0ziRog1b9jMfNoMcRxTuy_MQ3_qAmg-zKZyCSPm474-s87KTSfrpqjq1PynpOKkqhZdX3qh9ORyxXYniZPHWB_mp207btRpzDVnQCS0IYlNLzTW5rF3FfdNpacncmMCLgSQkOUgJp7mKWtRQaP8Jd2fP24GO6DRbcCyWNfKF5ma0ita1mQHEkGOioIOQl6WT2oBwJVWZ9cw-72Tc6NRya4gJSZ36YpuOEN0vbx44eZeFIcTO-ficaKVJSybuKLMNFIUkik9VFgeQX1frUdYYbC2xQ-sBIhhouSF1sQCck3SJAcIKzjoXYgGJCP8PLH5T__M-Fr7-Bz7wc8UH65F89OjcCVT8c5DmH1h1jFwxZGwZzu8LMLUJLGKryZ3QBktAnUjGpELBjObU5i_QOS2s_VWHhSNiXuoTHHO_8SeMnQBO4k_6J2ITtT_sH-pnDRm3Q6tXbwZNpNVEEalBc8VbQoJsqF5mR1lP_cB10UFA4BoLNGG1owaxHU1FGO1q1MyS4VBf6DN9rpxQO6BZ9rRxlCvJytmaCSYN3qSYh08w4272xLnkw0VqSXWXeniMlF8jHRh27kBj5r9o9-77lNK7O2L9WCzDL6xCRcErBw18C41BVTJL3PmnLwUyfB-aS7hSebwYEY3HYrUuzHkvwnLC7R2_QlUlo3jSj6MjAtL6pDJey7vwj9MZcHtLVnXzzcqhkwnw3s-_3ybi3rCDk9iefr5q9R-IaQajKg4UANaJSCwUNtR3R6fSRdQxso97EKO5lUsJ7BbJ2jPRCXhfGyn2s8H41gSxRBjAd3_r550IBnKQISsvCN9eUiI0Yrqvg4TrC7Rg08obLNJioEcl8tRuytD9HcBvPn3aZkm802f19kfPQbKmz95QDA4pCLgkJsmHJuOe5QwGlDgSnCR6_8y9Uzl7m_Qi9KokVH-LRBOND9BNe8sTNotQH7v7NLBzgIFpGoVRdmxS7AgVn2v2MTjF40xpxpgXZIlP4J0EOOZOww5MiyY7UhBlZaZj-X47xMaAqLwhJ2MABhkzlizkrs1QswuhTpPHwOk_O5ZDCs6KXowhtgSPXGj-2oXlVi0FhVvuW1I6oQxstliQNjFaWLkHVUeZkkYh90Q-hiRHyJfEdsb9nLBWC9IfKTC3z8bCX-yp1pSR3F_1NjV2HfH_6w3NVOXjOaLndDAlMuo5tTDNmFDbiOJ6fnC-4-4P6cPA0W0Ao8v4WQgZXRPFKso9dFbWIVugyB0wOyFrYZU2BWSIkhxI6NU5hHuiwPJA_h7O7dmE1j0U-yOsq3Kuu0_KbK3TMhM8WRJxndDp_aRv9z7_m0ymrmbokOXrm7p4JuDlbfwOt0SILKaSUuqc8-yJdVnj4z84Z8rl0Bn4Dm1OItTEyExHP73nlei52CNo9NB4XVzipFFYydbSSuwj-2UExJKzbp3s8f8uaboKY8zhaCXlDjbR8QTW_pyovB3W8Farl-YHVUyfynRHp6k64C7HNaruURyFQd4xzOBzHIiO_fpDqMkEGaW3IvE_tNNiDK7bJA0jjUqwkTM8ucSrgbuX71d9DG8SVVz4W12eJGdrkssgKh26CFvYpeaSs6ZuII8jE8SmBHYxrJ0SYTwxlZYrsEXx_iKH3uhVtbkirXM0Pog2ZEPBu_Ghsa9lTU67BQv3NW74qH-Up5PcRGEgDlX7MidAQ5Q4pBwnn4Kyiuz82aW7zApWw&cid=CAQSSwBygQiDUo8P_fQVivArfhelJ-nYRE_r9_ZRUGvWsrQEYPFWr3KWn6jT01HXpAPvhRjGEQ2tuXyzEVej3EvEG8QANzn4BFh2HtDmXxgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.233.184.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS wa-in-f157.1e100.net Software cafe / Resource Hash 86d7b1125385567cf4e3f9ba73e822c9e9bad0ffb85fc38e30f7b6a63e5556ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:51 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16866 x-xss-protection 0 pragma no-cache server cafe content-type text/xml; charset=UTF-8 access-control-allow-origin https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	seg-1-v1-a1.ts Show response cdn-cached-fs-35-w.dailymotians.cam/hls/liwaikcuke2nsti77e6cuxqdunq52rnpyx4qdm74z4rjzkpze4pasggnowja/ Frame 88B5	1 MB 1 MB	103ms 103ms	XHR video/mp2t	185.181.60.35 TERRAHOST
General Check archive.org Show headers Download Go to Full URL https://cdn-cached-fs-35-w.dailymotians.cam/hls/liwaikcuke2nsti77e6cuxqdunq52rnpyx4qdm74z4rjzkpze4pasggnowja/seg-1-v1-a1.ts Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.9.5/provider.hlsjs.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.181.60.35 Sandefjord, Norway, ASN56655 (TERRAHOST, NO), Reverse DNS Software nginx / Resource Hash 2392722912c680303b24ece8ada5232ea09a43f81cbd983199788d8a0a320b76 Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Thu, 06 Jul 2023 11:00:51 GMT Last-Modified Sun, 11 Sep 2000 09:00:00 GMT Server nginx ETag "-1-146e38" Content-Type video/MP2T Access-Control-Allow-Origin * Cache-Control max-age=43200 Connection keep-alive Accept-Ranges bytes Content-Length 1338936 Expires Thu, 06 Jul 2023 23:00:51 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 02D8	0 0	62ms 61ms	Fetch text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=Crooy456mZLH1CY-J1PIP9J-M4AiA6YfNcJ-BmeGzEYWQ36SHMhABIJWbyiFglYKAgMgHoAHe_KCDA8gBBakCRzIujSU5sj6oAwGqBPsBT9CmW-NmxJ3pdRzGfT1ErTLLBkOtr3Ln_b9DxM1Sc-kUJoY7omTccRmg-OxhMEJHPDUdcnB6qkSUb6VXAfHuBUAMvixfBGRHtWbNuj5Jb1DAUzTkgyIjCUUdA4AH8yt94XelctI1r-VxxsJ5hd5sN3ZEW3aeQ7WIO14U5eObUnDfjaabckRr0JxZ8qqWl883jBoJveWRtUbWSBa0nrxYhsxgeIFeNucIPZM0OtXcC_EbCqtlUSgNwTCa7wa5iGRJpkzbH31XwZ4AmF3vTvL3gpNn-NItyDCPwCEBsb-BKRaruxmBghsUpP5-15Jeb0w7b5xrSwn-PyPQ5XjABLWasbf_A-AEA4gFmOWpg0GSBQQIAxgBkgUGCBsQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAeKg998qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQ7b5aGOnM8ukB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAbATgfeAFMgT4Nma4APQEwDYEw2IFATYFAHQFQGAFwGyFx4KHAgAEhRwdWItNzUwNzQzOTIzMzg2NTQxNRj9-RM&sigh=fndMCLGzro8&uach_m=[UACH]&cid=CAQSSwBygQiDUo8P_fQVivArfhelJ-nYRE_r9_ZRUGvWsrQEYPFWr3KWn6jT01HXpAPvhRjGEQ2tuXyzEVej3EvEG8QANzn4BFh2HtDmXxgB&vt=10 Requested by Host: 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com URL: https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers
GET DATA	200 OK	truncated / Frame 02D8	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 001cfdb07494cd641b1f70e9c39cf618d59fed0f53d57a91dffb08c71851ec73 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/png
POST H2	204	csi csi.gstatic.com/ Frame 6B4A	0 45 B	388ms 147ms	Ping image/gif	2607:f8b0:4023:1002::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ljr1egva&c=2361588229887&slotId=1180794114943.5&qqid=CJWHuu_2-f8CFUpg4Aod-VMF5g&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C324123032%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:1002::5e Fort Worth, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:52 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 6B4A	15 KB 16 KB	33ms 33ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 01 Jul 2023 17:04:15 GMT x-content-type-options nosniff age 410196 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 30 Jun 2024 17:04:15 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 6B4A	15 KB 15 KB	21ms 21ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sat, 01 Jul 2023 03:30:27 GMT x-content-type-options nosniff age 459024 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 30 Jun 2024 03:30:27 GMT
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 6B4A	0 56 B	55ms 54ms	Image image/gif	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CWtMd456mZNWJDcrAgQf5p5WwDtyIn8Bwv87urMkR59vWqrwBEAEglZvKIWCVgoCAyAfIAQWpAs75TLsbNrI-qAMByAObBKoE9wFP0EUln-4hU1Jvf8bY14byUKDiDjZkZ4ft4HQ2EPIXDqRY22abH5ogeJkgSk_0QwiRFisEVgnbCl78YxadAg-vckCqIKYXFXOhbdzmokAcPTMVYBpGT1dGjK50BJLZzaXT3ewsl17bftLxGJ5qKZXCzQszdaDrUmaSIKwjvzmHLTpWP46V91nJxqxlEntLv7RQ-7s8Rj3GfXaOcOmUmi3KAm1LH8jMi4HmwsbqGo849Sl26Z2KqED2agw8fKS_bEfy3raY64qJMPWUq-Q4CSQ4jLKOu91K8oqgV9R8B6uMoKU1RUbRAml_3Ikx9OfE5z8deLAcIn5XwATknPrBygTgBAOQBgGgBnaAB5CK6IQEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHgCwGADAGwE7W3nhPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwE&eventType=clickstring&clientTime=1688641251824&ai=CWtMd456mZNWJDcrAgQf5p5WwDtyIn8Bwv87urMkR59vWqrwBEAEglZvKIWCVgoCAyAfIAQWpAs75TLsbNrI-qAMByAObBKoE9wFP0EUln-4hU1Jvf8bY14byUKDiDjZkZ4ft4HQ2EPIXDqRY22abH5ogeJkgSk_0QwiRFisEVgnbCl78YxadAg-vckCqIKYXFXOhbdzmokAcPTMVYBpGT1dGjK50BJLZzaXT3ewsl17bftLxGJ5qKZXCzQszdaDrUmaSIKwjvzmHLTpWP46V91nJxqxlEntLv7RQ-7s8Rj3GfXaOcOmUmi3KAm1LH8jMi4HmwsbqGo849Sl26Z2KqED2agw8fKS_bEfy3raY64qJMPWUq-Q4CSQ4jLKOu91K8oqgV9R8B6uMoKU1RUbRAml_3Ikx9OfE5z8deLAcIn5XwATknPrBygTgBAOQBgGgBnaAB5CK6IQEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHgCwGADAGwE7W3nhPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwE Requested by Host: 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com URL: https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame 6B4A	0 45 B	382ms 147ms	Ping image/gif	2607:f8b0:4023:1002::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ljr1egvk&c=2361588229887&slotId=1180794114943.5&qqid=CJWHuu_2-f8CFUpg4Aod-VMF5g&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.j6&vast_v=4.0&lima_p_ich=0&lima_p_icu=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:1002::5e Fort Worth, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:52 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	vast Show response bid.g.doubleclick.net/dbm/ Frame 6B4A	29 KB 17 KB	133ms 66ms	XHR text/xml	64.233.184.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Ap-W0DxXQv2s_OSIwqwbsx6ncglWtshODWG-k1n3HW8raky4lUxwixXbu8g5zYhptgdfLo3e0lUcWmP2Krq2iDGysIFg&cry=1&dbm_d=AKAmf-C0g5Mk8ikmdZU6wIl6kdTrcVwtIv5sTHIsGGPXJS6BxEviEKhEcbzBX5Ck_jJIZiKnGTzBMzY8h65KI0SAwsm5urr2lPPF4l-6ErsDp2JuVrBs7LXKOOgyECb4nkGf_Zxiq0ZQO4aQDZw60-9Pik6JEy2KBv8uW0ZYzYQI5lhzwGPprbQTdgpe_EwH74zBLmTUL63ak29JPmw6MbI3vv-S3UeBt4h-crMu721EHcI9yGKmVkhMUNXCW5zhBkgTaDq4aXfRuez3jc3Q1Ff454j0TE1Z7g78BN5bPNAf6N7wjGbcjkR2RtrRwOpwnomH5un58429O1oOabok6XjTvbsRgb7PVfqNYGS6rpFz4P1IKro7R4iT4cWCFqtiCCHdJ73reFuR-KU1D9OFz5wWyerdoG21HLebX05t8CBmkprP_YD1YCfHP0ibzAKvs27bLjLIx9z9iKyI0-Up2vBDkQfsQvADsFOxEvdoUmdwZ-RcCbBxy8e7jN0_fm4WaOAK7sHyWvFxNAXabT9vuFr9cUgxdh5KMf6mVGeEljyhIFSws0dSmwVLwwGI1NsHE42u1Vl0ZznRT2Shm_JmN5BGtX_Y6AxNiqTD8j74GmjU24omKsRkkYzgM2sHp_gcxJb5OYUqg4VbuANatZxa9S9x-5XdQk_4o9BO3OV99Eh1FuvROOvDyWyBbBTX-cGGfBlzO1vwANIOxxFOaIHd_7t7fd0FIx2HsbtYc4h8mAwDKTaR1A5laEVXCLvuYUFCkf4g_k8PVlDYMHAtt55OhqaEOqlGVJSjYdQOnr67QYs1VYc4DLEw3JpZaZvnFd6066iElyjnmTtiFXB4bbYVsbwtTEZO-3sYMDbloRX0o_U2NWMYqJckTPiPnu10_w3fORAB4fKKmMQpf0a5BGwSqysS8rINinjV-A3E6hEjH7BXDLt9Z4ikxS3VGHAiFdnph5T58ETcuBGzb8LypaHDPKzFbHg_RlJ4lVkOe9Vpq_vEER9jwFx4oW5xluf9sC85DQaYeIU0un_AjLZvAR9UYv6tKMmuvTAzeDHBQBnJAwMtsP7FqfD-r-WIiBzD9wqz8m0PFrnovpmoEUu5m5OobuqumkhzopLc-EWaqUMB1ZyH2zXhhj3MSHaJPR-Ru0VI4uW5dK7W5YU2r18o7JnweSVmaItwpnU8hnOwAvM3WcRiYVnSqKiHja3zU2zpMCzbmnaldnY3dgemDieVb7yHjCxMZoynJaf9_V_XVuMttq0azR8HRlclkLmDQjpsNTZLvc5DOTr8Rlpr0zzr_UR1ab4T00Mr-d2GsZH68onzVY3o8zct34itmnlkA51FPWSpfqh-vsW5O_a12cI_mL4MYGngMRvOjBEfoOr81u8_SmqLDBWlJXdzzWKVbNwu7R__5hHXbayGgYs4T1yCTwTYEch6aPdB2ThfWsqJhSKqJ9jnsa76c7HFv1wBrxmeTDEMn8vy8zFS9e920487U6imzn5D7WejCYgM_zzV6q6dLN42WBxgasIpVH87s1hSRZ9PxrJC5PsV2ui8TscBchCvTGiY_kjkHZlK41IcP2sbEm-v5Yb8wKPHwoVIjBdCpQzZFl8Z88qix1fRkIXGCQGw_OPdbO_Q5bqvRJu0ucfBE56MxMoooucWEMlcNBEUQn-yKCOgrBHHmjTp77k0EyXG1gsXlqzDxtlfyvw-RH8N3G27-jMMEhNW1Z49C5JNNTABwAJLCTqjSAUtXwzXCJRIYSdARL3GpxrP3h-h-xpFBgGsR9PQxG40rbHmBnY9vcrBh5AnW8sWdIJGN4dwJd6OLM1gbYClv36vao7oKnAPsHIvNvpE_N7GIpQAFJWhUmMzhsk7JbGVnqKLHkY_hQrbsfEJG0NZ8dKX2vuSHg1qEiVKBfioLxdbgpgt6kfPgORJwTypfQg6dVt0nimNEKeroAZsIkhCRktodmK5Fg_AMHBjAqx7EYolMq768yU4UXdBiRJ7XH2DgnMpQJGfqe86GxfRSDPlvBvAB1tHIzh6v_4WPWyrO_aEY4O7LGp77Bp3tiDuPRByFmoNDrSj0cYmjJAksHgkZZC4IgRECZGNqQn2cdhui3fJlM8yp8T0VCz9zea0TrtHY3spi021EkkZVhgLmBir-YoPvIbu0ym27m4kd5RdjbXwR0XNoplw_cBWCq_UcTs5714LmIYi3uESKP_FK9zcQeNOxm7eSNHfi2_cZrIK7ZyBbg6tu-LJq_2Ue1xPYmeBuXmcRtXMRughtq5VhSmFfDAdIP9NTaYOn3G0TSpv9uz7g_-kssAOqK5YR80hcjkG8UWlUEE9JHR3_JdtfldtKgPiApDxmYfZdM0mfWouWRKQLtImjaylNcT5hfhxSOcrJUELTLurtQl536NR5iXCAN0K8VMitUZR4GhLJXm1wnZTQAV2LxOsjZyWrHAUHSshtcaIbc-PRKFMKg2UTC96TJNaRcBCVa1QDXCSjmz9fhnfCRE-q-7G9XxbrBhk1lDXtNN5cT17s3CL--oRgGfhjNUDRO5n7mbbgItCL8Eu04et4T-J8nkCgrASRtQwbpLF3a7AerP8wl0e0DpoFGRKDD5t1RUs61gjANF0GH6P4pwdqTFnwejwBTJxg0gqiwzAvQA4eYuhlbchdoQy9So2AdRl5D_ZdCruskri6YUl4McHN6oyWya5Y0oXJkID_XLzre3Be4AwKu58MISkb0uw9VWw3wKMB0c9yHHFsy94CQrtKgHosPy5UItEeMiHePgXHByhg1Zhs3gjw2x0mczf8mt2fjo_E-SEgolwqfvQWgWNdgVBWjJFQ55P4tmHuaxDUegJsyrpUnO8xEOBms_KzwgFfAlD2qZURTS1am6DUXVm9L85S-36hTkoku5p_1CduUfAS5dvn3diOsdixkfFb6_cvqsoWwCjY-cqmPss17no4Uz0OAflviokoNMDE81dHh_i6E8Mxkf6t2qWzvRz7tMPJ5RAzejeYi4eNXgKtZNjW_CGHV7YReViewA6b-yKxKXJyysePRiQhv84nBkciusFjEKJhMXw9BPCkloHxljwqd1idmsvet82bA-SRNYXcSG9jjCUDzS_woxSuQcylxIS1Y5JMSWCsYFDDdAxFXpmB_qc4bokOJuqZ2_Uf__EDUTxCh88gFNlh0u0WO32XY8kMfbE8mEwr7N-Qv3spOXYCpa1TNX2hLKjNKDa2azoSJ7wui5gcFQECgn4y4xuUdgBqQt0QA8ddeQdxP6LWkdQnul-0rNgoZ_CYg1_C2SWLJa_iWC0q7I-FQHkstADbyUlF0JtERXRHzPbm55wSCM2sUq9o6Vv_359PluShksc-BmYz367NzcfFTZcEmw7CGwFHNfwPP42FNJdtcZ6lJl583xkun1yHNC6I478cVmtw0abPp5mWlw0V5aMZKeg-yI1hW4UxeWNbctoQfaqWPrVtbZ29Q_pH-u5FwGGuGExia1DzDNyaos5C13rqWiXhfMrQqm_9OUnKMX_BP6MNLS4prETF8R2OzxJHzWacu60OoeqRBKQcNVlX9-ByEUkNx6YB8yLUTKFiTJXNepLCZ5W112hj2EsPz4EwYm0gQbtcGU8_fdKIuMYwTWTryJxKktDNvJuoaSuHfqVTcsMUaKGvYJQPE0r_D2pbBuY3ILa3Hn9WkkdM6XBsss5X8EgrqPq6vrT7AHaOUNWYMijnL6bCQLAp3jog9oxMEg2pLZBncuZq-3g3SBFX68MBLbsSkjh91x_aoTQaUogCDEnJeWRPmiFDuWYmOvYDqMlbTUuJkgPivn9tmAZCebyOXWqdpF0VNGwIsLkL9BJCYoZW94rhoAFTosyftygQB8AHjgHwShRChrMD-23MOwlUxWzee2OhDKQTk9E2-Ln-cuF_sU0-L5jSv__sj6-W2KICYuD7q06&cid=CAQSLgBygQiDp8gnjW7b0r_SgRxB4Og6sR1grUXYkzwy1PJQplHP20idrslCaipk94MYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.233.184.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS wa-in-f157.1e100.net Software cafe / Resource Hash d095f01f5a1295a53d974c6128c11bc2f6a930f6d6f299df82e96bd9947287a8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:51 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16791 x-xss-protection 0 pragma no-cache server cafe content-type text/xml; charset=UTF-8 access-control-allow-origin https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 6B4A	0 0	61ms 59ms	Fetch text/html	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CkdYd456mZNWJDcrAgQf5p5WwDtyIn8Bwv87urMkR59vWqrwBEAEglZvKIWCVgoCAyAfIAQWpAs75TLsbNrI-qAMBqgT0AU_QRSWf7iFTUm9_xtjXhvJQoOIONmRnh-3gdDYQ8hcOpFjbZpsfmiB4mSBKT_RDCJEWKwRWCdsKXvxjFp0CD69yQKogphcVc6Ft3OaiQBw9MxVgGkZPV0aMrnQEktnNpdPd7CyXXtt-0vEYnmoplcLNCzN1oOtSZpIgrCO_OYctOlY_jpX3WcnGrGUSe0u_tFD7uzxGPcZ9do5w6ZSaLcoCbUsfyMyLgebCxuoajzj1KXbpndKp2gP5nnruanrjCSZRtBUwmQXrkglNsaXHJhmGEYSSxcpeSbPbLe8shZRUH8sQ2xWjQlPERcFjqRCdonnRYWfABOSc-sHKBOAEA4gF6fHw9EqSBQYIAxABGAGSBQYIGxABGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB5CK6IQEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQnfQaGO7W1ugB0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAbATtbeeE8gT5fXE4gPQEwDYEwqIFALYFAHQFQGAFwGyFx4KHAgAEhRwdWItNzUwNzQzOTIzMzg2NTQxNRj9-RPoFwE&sigh=Zdjge6nqotU&uach_m=[UACH]&cid=CAQSLgBygQiDp8gnjW7b0r_SgRxB4Og6sR1grUXYkzwy1PJQplHP20idrslCaipk94MYAQ&vt=10 Requested by Host: 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com URL: https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers
GET DATA	200 OK	truncated / Frame 6B4A	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5ec7ee3281f6244502f750773d2ede45889eb9adb8ca39b36427b0747216d739 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 0EF9 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHKZYkTBfEso1GMxCNIpeRo&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHKZYkTBfEso1GMxCNIpeRo&google_cver=1&C=1	43 B 766 B	24ms 24ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHKZYkTBfEso1GMxCNIpeRo&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjoqcLbATAB&v=APEucNVt3mYsk7F9j98SHVF-j_0QTiXEzZ1Dz_W2KU8VnQ7qDCT9jW7fa7v3m1zZR4lChSDPWF15XHGS0Feodn9DE6K7nokKTVGBu7yFsCmcf0nBOc7aUZ9_rMZN6UNzHXxhG3nO9iLymGWykQymEEQYUuwoqbAMEUzthdEUoQdGLeWFOW0hZG17yk3IyAJZvFO4aYZxIV64AJDKfepu0e1OpPOvNeVHxg Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Thu, 06 Jul 2023 11:00:52 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers Pragma no-cache Date Thu, 06 Jul 2023 11:00:52 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location /rum?cm_dsp_id=45&external_user_id=CAESEHKZYkTBfEso1GMxCNIpeRo&google_cver=1&C=1 Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=500 Content-Length 0 Expires 0
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 0EF9 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZKae5Dg9LIsGG14OcC2XHQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMWpECZUYhG2kItQyt3Z0po&google_cver=1	43 B 766 B	23ms 23ms	Image image/gif	185.80.39.216 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMWpECZUYhG2kItQyt3Z0po&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjoqcLbATAB&v=APEucNVt3mYsk7F9j98SHVF-j_0QTiXEzZ1Dz_W2KU8VnQ7qDCT9jW7fa7v3m1zZR4lChSDPWF15XHGS0Feodn9DE6K7nokKTVGBu7yFsCmcf0nBOc7aUZ9_rMZN6UNzHXxhG3nO9iLymGWykQymEEQYUuwoqbAMEUzthdEUoQdGLeWFOW0hZG17yk3IyAJZvFO4aYZxIV64AJDKfepu0e1OpPOvNeVHxg Protocol HTTP/1.1 Server 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Thu, 06 Jul 2023 11:00:52 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=498 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Thu, 06 Jul 2023 11:00:52 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMWpECZUYhG2kItQyt3Z0po&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 0EF9 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEL_Nd5jG_bVrlko1Dyk-4hE&google_cver=1	43 B 1 KB	220ms 207ms	Image image/gif	37.252.171.21 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEL_Nd5jG_bVrlko1Dyk-4hE&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjoqcLbATAB&v=APEucNVt3mYsk7F9j98SHVF-j_0QTiXEzZ1Dz_W2KU8VnQ7qDCT9jW7fa7v3m1zZR4lChSDPWF15XHGS0Feodn9DE6K7nokKTVGBu7yFsCmcf0nBOc7aUZ9_rMZN6UNzHXxhG3nO9iLymGWykQymEEQYUuwoqbAMEUzthdEUoQdGLeWFOW0hZG17yk3IyAJZvFO4aYZxIV64AJDKfepu0e1OpPOvNeVHxg Protocol HTTP/1.1 Server 37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Pragma no-cache Date Thu, 06 Jul 2023 11:00:52 GMT AN-X-Request-Uuid 31c5bc58-3ad6-4bf6-9b21-51c163166303 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 217.114.218.28; 217.114.218.28; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Thu, 06 Jul 2023 11:00:51 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEL_Nd5jG_bVrlko1Dyk-4hE&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 0EF9 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU4Nzc1ODQxNTUxNDAwMzM5NA%3D%3D	170 B 243 B	33ms 33ms	Image image/png	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU4Nzc1ODQxNTUxNDAwMzM5NA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxDHxKr-AhjoqcLbATAB&v=APEucNVt3mYsk7F9j98SHVF-j_0QTiXEzZ1Dz_W2KU8VnQ7qDCT9jW7fa7v3m1zZR4lChSDPWF15XHGS0Feodn9DE6K7nokKTVGBu7yFsCmcf0nBOc7aUZ9_rMZN6UNzHXxhG3nO9iLymGWykQymEEQYUuwoqbAMEUzthdEUoQdGLeWFOW0hZG17yk3IyAJZvFO4aYZxIV64AJDKfepu0e1OpPOvNeVHxg Protocol H2 Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:51 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Thu, 06 Jul 2023 11:00:51 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 217.114.218.28; 217.114.218.28; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 9fcb7c73-29ce-409a-8dee-ad7a251a3332 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU4Nzc1ODQxNTUxNDAwMzM5NA%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 181A	0 56 B	55ms 55ms	Ping image/gif	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3754300653365&version=m202301230201 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 181A	0 56 B	57ms 56ms	Ping image/gif	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3754300653365&version=m202301230201&ct=76&x=1&cor=10361204185516399000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 181A	89 KB 37 KB	64ms 62ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOlfRHfbgLHmTKGwH3L_-SmA6mTBYzDaS22mv4VgVDgkGhJIBNFt5dHv49XIvLgMtTibTkFz713bpoERbHfGFG4d8OHQ&cry=1&dbm_d=AKAmf-BfEBb6i1kNW_P4aj-Mf-wSRXz3FDGOnCWNvKga9eGRj0x94-j01pae4ENHYvXk0kEGzZPAlwOQHIpjS-GAhKdzOho4f5_VkLeEx7qflZgdDQjEBOdw44cA46_5_QjiOKwVTmKWr2oUGBS9AGYpGQkUHjK_eJEvq7nY-RX4nxNlJ-AI62WGJi7ZjyBlGeex0hzv9MmPYHQo7IoEnknBwCh_cRyWg0kuCvBzA6QRBCKweing460F1r_GgVjXYwUU3tWhEcLZFa430ROtge0rIS5CIUkk0-MXMYQdA451-wDlhsuti1FpLGhMaz6S2icxDL-_Wn75z6ZgbhUfrsndxLhG8noSMJBEDuamGm2zj1FgIsBiIV4KDX2A5iWbDfmXGBNOcdOGnQBjgQk60nD-EBMM2W9UNFPBNjGvxhryCaviFE_0sFj53eOoNsOwwVxo_F2eomr5hX-o-K6RxnY7r3QId5p7k9ZeCjPJ4fqxw2hPkNYTk9PS_7JxmTcHBXgsQr4se2PANU0ipByNpCxiruoLIcXkrKylZVYlSidA4I7v09bEywAWVUfnSKrMkEjom6zJvgTRBizrx7zYs9JJHPBvsf-a111HCiw9CS8ruye7PDwtAFZFHpuRmdP_F09mJbZo8N7CIgYWaWNow_mPhYWJ5rfE0_UugHxEVYopx_7btOl76Ep7KnqXQBB86wcxUw2XhrSJI073cgM7mHDRAfDmxvNwN-NtYcel2YnUdzl2LcwzmNOvXyyLGw7Cpk_tgjnFfQZYv0dbjNpno7T1SINP9GD-dtt9kC6NZ-qSG1I0MwklItWQQvrD77BYz7vuFUyrVIgNhXs9dLpLgdQqKKSEQhPM_jB22GLADLaMu7LgWwJDsebIwRlqbS2fXpymqAU5VwT0s7yltyh6gW4aD0cuyX0yQQbddDAxC8O00uQ8-0mElNg8-vkgZQ3XNPd3BxZUWq71XdjiQuCx-fxJt7-jk0mDDYkmgMe6ne_9GKZSZeCJ7OM3TKvSREiKFc2278Me6AhjQTN-yr8Z71SB6SAqQvEtZaqkmB-YtUp0syfvjeZTs2Uk_AALW9l4nLdWWjtsBGaiCuiyxHg7FwYNe9zYNBhMK-kP3hyY6HYI_JhWsbCUsuH5sbDilQ9M8hMxOCE4QKku4NH3C-WqzMFKD-UWvEmCWizSnyVvkmhD6aPaZQx2LLis7mm1CUveZ8aXgyg9Kf38oFmkMJARTDJd1hQGVykBK03Ei_eH2v8aB6nzZ5FxH_OmDykyqJxEnYEuhFL9k4wJmfscB-f2U-jnpWyd7jEuwMfeTohZGQIX0BWOwdObnIXOlwzx8NkW2KHq1rcGbDMCbUgceLPU05QCmxLgUeNdHtNxJDeAaYUtsNkBEHFH7ZH4gcGSZqsQ6k1BZtvU3vtItSzf92KQ9wqTY6tDnRbhYQEP1GdUpzU2PfAlgFFpMmJf9VrjYlEGp-EQiYxl3R7J79bGV7NH-2OjRXANzoNgdnozqWhWqzwhDOjxGD0Vz8y4svTy2_SKeoGBvbE-Y0VkVL66-Q2AN2stUYaw0zPFRKMo4jVaLMrAYiS2gk0QohhxXq1ByxWMeoTc76l_ihjfU8Pta9Q6a0gKq_8n6unV7S7ibHlXSpwBFS2-W7Phk0PElsI5KMofjVOVWVS4nsOc5DTWOU2GOGi1joh6358w5URtzizd_ZOGPYrzYuTgKChqfEwclXihUwadInDHotkWEBC1oER2dXlhZ495tbQivyA4lDgFR1azpdbX1Gw9noS9sAP3t1QPUIh-5ucwrw2NL4NS9mR68jXV1oBIySY02zdjLfpxDvUxQowloipsmd_W0tHSSSdsLasTDqAMoJwkxMQXlmbb5zDqsRZeToggryt5J4s2WLCQa6gGJZcN8lrf52JB3SN8BH2rVQZ6k-VqK1rxIUw93BuInZAix3h7GeshccrCOdup3rg-Hf4mcjjHgTEZgKMorN4cVJYSsdNlWZb1XE742bTjHpSYGxfMEajagzeSRnt0qWB23_wJSqBa8dqOlHbRhoZ2GO_QH3iXcQ4Id6tuwD4E2-4DJazsKVsIfMfvJY088ovvGSN6yd_yTzzLgoBUTrlzPtLATxPsp1GNfUpd6HWXcBcPSMk_1rHs8i_GVzmjoOCkSiBxTPshO45qnzGbG4O8GNl9K0RtfJf_S3yD9gQzQQ-rCC7eBoHaOnp9eZErVZ8J7OMhDRDXYuYGCtsBLOeaqCWyfGtNxqap-fU4VmlK-PwZAf0ULtpTbNJvbZFYpOqNi2iNn3dQu9kHDeGVTmSpza5UI_a4zrEYV_pbOFvviWYqmLLS-Oyv6sbnGBwkhTGlm2trWL0IKtsVw9KL1t0VIXgKkhi1t23hczAA7AsM0EPVTbIQOQhrTn3eR7JimYMGxyFhM2qJDpGamEiDdDDiJlTsO_JhB416yX56MATplHOnQR5RX97irQ5IIlTryKnYf3JA1LusXkEC6nIlK6psmkfQG4fk38PbYl9LsPEPTghuG-HC5IaDkYxwJqA4L_tx1dOdsqnTaK5qriaFT9VmAX0A91m3fwDuVqE54p-tNIdR2fitt-tHKBAZyUXwAPkUwJd2JQrxa0iNfJ1BRZ3mhly3mUrt56jJYO-K5oug9E7AoEFyFrxjOAM-RKs9e0dvakwMeK8zRwd153siIErremjoh53QLcTumNWZqsLkBJA6J4TAVbSM97Woxngi_04e6jgNUVgpSPPIkiFkgZW_1dEkZkCMdQEWfvBOiZknUkniTtrF0GMFN-ChfdSVr-Lv3visV2iAdpxNyBaGzNDu3XXoKh6hfvaWRk6OCd030P3tuqUW7ZRlwXl9iD-1Fqi34-VVAqShPFC8iefuPKfVOYMCXEIu1UtM0_WwBId53KZ1qdgU5kfJLGove1LExun5RENCS_4Vn37CkChu0JxGEJIuXl4ppN1yDdw2ztDLbjemqOB8i2Aq7eL-oGplX9zft3ZPw41-iBHgP--IchSPuZlKl8JcgRf-mQOQ-iPgB9JianIVW3PWGTj8uLPjkZxSIfp4Dn1kOgIZloqAR8xuFuo1p_QdZRI7asfYXPiCqjqRTw2_Z00iawjkt-xTATRel5WY0tXQeWkJ-9zNo0xE8iEXQiw8k2e_YllTZ9MiYcLIkn05dsRsLZVL3zBbCQ8pNsrDLhf9Z27N7laEAS82XY0Vp1pNH_SKSOkyq4QkjSbPzVXf4BE1p-s-wYG44rg8rA-mp-ZA7RyJj3W6SdN5RzqzdQI3gnfUGQ7_wtll5ilwEQLzA4zPa9loHRlc9v5XxyfhAViZ03wiOeQt5Ylp8ChBitSHEXelkHFyvujq-7sZExc87OK9BIIFrCdVCpMbyZfYIS2WmB_RFoxVUqSZJ-TzGz89ptVT9T7Qk4VLPWfjA4JdO_WlrLHLRCBAQZfoWvpAvqD25f9Rsq1TJRg0PrRW-a2MRSSoncPD9F_KqIzkjbhS2B6qOyODnT0z1Ss-vezpR_SZ1tMZELioXCDkCrLaTWX5aZISI9K-pe41xubZP7-BcPFil15ckkRo6AuvL2meNUoIpID4lAVibpAj7jk6S3CnrZlyppwCicjXJr5CZI2comg-P-zM8S-eiS2qBg686F2k67Z_GSvRH_psUeHUfOyYuss7SrO7s9J2ieI3iE-yNBVJnIUGvbpD_RDs9R32NB-McZHsXNmSZDEujKalHZRHTD_wDOoTk3U1w13OYYwySB90D8Qc25L74XUQ8-wdQX5HZAqljFeOaAfzLh4WPg8V&cid=CAQSSwBygQiDi2rRzPNHgap2m2Q1GOEE6NdXR-AwhkaQ626fZwSjNq4fBcH1kJGQpH7PmKJRR76aSOINLNVePL_VD6Yy8vBzmzo__Bi-TBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fd.aydogs.com%2F&ds=l&xdt=1&iif=1&cor=10361204185516399000&adk=1964084972&idt=189&cac=0&dtd=14 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ff7baf5ec609b345b028b659a1a3e5f223a86065d34b05db5c89b3b74b179645 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:51 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37650 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame 6B4A	0 54 B	239ms 149ms	Ping image/gif	2607:f8b0:4023:1002::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ljr1egvr&c=2361588229887&slotId=1180794114943.5&qqid=CJWHuu_2-f8CFUpg4Aod-VMF5g&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:1002::5e Fort Worth, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:52 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	HdsydzJK.js Show response tpc.googlesyndication.com/sodar/ Frame 6B4A	41 KB 15 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/HdsydzJK.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 30 Jun 2023 17:15:18 GMT content-encoding gzip x-content-type-options nosniff age 495933 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15407 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 29 Jun 2024 17:15:18 GMT
HEAD H/1.1	200 OK	file.mp4 r2---sn-4g5edn6k.c.2mdn.net/videoplayback/id/112c87ac3c9195d6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720177251/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 6B4A Redirect Chain https://gcdn.2mdn.net/videoplayback/id/112c87ac3c9195d6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720177251/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa... https://r2---sn-4g5edn6k.c.2mdn.net/videoplayback/id/112c87ac3c9195d6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720177251/sparams/acao,ctier,expire,id,ip,ipbits,ita...	0 0	222ms 137ms	Fetch video/mp4	2a00:1450:4001:d::7 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r2---sn-4g5edn6k.c.2mdn.net/videoplayback/id/112c87ac3c9195d6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720177251/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6A9E2C026A483A70E0135E8FC838623967EE275C.7586F77D9DE4FEC3949EB88A8FEDB61F30D931DF/key/cms1/cms_redirect/yes/mh/NA/mip/2001:1b60:2:240:3247::11/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1688640394/mv/u/mvi/2/pl/29/file/file.mp4 Requested by Host: d.aydogs.com URL: https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== Protocol HTTP/1.1 Server 2a00:1450:4001:d::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Thu, 06 Jul 2023 11:00:52 GMT X-Content-Type-Options nosniff Connection close Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Content-Length 2296407 Last-Modified Mon, 01 May 2023 16:00:40 GMT Server gvs 1.0 Vary Origin Content-Type video/mp4 Access-Control-Allow-Origin null Access-Control-Expose-Headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms Cache-Control private, max-age=86400 Access-Control-Allow-Credentials true Accept-Ranges bytes Timing-Allow-Origin null Expires Thu, 06 Jul 2023 11:00:52 GMT Redirect headers date Thu, 06 Jul 2023 11:00:52 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 654 x-xss-protection 0 pragma no-cache server ClientMapServer x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com location https://r2---sn-4g5edn6k.c.2mdn.net/videoplayback/id/112c87ac3c9195d6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720177251/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6A9E2C026A483A70E0135E8FC838623967EE275C.7586F77D9DE4FEC3949EB88A8FEDB61F30D931DF/key/cms1/cms_redirect/yes/mh/NA/mip/2001:1b60:2:240:3247::11/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1688640394/mv/u/mvi/2/pl/29/file/file.mp4 access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	H0ZEmIz7.html Show response tpc.googlesyndication.com/sodar/ Frame 60AE	23 KB 8 KB	23ms 21ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 56108 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 7799 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 05 Jul 2023 19:25:44 GMT expires Thu, 04 Jul 2024 19:25:44 GMT last-modified Sun, 25 Jun 2023 02:58:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 6B4A	0 20 B	57ms 56ms	Image image/gif	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=34&d=1&s=1&f=0.01&li=v_h.0.0.0&bgai=Bsuy6456mZIySOO6AhcIP2I6usA0AAAAAOAHgBAI Requested by Host: d.aydogs.com URL: https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:52 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 181A	111 KB 39 KB	95ms 20ms	Script text/javascript	2a00:1450:4001:811::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: d.aydogs.com URL: https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ Origin https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 10:17:05 GMT content-encoding gzip x-content-type-options nosniff age 2627 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 07 Jul 2023 10:17:05 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20230628/r20110914/elements/html/ Frame 181A	11 KB 4 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230628/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOlfRHfbgLHmTKGwH3L_-SmA6mTBYzDaS22mv4VgVDgkGhJIBNFt5dHv49XIvLgMtTibTkFz713bpoERbHfGFG4d8OHQ&cry=1&dbm_d=AKAmf-BfEBb6i1kNW_P4aj-Mf-wSRXz3FDGOnCWNvKga9eGRj0x94-j01pae4ENHYvXk0kEGzZPAlwOQHIpjS-GAhKdzOho4f5_VkLeEx7qflZgdDQjEBOdw44cA46_5_QjiOKwVTmKWr2oUGBS9AGYpGQkUHjK_eJEvq7nY-RX4nxNlJ-AI62WGJi7ZjyBlGeex0hzv9MmPYHQo7IoEnknBwCh_cRyWg0kuCvBzA6QRBCKweing460F1r_GgVjXYwUU3tWhEcLZFa430ROtge0rIS5CIUkk0-MXMYQdA451-wDlhsuti1FpLGhMaz6S2icxDL-_Wn75z6ZgbhUfrsndxLhG8noSMJBEDuamGm2zj1FgIsBiIV4KDX2A5iWbDfmXGBNOcdOGnQBjgQk60nD-EBMM2W9UNFPBNjGvxhryCaviFE_0sFj53eOoNsOwwVxo_F2eomr5hX-o-K6RxnY7r3QId5p7k9ZeCjPJ4fqxw2hPkNYTk9PS_7JxmTcHBXgsQr4se2PANU0ipByNpCxiruoLIcXkrKylZVYlSidA4I7v09bEywAWVUfnSKrMkEjom6zJvgTRBizrx7zYs9JJHPBvsf-a111HCiw9CS8ruye7PDwtAFZFHpuRmdP_F09mJbZo8N7CIgYWaWNow_mPhYWJ5rfE0_UugHxEVYopx_7btOl76Ep7KnqXQBB86wcxUw2XhrSJI073cgM7mHDRAfDmxvNwN-NtYcel2YnUdzl2LcwzmNOvXyyLGw7Cpk_tgjnFfQZYv0dbjNpno7T1SINP9GD-dtt9kC6NZ-qSG1I0MwklItWQQvrD77BYz7vuFUyrVIgNhXs9dLpLgdQqKKSEQhPM_jB22GLADLaMu7LgWwJDsebIwRlqbS2fXpymqAU5VwT0s7yltyh6gW4aD0cuyX0yQQbddDAxC8O00uQ8-0mElNg8-vkgZQ3XNPd3BxZUWq71XdjiQuCx-fxJt7-jk0mDDYkmgMe6ne_9GKZSZeCJ7OM3TKvSREiKFc2278Me6AhjQTN-yr8Z71SB6SAqQvEtZaqkmB-YtUp0syfvjeZTs2Uk_AALW9l4nLdWWjtsBGaiCuiyxHg7FwYNe9zYNBhMK-kP3hyY6HYI_JhWsbCUsuH5sbDilQ9M8hMxOCE4QKku4NH3C-WqzMFKD-UWvEmCWizSnyVvkmhD6aPaZQx2LLis7mm1CUveZ8aXgyg9Kf38oFmkMJARTDJd1hQGVykBK03Ei_eH2v8aB6nzZ5FxH_OmDykyqJxEnYEuhFL9k4wJmfscB-f2U-jnpWyd7jEuwMfeTohZGQIX0BWOwdObnIXOlwzx8NkW2KHq1rcGbDMCbUgceLPU05QCmxLgUeNdHtNxJDeAaYUtsNkBEHFH7ZH4gcGSZqsQ6k1BZtvU3vtItSzf92KQ9wqTY6tDnRbhYQEP1GdUpzU2PfAlgFFpMmJf9VrjYlEGp-EQiYxl3R7J79bGV7NH-2OjRXANzoNgdnozqWhWqzwhDOjxGD0Vz8y4svTy2_SKeoGBvbE-Y0VkVL66-Q2AN2stUYaw0zPFRKMo4jVaLMrAYiS2gk0QohhxXq1ByxWMeoTc76l_ihjfU8Pta9Q6a0gKq_8n6unV7S7ibHlXSpwBFS2-W7Phk0PElsI5KMofjVOVWVS4nsOc5DTWOU2GOGi1joh6358w5URtzizd_ZOGPYrzYuTgKChqfEwclXihUwadInDHotkWEBC1oER2dXlhZ495tbQivyA4lDgFR1azpdbX1Gw9noS9sAP3t1QPUIh-5ucwrw2NL4NS9mR68jXV1oBIySY02zdjLfpxDvUxQowloipsmd_W0tHSSSdsLasTDqAMoJwkxMQXlmbb5zDqsRZeToggryt5J4s2WLCQa6gGJZcN8lrf52JB3SN8BH2rVQZ6k-VqK1rxIUw93BuInZAix3h7GeshccrCOdup3rg-Hf4mcjjHgTEZgKMorN4cVJYSsdNlWZb1XE742bTjHpSYGxfMEajagzeSRnt0qWB23_wJSqBa8dqOlHbRhoZ2GO_QH3iXcQ4Id6tuwD4E2-4DJazsKVsIfMfvJY088ovvGSN6yd_yTzzLgoBUTrlzPtLATxPsp1GNfUpd6HWXcBcPSMk_1rHs8i_GVzmjoOCkSiBxTPshO45qnzGbG4O8GNl9K0RtfJf_S3yD9gQzQQ-rCC7eBoHaOnp9eZErVZ8J7OMhDRDXYuYGCtsBLOeaqCWyfGtNxqap-fU4VmlK-PwZAf0ULtpTbNJvbZFYpOqNi2iNn3dQu9kHDeGVTmSpza5UI_a4zrEYV_pbOFvviWYqmLLS-Oyv6sbnGBwkhTGlm2trWL0IKtsVw9KL1t0VIXgKkhi1t23hczAA7AsM0EPVTbIQOQhrTn3eR7JimYMGxyFhM2qJDpGamEiDdDDiJlTsO_JhB416yX56MATplHOnQR5RX97irQ5IIlTryKnYf3JA1LusXkEC6nIlK6psmkfQG4fk38PbYl9LsPEPTghuG-HC5IaDkYxwJqA4L_tx1dOdsqnTaK5qriaFT9VmAX0A91m3fwDuVqE54p-tNIdR2fitt-tHKBAZyUXwAPkUwJd2JQrxa0iNfJ1BRZ3mhly3mUrt56jJYO-K5oug9E7AoEFyFrxjOAM-RKs9e0dvakwMeK8zRwd153siIErremjoh53QLcTumNWZqsLkBJA6J4TAVbSM97Woxngi_04e6jgNUVgpSPPIkiFkgZW_1dEkZkCMdQEWfvBOiZknUkniTtrF0GMFN-ChfdSVr-Lv3visV2iAdpxNyBaGzNDu3XXoKh6hfvaWRk6OCd030P3tuqUW7ZRlwXl9iD-1Fqi34-VVAqShPFC8iefuPKfVOYMCXEIu1UtM0_WwBId53KZ1qdgU5kfJLGove1LExun5RENCS_4Vn37CkChu0JxGEJIuXl4ppN1yDdw2ztDLbjemqOB8i2Aq7eL-oGplX9zft3ZPw41-iBHgP--IchSPuZlKl8JcgRf-mQOQ-iPgB9JianIVW3PWGTj8uLPjkZxSIfp4Dn1kOgIZloqAR8xuFuo1p_QdZRI7asfYXPiCqjqRTw2_Z00iawjkt-xTATRel5WY0tXQeWkJ-9zNo0xE8iEXQiw8k2e_YllTZ9MiYcLIkn05dsRsLZVL3zBbCQ8pNsrDLhf9Z27N7laEAS82XY0Vp1pNH_SKSOkyq4QkjSbPzVXf4BE1p-s-wYG44rg8rA-mp-ZA7RyJj3W6SdN5RzqzdQI3gnfUGQ7_wtll5ilwEQLzA4zPa9loHRlc9v5XxyfhAViZ03wiOeQt5Ylp8ChBitSHEXelkHFyvujq-7sZExc87OK9BIIFrCdVCpMbyZfYIS2WmB_RFoxVUqSZJ-TzGz89ptVT9T7Qk4VLPWfjA4JdO_WlrLHLRCBAQZfoWvpAvqD25f9Rsq1TJRg0PrRW-a2MRSSoncPD9F_KqIzkjbhS2B6qOyODnT0z1Ss-vezpR_SZ1tMZELioXCDkCrLaTWX5aZISI9K-pe41xubZP7-BcPFil15ckkRo6AuvL2meNUoIpID4lAVibpAj7jk6S3CnrZlyppwCicjXJr5CZI2comg-P-zM8S-eiS2qBg686F2k67Z_GSvRH_psUeHUfOyYuss7SrO7s9J2ieI3iE-yNBVJnIUGvbpD_RDs9R32NB-McZHsXNmSZDEujKalHZRHTD_wDOoTk3U1w13OYYwySB90D8Qc25L74XUQ8-wdQX5HZAqljFeOaAfzLh4WPg8V&cid=CAQSSwBygQiDi2rRzPNHgap2m2Q1GOEE6NdXR-AwhkaQ626fZwSjNq4fBcH1kJGQpH7PmKJRR76aSOINLNVePL_VD6Yy8vBzmzo__Bi-TBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fd.aydogs.com%2F&ds=l&xdt=1&iif=1&cor=10361204185516399000&adk=1964084972&idt=189&cac=0&dtd=14 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 05 Jul 2023 23:23:11 GMT content-encoding br x-content-type-options nosniff age 41861 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4172 x-xss-protection 0 server cafe etag 16731591232229431525 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 19 Jul 2023 23:23:11 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20230628/r20110914/ Frame 181A	30 KB 11 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230628/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOlfRHfbgLHmTKGwH3L_-SmA6mTBYzDaS22mv4VgVDgkGhJIBNFt5dHv49XIvLgMtTibTkFz713bpoERbHfGFG4d8OHQ&cry=1&dbm_d=AKAmf-BfEBb6i1kNW_P4aj-Mf-wSRXz3FDGOnCWNvKga9eGRj0x94-j01pae4ENHYvXk0kEGzZPAlwOQHIpjS-GAhKdzOho4f5_VkLeEx7qflZgdDQjEBOdw44cA46_5_QjiOKwVTmKWr2oUGBS9AGYpGQkUHjK_eJEvq7nY-RX4nxNlJ-AI62WGJi7ZjyBlGeex0hzv9MmPYHQo7IoEnknBwCh_cRyWg0kuCvBzA6QRBCKweing460F1r_GgVjXYwUU3tWhEcLZFa430ROtge0rIS5CIUkk0-MXMYQdA451-wDlhsuti1FpLGhMaz6S2icxDL-_Wn75z6ZgbhUfrsndxLhG8noSMJBEDuamGm2zj1FgIsBiIV4KDX2A5iWbDfmXGBNOcdOGnQBjgQk60nD-EBMM2W9UNFPBNjGvxhryCaviFE_0sFj53eOoNsOwwVxo_F2eomr5hX-o-K6RxnY7r3QId5p7k9ZeCjPJ4fqxw2hPkNYTk9PS_7JxmTcHBXgsQr4se2PANU0ipByNpCxiruoLIcXkrKylZVYlSidA4I7v09bEywAWVUfnSKrMkEjom6zJvgTRBizrx7zYs9JJHPBvsf-a111HCiw9CS8ruye7PDwtAFZFHpuRmdP_F09mJbZo8N7CIgYWaWNow_mPhYWJ5rfE0_UugHxEVYopx_7btOl76Ep7KnqXQBB86wcxUw2XhrSJI073cgM7mHDRAfDmxvNwN-NtYcel2YnUdzl2LcwzmNOvXyyLGw7Cpk_tgjnFfQZYv0dbjNpno7T1SINP9GD-dtt9kC6NZ-qSG1I0MwklItWQQvrD77BYz7vuFUyrVIgNhXs9dLpLgdQqKKSEQhPM_jB22GLADLaMu7LgWwJDsebIwRlqbS2fXpymqAU5VwT0s7yltyh6gW4aD0cuyX0yQQbddDAxC8O00uQ8-0mElNg8-vkgZQ3XNPd3BxZUWq71XdjiQuCx-fxJt7-jk0mDDYkmgMe6ne_9GKZSZeCJ7OM3TKvSREiKFc2278Me6AhjQTN-yr8Z71SB6SAqQvEtZaqkmB-YtUp0syfvjeZTs2Uk_AALW9l4nLdWWjtsBGaiCuiyxHg7FwYNe9zYNBhMK-kP3hyY6HYI_JhWsbCUsuH5sbDilQ9M8hMxOCE4QKku4NH3C-WqzMFKD-UWvEmCWizSnyVvkmhD6aPaZQx2LLis7mm1CUveZ8aXgyg9Kf38oFmkMJARTDJd1hQGVykBK03Ei_eH2v8aB6nzZ5FxH_OmDykyqJxEnYEuhFL9k4wJmfscB-f2U-jnpWyd7jEuwMfeTohZGQIX0BWOwdObnIXOlwzx8NkW2KHq1rcGbDMCbUgceLPU05QCmxLgUeNdHtNxJDeAaYUtsNkBEHFH7ZH4gcGSZqsQ6k1BZtvU3vtItSzf92KQ9wqTY6tDnRbhYQEP1GdUpzU2PfAlgFFpMmJf9VrjYlEGp-EQiYxl3R7J79bGV7NH-2OjRXANzoNgdnozqWhWqzwhDOjxGD0Vz8y4svTy2_SKeoGBvbE-Y0VkVL66-Q2AN2stUYaw0zPFRKMo4jVaLMrAYiS2gk0QohhxXq1ByxWMeoTc76l_ihjfU8Pta9Q6a0gKq_8n6unV7S7ibHlXSpwBFS2-W7Phk0PElsI5KMofjVOVWVS4nsOc5DTWOU2GOGi1joh6358w5URtzizd_ZOGPYrzYuTgKChqfEwclXihUwadInDHotkWEBC1oER2dXlhZ495tbQivyA4lDgFR1azpdbX1Gw9noS9sAP3t1QPUIh-5ucwrw2NL4NS9mR68jXV1oBIySY02zdjLfpxDvUxQowloipsmd_W0tHSSSdsLasTDqAMoJwkxMQXlmbb5zDqsRZeToggryt5J4s2WLCQa6gGJZcN8lrf52JB3SN8BH2rVQZ6k-VqK1rxIUw93BuInZAix3h7GeshccrCOdup3rg-Hf4mcjjHgTEZgKMorN4cVJYSsdNlWZb1XE742bTjHpSYGxfMEajagzeSRnt0qWB23_wJSqBa8dqOlHbRhoZ2GO_QH3iXcQ4Id6tuwD4E2-4DJazsKVsIfMfvJY088ovvGSN6yd_yTzzLgoBUTrlzPtLATxPsp1GNfUpd6HWXcBcPSMk_1rHs8i_GVzmjoOCkSiBxTPshO45qnzGbG4O8GNl9K0RtfJf_S3yD9gQzQQ-rCC7eBoHaOnp9eZErVZ8J7OMhDRDXYuYGCtsBLOeaqCWyfGtNxqap-fU4VmlK-PwZAf0ULtpTbNJvbZFYpOqNi2iNn3dQu9kHDeGVTmSpza5UI_a4zrEYV_pbOFvviWYqmLLS-Oyv6sbnGBwkhTGlm2trWL0IKtsVw9KL1t0VIXgKkhi1t23hczAA7AsM0EPVTbIQOQhrTn3eR7JimYMGxyFhM2qJDpGamEiDdDDiJlTsO_JhB416yX56MATplHOnQR5RX97irQ5IIlTryKnYf3JA1LusXkEC6nIlK6psmkfQG4fk38PbYl9LsPEPTghuG-HC5IaDkYxwJqA4L_tx1dOdsqnTaK5qriaFT9VmAX0A91m3fwDuVqE54p-tNIdR2fitt-tHKBAZyUXwAPkUwJd2JQrxa0iNfJ1BRZ3mhly3mUrt56jJYO-K5oug9E7AoEFyFrxjOAM-RKs9e0dvakwMeK8zRwd153siIErremjoh53QLcTumNWZqsLkBJA6J4TAVbSM97Woxngi_04e6jgNUVgpSPPIkiFkgZW_1dEkZkCMdQEWfvBOiZknUkniTtrF0GMFN-ChfdSVr-Lv3visV2iAdpxNyBaGzNDu3XXoKh6hfvaWRk6OCd030P3tuqUW7ZRlwXl9iD-1Fqi34-VVAqShPFC8iefuPKfVOYMCXEIu1UtM0_WwBId53KZ1qdgU5kfJLGove1LExun5RENCS_4Vn37CkChu0JxGEJIuXl4ppN1yDdw2ztDLbjemqOB8i2Aq7eL-oGplX9zft3ZPw41-iBHgP--IchSPuZlKl8JcgRf-mQOQ-iPgB9JianIVW3PWGTj8uLPjkZxSIfp4Dn1kOgIZloqAR8xuFuo1p_QdZRI7asfYXPiCqjqRTw2_Z00iawjkt-xTATRel5WY0tXQeWkJ-9zNo0xE8iEXQiw8k2e_YllTZ9MiYcLIkn05dsRsLZVL3zBbCQ8pNsrDLhf9Z27N7laEAS82XY0Vp1pNH_SKSOkyq4QkjSbPzVXf4BE1p-s-wYG44rg8rA-mp-ZA7RyJj3W6SdN5RzqzdQI3gnfUGQ7_wtll5ilwEQLzA4zPa9loHRlc9v5XxyfhAViZ03wiOeQt5Ylp8ChBitSHEXelkHFyvujq-7sZExc87OK9BIIFrCdVCpMbyZfYIS2WmB_RFoxVUqSZJ-TzGz89ptVT9T7Qk4VLPWfjA4JdO_WlrLHLRCBAQZfoWvpAvqD25f9Rsq1TJRg0PrRW-a2MRSSoncPD9F_KqIzkjbhS2B6qOyODnT0z1Ss-vezpR_SZ1tMZELioXCDkCrLaTWX5aZISI9K-pe41xubZP7-BcPFil15ckkRo6AuvL2meNUoIpID4lAVibpAj7jk6S3CnrZlyppwCicjXJr5CZI2comg-P-zM8S-eiS2qBg686F2k67Z_GSvRH_psUeHUfOyYuss7SrO7s9J2ieI3iE-yNBVJnIUGvbpD_RDs9R32NB-McZHsXNmSZDEujKalHZRHTD_wDOoTk3U1w13OYYwySB90D8Qc25L74XUQ8-wdQX5HZAqljFeOaAfzLh4WPg8V&cid=CAQSSwBygQiDi2rRzPNHgap2m2Q1GOEE6NdXR-AwhkaQ626fZwSjNq4fBcH1kJGQpH7PmKJRR76aSOINLNVePL_VD6Yy8vBzmzo__Bi-TBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fd.aydogs.com%2F&ds=l&xdt=1&iif=1&cor=10361204185516399000&adk=1964084972&idt=189&cac=0&dtd=14 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 05 Jul 2023 23:23:11 GMT content-encoding br x-content-type-options nosniff age 41861 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11545 x-xss-protection 0 server cafe etag 12064860844701496540 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 19 Jul 2023 23:23:11 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 181A	41 KB 13 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: d.aydogs.com URL: https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 04 Jul 2023 13:52:35 GMT content-encoding br x-content-type-options nosniff age 162497 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13692 x-xss-protection 0 last-modified Sun, 25 Jun 2023 02:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 03 Jul 2024 13:52:35 GMT
POST H2	204	csi csi.gstatic.com/ Frame 02D8	0 45 B	178ms 150ms	Ping image/gif	2607:f8b0:4023:1002::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ljr1egu5&c=8284531598989&slotId=4142265799494.5&qqid=CPHytu_2-f8CFY8EVQgd9A8DjA&fb=outstream-lima&vast_v=2.0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:1002::5e Fort Worth, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:52 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	71364485 Show response unified.adsafeprotected.com/v2/1014661/ Frame 02D8	21 KB 6 KB	307ms 93ms	XHR text/xml	34.245.252.75 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://unified.adsafeprotected.com/v2/1014661/71364485?mon=71364486&omidPartner=Google2&apiframeworks=7&bundleId=&ias_xappb=&ias_dspId=3&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=v4~~&originalVast=https://ad.doubleclick.net/ddm/pfadx/N7442.1972103DOUBLECLICKBIDMANAG/B27601193.367223508%3Bsz%3D0x0%3BAUCTIONID%3DABAjH0iR18X6KSP0k8FnoyJ8CZMu%3BEXCHANGEID%3D1%3BSELLERID%3D1945813436108%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.0.0.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://d.aydogs.com/ennovelas.php%253Fpost%253DeyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wv%3Bdc_ref_truncated%3D1%3Fves%3DdGltZXN0YW1wOiAxNjg4NjQxMjUxOTk0CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdVptWWV5bzhLZEU5NmVlelJrZDBRMWVIR0pidm5tOUtiS25HMllhNUtvTkRUUnVsOUlQVkhhSlpwb2ZKMW5HdEQ1cDBIYmpwbUNYNm56UWRGaktYZDVmaVBjODNIanJLd3d1cEtrT0REajNEdXJwa0liMWFKUWlGSkNQYUpodWxoelJMc25uWV9LOWEtTE9YUWZjQllRamszaGVFdGxVcThYaVRHOHE0SklaeDdUV0JIVVE5T2dCeVFLYnVuTWRrZ2ZiaWl5U25wR0NESFA2aG85dlRlQ1psSzZGUEJEbWpOQnR6UWtyd2Nhb3I4UktPUlVNV25GOXU4UzJrWHl1QmJiQlR1SmRBSlRzQXJLQ0hqMnA3WnIzLVk4eFMxdjVvN05RUlNoUGpFYWY3YUswdXMzdmEzUHpSNm42MHZ3ZHQwT1E4X1ZYNjgtMXZ6UHlGUWoxVHg0a04wS2lsLXloV1FLai1JdEpSaTU2bzVTdWF1RmFUYzBMakt3UFFSUUtockRBc3ZHdUNZbmI4MlU3RTZTNVpKVHZjWVlsc2FjMEZURzZ3NjhuY3hxclF1UG5uY3FmWGxQendPN3pDNzhkSC12dFFyWXUzWGEwYW9IMTBtQ3ZCQXFkbmVUZm96OTZOcjdSN0t5SDlfUFJhMDNUVE1PVHZsWEFuaXAtd29UNUc4UU9yM1o1TlY4M29FRmVqd2FxdTdURVVLdjU0cXBPYXJFWFpPNWF6VDJNQjhwOTdLY3A2Uk9wTWVscUhlYlZzUGUwS2xDWmsyX2lRU3RjR2RFcUlYbVpSRUlQalBNWC14SGpaZTRYYmdiN09wNTlOTVBQazh0LXpSRDhHNTFYdmZGQkF3eUVqRGxDTGdieUNHT0RRSV9vVlM2ZHppc0hxRDhfUlFZQUZZcTN3NDN0a2puVkQybnFTUldWeGdHbklVZU1qZGRWRk9ROWY3WGtFcmNILWdjSHp6ZW9fSXdUOUNzMnF2LXNiSTNkOVl6MWx2NUZOM0Zlb29QaGpJMGJBcFZNc1NWQVgyVlVzT0VYRk9PdHV0cENiV05WdmZLUEltY2N2OXNRRFQ4VnhhWWE3aGdRSEVveF95b1pZLVU3RldwMEdXRU9rQUNqcGhlRmVGak1rY0loam5pbGFuUkgtS2NROGQxbmRYSGFJXzJSMEZOTnd2Y3V0Y1Q4QWY0WHFTQmhvQ3dSSGlQOE1tZUxFa21XS0dMcHhtQk40dW0yMGYyOGRwd1ZfWjM2V2ZkWUpLbkJULThOV04wd09sbkpwblB5QjRyeEFXNlJpVUhqbm9DRFBKcDNrN1JVSFpoQnV5LTk1WDFYdXhjdGtQUjV6UlBkUFFib1hIbDFCYTVaU2Y3ekNvTmpLeXNrRW8tSWdPdnZuVjV0MlZ1QmNNSTRyS0dWbEdCR1FKU0FVdVdseXYwRjdPZkw3VFotcVBuUVd1MGtuOTZ4eC1Ndkp0emQzSjZiQWJBZWo2MEhXLUxickUzdXA4WGlsOXlCRHpBSUVxVDFKTXJWT2JEQlBZUHVHdnlETHhtYXVaNWNQWS01dHFvb1lkUzN3aFQxN2xYYUlNeEdkZG1XX0YxRHVuNllmQkJmSmtjZnZva1ZTb3h1S0Z0ajlMYm5CUTRUZDllU0ZYcW5mbENJcU1LckhYb1EyT1ktSVJXaHZHc2Vkb2g1M1RkVFR0dGp4WUg3dW1GMjRRQXJxUDVSUHNQQjM4VGlpWTJEUE9LcUx3WWN6M05JT0pldjY3anpBJnNhaT1BTWZsLVlRaXhRY2pVcTZOenJMS3FGeHk1dkd2YWllVlZfdlItODZ1d1pvV2oxMFkzYzQ1VEZpOTZiSzZVcTV5eERiZ0xnMV9NV1drTXpVT1AwMHZFeG96N1BWd3Qtbl9XYTJzRGNoUWhZN19tSXcydEtIUy01aFlMZURFSXFMMlcwWUV6NUFtWXk1MF9ad1A5LUR1RzBkWlhwT2FWTUdiMHNyYUg0VHBzUUpqcTFYMlJobWhfVzg1SS1BRktxbFVpRVAxXzY1UmN6ckRnbXNtZk03Z1U5MnBENk1FZW5vWDdpbUhMaFpyZEFxNk5Ndl9YdGFNOUViZnRWSVAyTzZ5bnNBVURLSmdtVXFlcDFzNGFiVm8xY2I3NzVhdzl1V282RWE4UDI3NGUxQlEyMkNZOEkyVnBfbU9tMWJTRTFPZzQ5TFpQUWMmc2lnPUNnMEFyS0pTekNIS2p2clJKS05HRUFFJmNyeT0xJmZic19hZWlkPVtnd19mYnNhZWlkXSZ1cmxmaXg9MSZhZHVybD1odHRwczovL3d3dy5jaXNjby5jb20vYy9kZV9kZS9zb2x1dGlvbnMvaHlicmlkLXdvcmsvcmVxdWVzdC1kZW1vLmh0bWwlM0ZDQ0lEJTNEY2MwMDI0NjQlMjZPSUQlM0RkbW9jbzAyODYxMCUyNkRUSUQlM0RwZGlwcmcwMDAwMDElMjZkY2xpZCUzRCUyNWVkY2xpZCEiCg%26dc_cid%3D191547418%26dc_adid%3D557904688 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.245.252.75 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-245-252-75.eu-west-1.compute.amazonaws.com Software / Resource Hash e777f7f45baf0df24a4079fb8e12bc1db43cba2286418e6b920082c7e33e2805 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Thu, 06 Jul 2023 11:00:52 GMT Content-Encoding gzip Vary Origin Content-Type text/xml; charset=UTF-8 Access-Control-Allow-Origin https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com Cache-Control private, no-cache, no-store, must-revalidate, proxy-revalidate Access-Control-Allow-Credentials true Connection keep-alive Request-Id cij9tp1i8lnmvu6nhll0 Content-Length 5690
GET DATA	200 OK	truncated / Frame 181A	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 339ecf7b8b0e2528474374f5794878878af035ebd86eb032cb54bd2f87dbb247 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/png
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame A683	22 KB 8 KB	23ms 21ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 162191 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 04 Jul 2023 13:57:41 GMT expires Wed, 03 Jul 2024 13:57:41 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response pagead2.googlesyndication.com/bg/ Frame 60AE	38 KB 14 KB	22ms 22ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 05 Jul 2023 10:17:57 GMT content-encoding br x-content-type-options nosniff age 88975 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14768 x-xss-protection 0 last-modified Mon, 26 Jun 2023 15:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 04 Jul 2024 10:17:57 GMT
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/17496557209186318969/ Frame C3A4	45 KB 6 KB	67ms 22ms	Document text/html	2a00:1450:4001:811::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/17496557209186318969/index.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 44dc626630b4d56c899ce4f0c6375ced04ab02ff8d5473e51799e55737f349c9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 111041 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 6318 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Wed, 05 Jul 2023 04:10:11 GMT expires Thu, 04 Jul 2024 04:10:11 GMT last-modified Thu, 02 Mar 2023 21:23:28 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 181A	0 0	144ms 71ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsssVyuFZuCzwvFI5_hgP70GOGaaYdERKkANDtOEGWOrDgdvdqYXHgVhLGEBw5YJ8EMUEN7uV639P-NcaMclFSPrLIBW1AMRp6TSani_IkxcBZPn7hPuuCYMb1-TO2eZg8paT_KOR4pSqc9dkgO9pORGygkI1wpchbMQRpuiu50zwicRuDhBh6LENPkQu6a2KficTMRiMWyoxfVd7nEGWheFHCB0jRt7zDFQ6qCblYhKJ5mf-QeuccHNbgDxeJrpeGpHCHF8NmhSGoiwxXH_UdEQpBCNj_LLjslNuwPpxR_r_D2bXk3tJ-ZaM7bojrTfvnZtSCqFoObR3Hgde2LTnZVdrp-WtHmFsRpaTSVLXPLAwpN-UQ3BwPBm4Gurn5EEXuYetL5UXm1kElT22UH8i3X2_M38-m_g-Xj2OHuBogHb8JScIAKUTRpn73OTyzyWlnlqfZAYc-Pj-p3m0n3xdE5_HsoDVnymSGGxbb0ZtkTKFnhbpdGSv_z1nqc_xH7UKMrDms1iD9Pl-pz8_IRemztXCdV5g493ZkkHlBGSJTJxrmlmOOJIWz6r8bqUya-UzVX_slsMtlCMBnDTTj1vO6yNyHkoN74yPVa3duYixLMQfKumYk9XJzibvVFAZFgVdOZRoKzw3RQjYcyf1TH63d8TAM6OIfMAfE5JcrwsaE_0rgNuLc-CAi6Pm4cgzBGgm4nqMkoNlbntXsGf7UgesF_vTGK9oDc_o23x3qWJ9zxTkObwbgmZYZTO1QMHyd2wxdQeIW9KuZH2nCVnTajbuyDk8y8aM1Sjk6qf8Q3yer0--zOkg3NpYXrfBcVC011l9A0RCz7tyOmVyFlFmoBW5LTX2R9VQLU-gJ29I6W7xXEfXccPhLk4KXzXoLtI2nnZ_BxiOdSqvLnaYvQCnJDn25CWUS4vadVDZHys4IgX38IqTAe6XUPdGCuQb3lJT3eTYgGQh_7Z7z3VM72p_5Gy-l8FBnlV41gW1_czcfhECa6EKSMIa5RsB6r3o5PdjeUS3OCnbi6xUf06OC9OkSIlEHmvitnQWy9sGGxm2Tt4w5B3HPcYXH4WsfeGM8JmzywLrpXN_MVkSNyyjFUjEexmLAD2Gdumog6vSOVyzI0vgatTIi8pqfqAVrvQn3XPR2CVRJXSnUnNX2PPWrgjEWaHECVJtglesX-Qc7hDgcueQ5XdgvU1X_URP4HXaz8cE3nd2YKdc3EU&sai=AMfl-YT-SAZDgNvz9ZgPx6rkg4XjDOmsTbIHFH8u1kgLuT-IM-ciNeThBnhZLHtS-m-Komfr_yZo4cuSF5Bf_PXAit7mvus3HZZ3TReOG-mRDWIH1V679J1BjjDHGxqApE0h4EBATIBKo1kwOmqYB9uQ3naLUaXafnJIiLMzOVLTWuJmj9xaTpFp7iqyE4sDpPIvHniPw3Jspq-cT1BJ4-Y5NArgFL5L9YiVO-9ApsnfMzSurivsrNa02OeOCgMBc0N97GsE9EbqzuzDxjQYOzbihheeXWeO7T1X&sig=Cg0ArKJSzNzZTEq7BVPEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=130&cbvp=1&cstd=126&cisv=r20230628.12341&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: d.aydogs.com URL: https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Thu, 06 Jul 2023 11:00:52 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * cache-control private access-control-allow-credentials true timing-allow-origin * expires Thu, 06 Jul 2023 11:00:52 GMT
GET H2	200	ca choices.truste.com/ Frame 181A	27 KB 27 KB	98ms 28ms	Image text/javascript	65.9.86.23 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont8&w=728&h=90 Requested by Host: 988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com URL: https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.86.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-86-23.ams1.r.cloudfront.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 05:16:35 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains via 1.1 0186e9c41d0aebb13c1398b95b7f4756.cloudfront.net (CloudFront) content-security-policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; x-amz-cf-pop AMS1-C1 cross-origin-embedder-policy unsafe-none age 20657 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin x-xss-protection 1; mode=block pragma no-cache referrer-policy origin server nginx cross-origin-opener-policy unsafe-none expect-ct max-age=31536000 x-frame-options SAMEORIGIN vary Accept-Encoding, Origin content-type text/javascript;charset=UTF-8 cache-control private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 permissions-policy geolocation=(), microphone=(), payment=() x-amz-cf-id 8NvRnmqdFPKnaRjFLgxVTV5oM_a5fTcH7ynd6p0m94bio4WDdbaFaQ== expires Mon, 26 Jul 1997 05:00:00 GMT
GET H3	200	AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response pagead2.googlesyndication.com/bg/ Frame A683	38 KB 14 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 05 Jul 2023 10:17:57 GMT content-encoding br x-content-type-options nosniff age 88975 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14768 x-xss-protection 0 last-modified Mon, 26 Jun 2023 15:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 04 Jul 2024 10:17:57 GMT
GET H3	200	53adf3c004f481c8e3ae8cc4f454770c.js Show response s0.2mdn.net/sadbundle/17496557209186318969/ Frame C3A4	100 KB 29 KB	22ms 21ms	Script application/x-javascript	2a00:1450:4001:811::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/17496557209186318969/53adf3c004f481c8e3ae8cc4f454770c.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17496557209186318969/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0670185f2eb3358c22652816027e5272d687126c4fa4c3095f721522f6dae40a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17496557209186318969/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 10:09:50 GMT content-encoding gzip x-content-type-options nosniff age 3062 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29259 x-xss-protection 0 last-modified Thu, 02 Mar 2023 21:23:28 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 05 Jul 2024 10:09:50 GMT
GET H3	200	metrichpe_501_normal.ttf s0.2mdn.net/sadbundle/17496557209186318969/fonts/ Frame C3A4	59 KB 24 KB	24ms 23ms	Font font/ttf	2a00:1450:4001:811::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/17496557209186318969/fonts/metrichpe_501_normal.ttf Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17496557209186318969/53adf3c004f481c8e3ae8cc4f454770c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3865c0dbe6b11b3a32b8c600acaeda70bae7b1f8287d566bcc0613c217907f2c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/17496557209186318969/index.html?ev=01_250 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 04:05:48 GMT content-encoding gzip x-content-type-options nosniff age 24904 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24241 x-xss-protection 0 last-modified Thu, 02 Mar 2023 21:23:28 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 05 Jul 2024 04:05:48 GMT
GET H3	200	8e493e4428fc103db3191da83a8775d0.jpg s0.2mdn.net/sadbundle/17496557209186318969/media/ Frame C3A4	14 KB 14 KB	29ms 28ms	Image image/jpeg	2a00:1450:4001:811::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/17496557209186318969/media/8e493e4428fc103db3191da83a8775d0.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17496557209186318969/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 608b4742e840e98757ce147a69e9c51bce390ecb572dfb7a1ec231748e05acdc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17496557209186318969/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sun, 02 Jul 2023 09:00:14 GMT x-content-type-options nosniff age 352838 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14143 x-xss-protection 0 last-modified Thu, 02 Mar 2023 21:23:28 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 01 Jul 2024 09:00:14 GMT
GET H3	200	395d370bde56edb1a7a13cb7c151fd9f.svg s0.2mdn.net/sadbundle/17496557209186318969/media/ Frame C3A4	4 KB 2 KB	33ms 33ms	Image image/svg+xml	2a00:1450:4001:811::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/17496557209186318969/media/395d370bde56edb1a7a13cb7c151fd9f.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17496557209186318969/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae9ec49acaff45c6a341e9a552d546bd6fea845331c314261be35a40c37ddc7f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17496557209186318969/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sun, 02 Jul 2023 09:00:14 GMT content-encoding gzip x-content-type-options nosniff age 352838 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1630 x-xss-protection 0 last-modified Thu, 02 Mar 2023 21:23:28 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 01 Jul 2024 09:00:14 GMT
GET H3	206	file.mp4 r2---sn-4g5edn6k.c.2mdn.net/videoplayback/id/112c87ac3c9195d6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720177251/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 6B4A	2 MB 2 MB	47ms 23ms	Media video/mp4	2a00:1450:4001:d::7 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r2---sn-4g5edn6k.c.2mdn.net/videoplayback/id/112c87ac3c9195d6/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1720177251/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/6A9E2C026A483A70E0135E8FC838623967EE275C.7586F77D9DE4FEC3949EB88A8FEDB61F30D931DF/key/cms1/cms_redirect/yes/mh/NA/mip/2001:1b60:2:240:3247::11/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1688640394/mv/u/mvi/2/pl/29/file/file.mp4 Requested by Host: d.aydogs.com URL: https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:d::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 5047455aa81e988a1dbb439c843c361504224ce28403959a5553afa3b23707aa Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Range bytes=0- Response headers expires Thu, 06 Jul 2023 11:00:52 GMT date Thu, 06 Jul 2023 11:00:52 GMT x-content-type-options nosniff Content-Range bytes 0-2296406/2296407 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Content-Length 2296407 last-modified Mon, 01 May 2023 16:00:40 GMT server gvs 1.0 vary Origin content-type video/mp4 access-control-allow-origin https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=86400 access-control-allow-credentials true accept-ranges bytes timing-allow-origin https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com client-protocol quic
POST H2	204	csi csi.gstatic.com/ Frame 02D8	0 54 B	144ms 144ms	Ping image/gif	2607:f8b0:4023:1002::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~ljr1eh1h&c=8284531598989&slotId=4142265799494.5&qqid=CPHytu_2-f8CFY8EVQgd9A8DjA&fb=outstream-lima&vmfc=10&vhc=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:1002::5e Fort Worth, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:52 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	HdsydzJK.js Show response tpc.googlesyndication.com/sodar/ Frame 02D8	41 KB 15 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/HdsydzJK.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 30 Jun 2023 17:15:18 GMT content-encoding gzip x-content-type-options nosniff age 495934 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15407 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 29 Jun 2024 17:15:18 GMT
HEAD H/1.1	200 OK	file.mp4 r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 02D8 Redirect Chain https://gcdn.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa... https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/acao,ctier,expire,id,ip,ipbits,ita...	0 0	204ms 28ms	Fetch video/mp4	2a00:1450:4001:d::6 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/171B0D4449726BF005D92A53909FF97E0C13962E.737D9F5C6998C2D2D07115979187F0C33CF4E52F/key/cms1/cms_redirect/yes/mh/NA/mip/2001:1b60:2:240:3247::11/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1688640394/mv/u/mvi/1/pl/29/file/file.mp4 Requested by Host: d.aydogs.com URL: https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== Protocol HTTP/1.1 Server 2a00:1450:4001:d::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Thu, 06 Jul 2023 11:00:52 GMT X-Content-Type-Options nosniff Connection close Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Content-Length 5227658 Last-Modified Thu, 11 May 2023 05:26:02 GMT Server gvs 1.0 Vary Origin Content-Type video/mp4 Access-Control-Allow-Origin null Access-Control-Expose-Headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms Cache-Control private, max-age=86400 Access-Control-Allow-Credentials true Accept-Ranges bytes Timing-Allow-Origin null Expires Thu, 06 Jul 2023 11:00:52 GMT Redirect headers date Thu, 06 Jul 2023 11:00:52 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 654 x-xss-protection 0 pragma no-cache server ClientMapServer x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com location https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/171B0D4449726BF005D92A53909FF97E0C13962E.737D9F5C6998C2D2D07115979187F0C33CF4E52F/key/cms1/cms_redirect/yes/mh/NA/mip/2001:1b60:2:240:3247::11/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1688640394/mv/u/mvi/1/pl/29/file/file.mp4 access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame 02D8	0 54 B	144ms 144ms	Ping image/gif	2607:f8b0:4023:1002::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~ljr1eha7&c=8284531598989&slotId=4142265799494.5&qqid=CPHytu_2-f8CFY8EVQgd9A8DjA&fb=outstream-lima&gpm_i=8&gpm_c=8&gpm_a=8&smb=1000&br=793&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.yg~videopreviewvisible.yq&ape=1 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:1002::5e Fort Worth, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:52 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	metrichpe_401_normal.ttf s0.2mdn.net/sadbundle/17496557209186318969/fonts/ Frame C3A4	60 KB 25 KB	22ms 22ms	Font font/ttf	2a00:1450:4001:811::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/17496557209186318969/fonts/metrichpe_401_normal.ttf Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17496557209186318969/53adf3c004f481c8e3ae8cc4f454770c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 671fca35d060e3ce06bbe0848b80e47be23f3322befbeb57bbce5d46994c846b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/17496557209186318969/index.html?ev=01_250 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 04:05:48 GMT content-encoding gzip x-content-type-options nosniff age 24904 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26072 x-xss-protection 0 last-modified Thu, 02 Mar 2023 21:23:28 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 05 Jul 2024 04:05:48 GMT
GET H3	200	metrichpe_601_normal.ttf s0.2mdn.net/sadbundle/17496557209186318969/fonts/ Frame C3A4	61 KB 26 KB	27ms 27ms	Font font/ttf	2a00:1450:4001:811::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/17496557209186318969/fonts/metrichpe_601_normal.ttf Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17496557209186318969/53adf3c004f481c8e3ae8cc4f454770c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 39c7c602e0d57a569539f7e8e0b2d75a9f5aa9bb38d59782d2011d9e35c07d77 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/17496557209186318969/index.html?ev=01_250 Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 04:05:48 GMT content-encoding gzip x-content-type-options nosniff age 24904 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26501 x-xss-protection 0 last-modified Thu, 02 Mar 2023 21:23:28 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 05 Jul 2024 04:05:48 GMT
GET H3	200	3da15c1a1519d4142b61be4acb2551ca.jpg s0.2mdn.net/sadbundle/17496557209186318969/media/ Frame C3A4	20 KB 20 KB	42ms 41ms	Image image/jpeg	2a00:1450:4001:811::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/17496557209186318969/media/3da15c1a1519d4142b61be4acb2551ca.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17496557209186318969/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 59b122193996b704d97e25c4b10369a2c0e7c514dbef92ad01fafc8412f483dc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17496557209186318969/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 04:03:12 GMT x-content-type-options nosniff age 284260 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20743 x-xss-protection 0 last-modified Thu, 02 Mar 2023 21:23:28 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 02 Jul 2024 04:03:12 GMT
GET H3	200	bf92c8be83eeb2dbf186eb1436ebcb5e.svg s0.2mdn.net/sadbundle/17496557209186318969/media/ Frame C3A4	4 KB 2 KB	46ms 45ms	Image image/svg+xml	2a00:1450:4001:811::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/17496557209186318969/media/bf92c8be83eeb2dbf186eb1436ebcb5e.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17496557209186318969/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6648009549b81e81582f3fb8345dd6305ee4a232fd4eac4fd803a78cb69b0c1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17496557209186318969/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 06:05:11 GMT content-encoding gzip x-content-type-options nosniff age 17741 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1630 x-xss-protection 0 last-modified Thu, 02 Mar 2023 21:23:28 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 05 Jul 2024 06:05:11 GMT
GET H3	200	H0ZEmIz7.html Show response tpc.googlesyndication.com/sodar/ Frame 88D5	23 KB 8 KB	34ms 27ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 56108 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 7799 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 05 Jul 2023 19:25:44 GMT expires Thu, 04 Jul 2024 19:25:44 GMT last-modified Sun, 25 Jun 2023 02:58:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 60AE	0 20 B	59ms 58ms	Image image/gif	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bsuy6456mZIySOO6AhcIP2I6usA0AAAAAOAHgBAI&bg=!QkGlQRXNAAb90kgr3dI7ADkAdvg8Wk_VAEk6UB-lEDPcjkfqHv7fl2_fM5ZSBWNQveOFl-uy7wicaZUF0CVzvYirKbQvp7z5F4ACAAAA_FIAAAAHaAEHmQLzBdLAZVFkorri_WFVpD3HSs51eocJO01LoOucYXO8rMa6fJuWpJKgI6Gp0fyToKLtp6vmws2Yo5OkdgAMGygZwmi_hPUn6U8RpUrNAIuhvqYt_cMIxKDDKlVdSjIKrWhHDB2G2FidTg-vA4YGlwbAkxKxf5rtgECE-0KxsIR2iB-O5fAMN_vTBij6BMJ8DU7RuNJecDy5ws3976e16X9KMuErU8jzOVb0IDw6_m0yih58SFjmOHWms9y39DzMbZt2DrZoqze4gxdsGIzoTC0vsUq2XXaaFdbwalvejTMyv8eHKSICMxlkrs_Nwhfoyv4A-LN1VbcjVLs20hk4XHlWzYEkpK8SNsq-guhNqciTPANRvt2U21yWVWk5kSVqOGHVUrzuSh8AxgQkI3Xx3v4Irfdg2UUbCHWQWaW4xF6WHGSU8FWWbH0v0lCBPdNucnH1jOLOSJdK5MYTpdnu4RRo4iKxpdH-cNZz_M9d1lmMcSSGvlsf_j_UVrcN4KyKpyUoRtrXg3nNec-_7hoKNqaSUCB_jqmDoPwHIRrsHmg9-Xy8fFwQAFvEVkvsO9J2EhXROQt1uEBmqC2W7e9EXR7tEzAGEicAug9I_Hujw0k4llBt1oy57U94UN23wfqeUF_R6I09ZxISopw-eEFeoEp_s_3zJ6P_oNAHtoS-s5CfcU0K6GrhhwLTS9bHTkNiwoCkzYK3L3i8gQCU9bS8zZN7F7sJa9k1cu-InLd46yV_xKrvj4n9Dra_wc5qAdjm4-Jzq0OFyF952JqE2FdboB_PHWtAgZ55UxVNf06T8Ioj836iFuDn8lJbmxLYwtGwkiZJlnQTcxV7AunxX1nUgjFCwn0U9sk-e3uUULcDT1QZ3cBcpSX5pjcm3F2rKhxkadG5aLF1F4lm0EC0ojN5jyNzm3S9HLkzuE7cDO-kJ7yKGwdsZaSGMINbQFSCgHPixgCqU9qwz-0SH6W2rYHnaQecWhfeLu5cIqHBhrJ6Y2QWsRcajjM Requested by Host: d.aydogs.com URL: https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:52 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 181A	0 0	61ms 60ms	Fetch image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsssVyuFZuCzwvFI5_hgP70GOGaaYdERKkANDtOEGWOrDgdvdqYXHgVhLGEBw5YJ8EMUEN7uV639P-NcaMclFSPrLIBW1AMRp6TSani_IkxcBZPn7hPuuCYMb1-TO2eZg8paT_KOR4pSqc9dkgO9pORGygkI1wpchbMQRpuiu50zwicRuDhBh6LENPkQu6a2KficTMRiMWyoxfVd7nEGWheFHCB0jRt7zDFQ6qCblYhKJ5mf-QeuccHNbgDxeJrpeGpHCHF8NmhSGoiwxXH_UdEQpBCNj_LLjslNuwPpxR_r_D2bXk3tJ-ZaM7bojrTfvnZtSCqFoObR3Hgde2LTnZVdrp-WtHmFsRpaTSVLXPLAwpN-UQ3BwPBm4Gurn5EEXuYetL5UXm1kElT22UH8i3X2_M38-m_g-Xj2OHuBogHb8JScIAKUTRpn73OTyzyWlnlqfZAYc-Pj-p3m0n3xdE5_HsoDVnymSGGxbb0ZtkTKFnhbpdGSv_z1nqc_xH7UKMrDms1iD9Pl-pz8_IRemztXCdV5g493ZkkHlBGSJTJxrmlmOOJIWz6r8bqUya-UzVX_slsMtlCMBnDTTj1vO6yNyHkoN74yPVa3duYixLMQfKumYk9XJzibvVFAZFgVdOZRoKzw3RQjYcyf1TH63d8TAM6OIfMAfE5JcrwsaE_0rgNuLc-CAi6Pm4cgzBGgm4nqMkoNlbntXsGf7UgesF_vTGK9oDc_o23x3qWJ9zxTkObwbgmZYZTO1QMHyd2wxdQeIW9KuZH2nCVnTajbuyDk8y8aM1Sjk6qf8Q3yer0--zOkg3NpYXrfBcVC011l9A0RCz7tyOmVyFlFmoBW5LTX2R9VQLU-gJ29I6W7xXEfXccPhLk4KXzXoLtI2nnZ_BxiOdSqvLnaYvQCnJDn25CWUS4vadVDZHys4IgX38IqTAe6XUPdGCuQb3lJT3eTYgGQh_7Z7z3VM72p_5Gy-l8FBnlV41gW1_czcfhECa6EKSMIa5RsB6r3o5PdjeUS3OCnbi6xUf06OC9OkSIlEHmvitnQWy9sGGxm2Tt4w5B3HPcYXH4WsfeGM8JmzywLrpXN_MVkSNyyjFUjEexmLAD2Gdumog6vSOVyzI0vgatTIi8pqfqAVrvQn3XPR2CVRJXSnUnNX2PPWrgjEWaHECVJtglesX-Qc7hDgcueQ5XdgvU1X_URP4HXaz8cE3nd2YKdc3EU&sai=AMfl-YT-SAZDgNvz9ZgPx6rkg4XjDOmsTbIHFH8u1kgLuT-IM-ciNeThBnhZLHtS-m-Komfr_yZo4cuSF5Bf_PXAit7mvus3HZZ3TReOG-mRDWIH1V679J1BjjDHGxqApE0h4EBATIBKo1kwOmqYB9uQ3naLUaXafnJIiLMzOVLTWuJmj9xaTpFp7iqyE4sDpPIvHniPw3Jspq-cT1BJ4-Y5NArgFL5L9YiVO-9ApsnfMzSurivsrNa02OeOCgMBc0N97GsE9EbqzuzDxjQYOzbihheeXWeO7T1X&sig=Cg0ArKJSzNzZTEq7BVPEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=469&vt=11&dtpt=339&dett=3&cstd=126&cisv=r20230628.12341&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: d.aydogs.com URL: https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:52 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Thu, 06 Jul 2023 11:00:52 GMT
GET H/1.1	200 OK	seg-2-v1-a1.ts Show response cdn-cached-fs-35-w.dailymotians.cam/hls/liwaikcuke2nsti77e6cuxqdunq52rnpyx4qdm74z4rjzkpze4pasggnowja/ Frame 88B5	1 MB 1 MB	48ms 48ms	XHR video/mp2t	185.181.60.35 TERRAHOST
General Check archive.org Show headers Download Go to Full URL https://cdn-cached-fs-35-w.dailymotians.cam/hls/liwaikcuke2nsti77e6cuxqdunq52rnpyx4qdm74z4rjzkpze4pasggnowja/seg-2-v1-a1.ts Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.9.5/provider.hlsjs.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.181.60.35 Sandefjord, Norway, ASN56655 (TERRAHOST, NO), Reverse DNS Software nginx / Resource Hash ea37cabf74f65024c3437a24624a0b3d4e6cdb761d8d5ba89de67ba409618d23 Request headers accept-language de-DE,de;q=0.9 Referer https://vidspeeds.com:2096/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Thu, 06 Jul 2023 11:00:52 GMT Last-Modified Sun, 11 Sep 2000 09:00:00 GMT Server nginx ETag "-1-14d7f8" Content-Type video/MP2T Access-Control-Allow-Origin * Cache-Control max-age=43200 Connection keep-alive Accept-Ranges bytes Content-Length 1366008 Expires Thu, 06 Jul 2023 23:00:52 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame A683	0 20 B	63ms 62ms	Image image/gif	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGSz0456mZK7-Op2S1PIPrJGluAcAAAAAOAHgBAI&bg=!5eal5rLNAAb90kgr3dI7ADkAdvg8WrNJuzyc91ywpt-8nQUul4cjMJ0i57PFKRj0EsDw_c4CLu33xQ6cfLU2SIe0IfhEoXolun8CAAABFlIAAAAHaAEHmQLr977ceWVqIy_MgMU5mnqszzodwW-P3MLsDIn7FubMIfOK9zGDaFUEdH82O0orBiu5XyC1-IKGR0ydbY0YPLiBqle08zoRnpvkbyMrviVRB1Q44x-MSCSolRQtmUJkG7oq3vp0OLM4p9pDs8leU3h7EvvF6HDxn_n5QtifSVDe9_wweOf9K512C7mja7Un5XQpCA4tnBr0qSgEMoaox8TNU-9pWHOXUsIDVA6D99W1bm_1xsDwoGF8B_hjSSM8aE_VZXYpXLmEYlXbP0zmsX8YhoghcOR6kNQg9DROd20s1dQpF5Itm68EcOSgPXSu8HV88UyHV8x0lHe78hGyOVLm4ebXGLm4U0e4fon8hbBOdU8Qh2Pjg7rUQJN6lENVqA5xWP0M5UqIpQMTi8HuSU4vLXEKQkgg4B6EJvSEwQWzfNB7BBqI_5-as2Lxb6O0xbhZrReG2j0WrI2W3H1_6tX6-d0ms8WLgmVTEx2KQIM9h3hfXFKEFEddFO8559KCYwNzk5mycXY-rE-YgfwsguvQXtt1lvMK2MHHXkbM5Z_wyIwdMaC9hwXSqcbosnQlXDrya_vQVdm6oeU5YZXboRGxSnr_OCvQQfqDyjWkvWdVzpSM_9V-jHctbpakw2FEOzpHcsxWKTzREovfotZXLZlkoLDS2-QEa5t944s5RZXyXUmlsT9ZLUYFNrIFG-0zkFdnZSkej1VKvZ50SiaZ2GDMx48wbOv4ykjrk3OCMgp1fU4BMI9kVqoqWNdSxAOgCGVTYMMVCsJ3UHfbiIlzHfbdgcxr_27otyO8qDXO75Z5NxkiCug4dXryLinOYg1mbvb8rJuXLNa3XzeTXYfYSVjhInKXEJLpkGgVlDQaootYk-r00pkSk3LtJPG2qXizuMLK0CmOiq7yCMAQuGaBpUlwPWU9SCP6Pc5UzFbtlA3rHN_g0oCmJJrf7Ld5NWms1dX2iX7dSjoHkMMA-12SXZ11XOFhdOPcJAevbWgN Requested by Host: d.aydogs.com URL: https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:52 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	posts Show response d.aydogs.com/wp-json/wp/v2/	83 KB 13 KB	119ms 118ms	Fetch application/json	2606:4700:3030::6815:5a6c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://d.aydogs.com/wp-json/wp/v2/posts?per_page=1 Requested by Host: d.aydogs.com URL: https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:5a6c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af21fc90880bccd97dcd78df58f1e8cbc1f3e611ccde73c5408c905845916c10 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ennovelas.php?post=eyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wvd3d3LmZlbWJlZC5jb21cL3ZcLzR4azdqMWl6MHJsbmpnbm0iLCJ1cHRvc3RyZWFtIjoiaHR0cHM6XC9cL3VwdG9zdHJlYW0uY29tXC9pZnJhbWVcL3E4eW9lZXo3b3cwcSIsInlvdWRib294IjoiaHR0cHM6XC9cL3lvdWRib294LmNvbVwvZW1iZWQtODVseGg2djQ3c3VyLmh0bWwifQ== User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:52 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-litespeed-tag 9a2_HTTP.200 alt-svc h3=":443"; ma=86400 server cloudflare x-wp-totalpages 356 allow GET vary Origin content-type application/json; charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eSZ5esKRWtWuS7iL2%2Bo5EXnfzNBSPRBDkbm0Hdb5R7yIan8v1BgNnWKexTnv1DoX3qAak2ObOUoguJlO5BXKirCcDoRu45BA2Zqrg9XRnnDsXim93jeHfpgTcew7oZRrr%2FTht%2FWEWcJYpA%3D"}],"group":"cf-nel","max_age":604800} access-control-expose-headers X-WP-Total, X-WP-TotalPages, Link x-wp-total 356 x-robots-tag noindex access-control-allow-headers Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type link <https://d.aydogs.com/wp-json/wp/v2/posts?per_page=1&page=2>; rel="next" cf-ray 7e2758b4ff973825-FRA
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	15 KB 12 KB	122ms 80ms	XHR application/json	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306280101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bf5b2ce50f6715645bff68491b7ee227d31e3aea7c96a7dcd0269a11c9ee1522 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:52 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11979 x-xss-protection 0
GET H3	200	AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response pagead2.googlesyndication.com/bg/ Frame 88D5	38 KB 14 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 05 Jul 2023 10:17:57 GMT content-encoding br x-content-type-options nosniff age 88975 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14768 x-xss-protection 0 last-modified Mon, 26 Jun 2023 15:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 04 Jul 2024 10:17:57 GMT
GET H3	206	file.mp4 r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 02D8	3 MB 0	46ms 22ms	Media video/mp4	2a00:1450:4001:d::6 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r1---sn-4g5edn6k.c.2mdn.net/videoplayback/id/e7d6c0ec2786548f/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3828230884/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/171B0D4449726BF005D92A53909FF97E0C13962E.737D9F5C6998C2D2D07115979187F0C33CF4E52F/key/cms1/cms_redirect/yes/mh/NA/mip/2001:1b60:2:240:3247::11/mm/42/mn/sn-4g5edn6k/ms/onc/mt/1688640394/mv/u/mvi/1/pl/29/file/file.mp4 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:d::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Range bytes=0- Response headers expires Thu, 06 Jul 2023 11:00:52 GMT date Thu, 06 Jul 2023 11:00:52 GMT x-content-type-options nosniff Content-Range bytes 0-5227657/5227658 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46" Content-Length 5227658 last-modified Thu, 11 May 2023 05:26:02 GMT server gvs 1.0 vary Origin content-type video/mp4 access-control-allow-origin https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=86400 access-control-allow-credentials true accept-ranges bytes timing-allow-origin https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com client-protocol quic
POST H3	204	csi csi.gstatic.com/ Frame 02D8	0 17 B	147ms 147ms	Ping image/gif	2607:f8b0:4023:1002::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~ljr1ehai&c=8284531598989&slotId=4142265799494.5&qqid=CPHytu_2-f8CFY8EVQgd9A8DjA&fb=outstream-lima&gpm_i=8&gpm_c=8&gpm_a=8&smb=1000&br=793&mt=video%2Fmp4&vs=640x360&ple=0&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Funified.adsafeprotected.com%252Fv2%252F1014661%252F71364485%253Fmon%253D71364486%2526omidPartner%253DGoogle2%2526apiframeworks%253D7%2526bundleId%253D%2526ias_xappb%253D%2526ias_dspId%253D3%2526ias_campId%253D%2526ias_pubId%253D%2526ias_chanId%253D%2526ias_placementId%253D%2526bidurl%253D%2526ias_dealId%253D%2526adsafe_par%2526ias_impId%253Dv4~~%2526originalVast%253Dhttps%253A%252F%252Fad.doubleclick.net%252Fddm%252Fpfadx%252FN7442.1972103DOUBLECLICKBIDMANAG%252FB27601193.367223508%25253Bsz%25253D0x0%25253BAUCTIONID%25253DABAjH0iR18X6KSP0k8FnoyJ8CZMu%25253BEXCHANGEID%25253D1%25253BSELLERID%25253D1945813436108%25253Bord%25253D%25255Btimestamp%25255D%25253Bdc_lat%25253D%25253Bdc_rdid%25253D%25253Btag_for_child_directed_treatment%25253D%25253Btfua%25253D%25253Bdcmt%25253Dtext%252Fxml%25253Bdc_sdkv%25253Dh.0.0.0%25253Bdc_osd%25253D2%25253Bdc_frm%25253D2%25253Bdc_sdr%25253D1%25253Bdc_ref%25253Dhttps%253A%252F%252Fd.aydogs.com%252Fennovelas.php%2525253Fpost%2525253DeyJ2aWRzcGVlZHMiOiJodHRwczpcL1wvdmlkc3BlZWRzLmNvbToyMDk2XC9lbWJlZC1jeHMwdmdvcmZreXcuaHRtbCIsIm9rIjoiaHR0cHM6XC9cL29rLnJ1XC92aWRlb2VtYmVkXC80NDg4Nzk0NTQwNzI4IiwidXFsb2FkIjoiaHR0cHM6XC9cL3VxbG9hZC5jb1wvZW1iZWQtYTB4ZHJreng0bzVhLmh0bWwiLCJmZW1iZWQiOiJodHRwczpcL1wv%25253Bdc_ref_truncated%25253D1%25253Fves%25253DdGltZXN0YW1wOiAxNjg4NjQxMjUxOTk0CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdVptWWV5bzhLZEU5NmVlelJrZDBRMWVIR0pidm5tOUtiS25HMllhNUtvTkRUUnVsOUlQVkhhSlpwb2ZKMW5HdEQ1cDBIYmpwbUNYNm56UWRGaktYZDVmaVBjODNIanJLd3d1cEtrT0REajNEdXJwa0liMWFKUWlGSkNQYUpodWxoelJMc25uWV9LOWEtTE9YUWZjQllRamszaGVFdGxVcThYaVRHOHE0SklaeDdUV0JIVVE5T2dCeVFLYnVuTWRrZ2ZiaWl5U25wR0NESFA2aG85dlRlQ1psSzZGUEJEbWpOQnR6UWtyd2Nhb3I4UktPUlVNV25GOXU4UzJrWHl1QmJiQlR1SmRBSlRzQXJLQ0hqMnA3WnIzLVk4eFMxdjVvN05RUlNoUGpFYWY3YUswdXMzdmEzUHpSNm42MHZ3ZHQwT1E4X1ZYNjgtMXZ6UHlGUWoxVHg0a04wS2lsLXloV1FLai1JdEpSaTU2bzVTdWF1RmFUYzBMakt3UFFSUUtockRBc3ZHdUNZbmI4MlU3RTZTNVpKVHZjWVlsc2FjMEZURzZ3NjhuY3hxclF1UG5uY3FmWGxQendPN3pDNzhkSC12dFFyWXUzWGEwYW9IMTBtQ3ZCQXFkbmVUZm96OTZOcjdSN0t5SDlfUFJhMDNUVE1PVHZsWEFuaXAtd29UNUc4UU9yM1o1TlY4M29FRmVqd2FxdTdURVVLdjU0cXBPYXJFWFpPNWF6VDJNQjhwOTdLY3A2Uk9wTWVscUhlYlZzUGUwS2xDWmsyX2lRU3RjR2RFcUlYbVpSRUlQalBNWC14SGpaZTRYYmdiN09wNTlOTVBQazh0LXpSRDhHNTFYdmZGQkF3eUVqRGxDTGdieUNHT0RRSV9vVlM2ZHppc0hxRDhfUlFZQUZZcTN3NDN0a2puVkQybnFTUldWeGdHbklVZU1qZGRWRk9ROWY3WGtFcmNILWdjSHp6ZW9fSXdUOUNzMnF2LXNiSTNkOVl6MWx2NUZOM0Zlb29QaGpJMGJBcFZNc1NWQVgyVlVzT0VYRk9PdHV0cENiV05WdmZLUEltY2N2OXNRRFQ4VnhhWWE3aGdRSEVveF95b1pZLVU3RldwMEdXRU9rQUNqcGhlRmVGak1rY0loam5pbGFuUkgtS2NROGQxbmRYSGFJXzJSMEZOTnd2Y3V0Y1Q4QWY0WHFTQmhvQ3dSSGlQOE1tZUxFa21XS0dMcHhtQk40dW0yMGYyOGRwd1ZfWjM2V2ZkWUpLbkJULThOV04wd09sbkpwblB5QjRyeEFXNlJpVUhqbm9DRFBKcDNrN1JVSFpoQnV5LTk1WDFYdXhjdGtQUjV6UlBkUFFib1hIbDFCYTVaU2Y3ekNvTmpLeXNrRW8tSWdPdnZuVjV0MlZ1QmNNSTRyS0dWbEdCR1FKU0FVdVdseXYwRjdPZkw3VFotcVBuUVd1MGtuOTZ4eC1Ndkp0emQzSjZiQWJBZWo2MEhXLUxickUzdXA4WGlsOXlCRHpBSUVxVDFKTXJWT2JEQlBZUHVHdnlETHhtYXVaNWNQWS01dHFvb1lkUzN3aFQxN2xYYUlNeEdkZG1XX0YxRHVuNllmQkJmSmtjZnZva1ZTb3h1S0Z0ajlMYm5CUTRUZDllU0ZYcW5mbENJcU1LckhYb1EyT1ktSVJXaHZHc2Vkb2g1M1RkVFR0dGp4WUg3dW1GMjRRQXJxUDVSUHNQQjM4VGlpWTJEUE9LcUx3WWN6M05JT0pldjY3anpBJnNhaT1BTWZsLVlRaXhRY2pVcTZOenJMS3FGeHk1dkd2YWllVlZfdlItODZ1d1pvV2oxMFkzYzQ1VEZpOTZiSzZVcTV5eERiZ0xnMV9NV1drTXpVT1AwMHZFeG96N1BWd3Qtbl9XYTJzRGNoUWhZN19tSXcydEtIUy01aFlMZURFSXFMMlcwWUV6NUFtWXk1MF9ad1A5LUR1RzBkWlhwT2FWTUdiMHNyYUg0VHBzUUpqcTFYMlJobWhfVzg1SS1BRktxbFVpRVAxXzY1UmN6ckRnbXNtZk03Z1U5MnBENk1FZW5vWDdpbUhMaFpyZEFxNk5Ndl9YdGFNOUViZnRWSVAyTzZ5bnNBVURLSmdtVXFlcDFzNGFiVm8xY2I3NzVhdzl1V282RWE4UDI3NGUxQlEyMkNZOEkyVnBfbU9tMWJTRTFPZzQ5TFpQUWMmc2lnPUNnMEFyS0pTekNIS2p2clJKS05HRUFFJmNyeT0xJmZic19hZWlkPVtnd19mYnNhZWlkXSZ1cmxmaXg9MSZhZHVybD1odHRwczovL3d3dy5jaXNjby5jb20vYy9kZV9kZS9zb2x1dGlvbnMvaHlicmlkLXdvcmsvcmVxdWVzdC1kZW1vLmh0bWwlM0ZDQ0lEJTNEY2MwMDI0NjQlMjZPSUQlM0RkbW9jbzAyODYxMCUyNkRUSUQlM0RwZGlwcmcwMDAwMDElMjZkY2xpZCUzRCUyNWVkY2xpZCEiCg%252526dc_cid%25253D191547418%252526dc_adid%25253D557904688&encoded_body_size=0&transfer_size=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4023:1002::5e Fort Worth, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:52 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	33ms 33ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:52 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 06 Jul 2023 11:00:52 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 02D8 Redirect Chain https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU1RBUlQiLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ... https://dt.adsafeprotected.com/dt?anId=10173&asId=b119d7c8-13cd-4072-93dc-32f151c0389c&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted...	43 B 216 B	930ms 192ms	Image image/gif	52.38.181.88 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?anId=10173&asId=b119d7c8-13cd-4072-93dc-32f151c0389c&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A-949672960%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D Protocol H2 Server 52.38.181.88 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-38-181-88.us-west-2.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:53 GMT server nginx x-server-name dt07.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43 Redirect headers Location https://dt.adsafeprotected.com/dt?anId=10173&asId=b119d7c8-13cd-4072-93dc-32f151c0389c&tv=%7BpingTime%3A-4%2Ctime%3A-1%2Ctype%3Am%2Cve%3A%7BvEventCount%3A1%2CvEvents%3A%5B%7Bt%3A-2%2Ctp%3AadStarted%2Csl%3An%2Cad_duration%3A-949672960%2Cwidth%3A-2%2Cheight%3A-2%2Cvolume%3A-2%7D%5D%7D%7D Date Thu, 06 Jul 2023 11:00:52 GMT Connection keep-alive Content-Length 0 Vary Origin Content-Type image/png
GET H2	200	dc_oe=ChMIy7no7_b5_wIVbzYGAB3xZgkEEAAYACCakKtbQhMI8fK27_b5_wIVjwRVCB30DwOM;met=1;acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%... ade.googlesyndication.com/ddm/activity/ Frame 02D8	42 B 401 B	465ms 59ms	Image image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIy7no7_b5_wIVbzYGAB3xZgkEEAAYACCakKtbQhMI8fK27_b5_wIVjwRVCB30DwOM;met=1;acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D42304%26vmtime%3D11%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D660351779%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1688641252806;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11; Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:53 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ googleads.g.doubleclick.net/pagead/interaction/ Frame 02D8	42 B 64 B	65ms 61ms	Image image/gif	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/interaction/?ai=C-3p0456mZLH1CY-J1PIP9J-M4AiA6YfNcJ-BmeGzEYWQ36SHMhABIJWbyiFglYKAgMgHoAHe_KCDA8gBBakCRzIujSU5sj6oAwHIA5sEqgT-AU_QplvjZsSd6XUcxn09RK0yywZDra9y5_2_Q8TNUnPpFCaGO6Jk3HEZoPjsYTBCRzw1HXJweqpElG-lVwHx7gVADL4sXwRkR7Vmzbo-SW9QwFM05IMiIwlFHQOAB_MrfeF3pXLSNa_lccbCeYXebDd2RFt2nkO1iDteFOXjm1Jw342mm3JEa9CcWfKqlpfPN4waCb3lkbVG1kgWtJ68WIbMYHiBXjbnCD2TNDrV3AvxGwqrZVEoDcEwmrcHK8BvQ2R9SeL_spE85bD3aXRocaJf28MZueoVhUQoKKkibY0tYCW_rawDkxlgRE0240RgI5Arlhur7o_aggfRCLgmwAS1mrG3_wPgBAOQBgGgBk6AB4qD33yoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATgfeAFNATANgTDYgUBNgUAdAVAfgWAYAXAQ&sigh=JzT6yheVXNA&label=part2viewed&ad_mt=11&acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D42304%26vmtime%3D11%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D660351779%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1688641252806 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:52 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	dot.gif s0.2mdn.net/ Frame 02D8	43 B 66 B	27ms 23ms	Image image/gif	2a00:1450:4001:811::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dot.gif Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 09:22:32 GMT x-content-type-options nosniff age 5900 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-xss-protection 0 last-modified Sun, 01 Feb 2009 08:00:00 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 07 Jul 2023 09:22:32 GMT
GET H/1.1	200 OK	pixel.png unified.adsafeprotected.com/ Frame 02D8	35 B 174 B	106ms 51ms	Image image/gif	34.245.252.75 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vOTg4ZTY0YjJiYWM4NTBhMjcyMWRjMTJmZTJhOWZjZjYuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS8ifX0sImN1c3RvbSI6eyJjdXN0b20xIjoiIiwiY3VzdG9tMiI6IjIuMCIsImN1c3RvbTMiOiIyLjAiLCJjdXN0b203IjoiMTAxNDY2MSIsImN1c3RvbTgiOiI3MTM2NDQ4NSIsInJlZ2lvbiI6ImllIiwieHNpZCI6ImIxMTlkN2M4LTEzY2QtNDA3Mi05M2RjLTMyZjE1MWMwMzg5YyJ9LCJ0aW1lc3RhbXAiOiIwMDAxLTAxLTAxVDAwOjAwOjAwWiIsImhlYWRlcnMiOnsiaGVhZGVyMTEiOiJEQ00iLCJoZWFkZXIxMiI6ImFkLmRvdWJsZWNsaWNrLm5ldCIsImhlYWRlcjMiOiJHb29nbGUyIiwiaGVhZGVyNCI6IjciLCJoZWFkZXI4IjoiaWFzbyIsImhlYWRlcjkiOiIifSwiY3JlYXRpdmVJZCI6IjE5MTU0NzQxOCIsImNiIjoiMTY4ODY0MTI1MjMxNTg3MTQ0OCIsImFkRHVyYXRpb24iOi0xLCJpYXNTaW5nbGV0YWciOnRydWUsImlhc1NpbmdsZXRhZ091dGNvbWUiOiJPVVRDT01FX01fX1ZBU1RfX09NSURfX1dFQl9QWEwifQ==&advEntityId=1014661&pubEntityId=71364485 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.245.252.75 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-245-252-75.eu-west-1.compute.amazonaws.com Software / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Thu, 06 Jul 2023 11:00:52 GMT Connection keep-alive Content-Length 35 Vary Origin Content-Type image/gif
GET H2	200	skeleton.js static.adsafeprotected.com/ Frame 02D8 Redirect Chain https://pixel.adsafeprotected.com/rfw/st/1014661/71364486/skeleton.gif?xmtp=v&xmapp=0&xsId=b119d7c8-13cd-4072-93dc-32f151c0389c&bidurl=&ias_campId=&ias_pubId=&ias_placementId=&ias_chanId=&ias_dealI... https://static.adsafeprotected.com/skeleton.js	17 B 17 B	151ms 34ms	Image application/javascript	2600:9000:238d:dc00:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.adsafeprotected.com/skeleton.js Protocol H2 Server 2600:9000:238d:dc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 16 Jan 2023 03:51:51 GMT x-amz-version-id nylqTweorRThFHMBJSrf_fHcWx3KVKN3 via 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront) x-amz-cf-pop AMS1-P1 age 14800143 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 17 last-modified Mon, 17 Aug 2020 23:54:35 GMT server AmazonS3 etag "53fab767ecbd3bf07990b10246befbd4" content-type application/javascript cache-control max-age=315360000 accept-ranges bytes x-amz-cf-id WUTvd7DVX3rB48orh0grmj77Og2XnA_ODree1DzExJl0Lxrol_AyXQ== Redirect headers pragma no-cache date Thu, 06 Jul 2023 11:00:52 GMT server nginx x-server-name app12.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://static.adsafeprotected.com/skeleton.js cache-control no-cache content-length 0
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 02D8	0 28 B	216ms 77ms	Image image/gif	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstlM3LMhYPzg7_aGsgmaF1nHKCIE02su0-dAGdgmi5UGtfizpbfk2kkPqhX2PyYx9aCyW_QmgJTZ1JUXMOjWxOoXUkJ7JWaZ8muhJ8447GY6IF1Jka2fF6jIbe15cNhegfxJzNHdfJ9lzlb3727Ynu-RBA1X-QaOlwaxOd7RuWzwVYdvBj9W-R4_DixT99grnd_HJ78qk9u8Vob2_2l05myxzHuBXXEAY8f_0nDELaKq078YaVK6_khClhA3CKJKCULHGKyZsSUh_EdHXeU8kI5dP38XsYjyimjI_XN40bFFBHvYsTMjoebNEwm8S8DKlz8Z6VOrsbxk_jRAskG72ajrLUXrvko4y7K8nmYRyN3bRNqSFqXAGgGqhfqDMp6QA4w5vUPVZI8erqJp8U-F-98gE6E_AYsqRAFc0OfNR0_bXLXmM4fL_1pBavqE2oWPRjUrPUoYKoTKP7Tf_BS2vWw22wFFPnAr2623MeUq7PhanlGSlS0BDCDs4OCIksGBXnBMv_bBF1Cas0x9ZkvAhdQnxWZ8v5kH0p-Y0Zv-upH0LIgIPf-meNdZ2NVg9hnXO1g008ChZLEZIN2TYJ5SuFFrkrsD3DKfM--KdS7T00ci6B6H7pRYoegpghlwMLmsL1dZsYgG194v_ej9LszusZspqC7xWYQtj89-Yh61GED63hMmWAFgmSQ2xh-Ak7_DZNhkyi_h6h0tUIX1dNko0w0emlAHI3VD8sGWBkNrGAMXAIsWhDtxxKfLVZWSfK9p4yZPtmlylbkXn38Mu3ivB0LRkl6ySK54hqBQALXGKndQtuXLBc6FePZwRFV9Lgr-x9tYs0PJ__8oFlmNsiaip2RhTTG9T2WjfSOj4mWcyCFzdoiBsrkj_b_7yCcP8SY0nhf3vO6KX07CwF1AdQQgxRb0PFDcPM6UsUgdolrehkIpFLjg--yoXe-VOXV9cDW23PPBSxHAj6d-x61WqxGuBiexDTfV6mGy3HtvWi_PcboefO_-XRDnWcMcUVqs6TKX0UXXeX3Ghc59fpHStnJWQaBpMpHHHyQeIcZUqJWkkFguF4YDrEA8BMBxqYylNnUhsVFtUM5BKXbaLKQD9MFgOEUi6vKd1RfGzbvUDNuPN4722q6i7EF1bFRQFLmK69vMpzNXK31GFZ8Jtwly4YnEmP17vvEY3KJb7MaSi3b2A06daQK4wym6B3D3PGwb-UhEA8tkCNFU97nyrk7GOkMciGZrLQPMRytYJN28vVHpi_k3fErVJyGOn_F4UV8r4XVOXo&sai=AMfl-YRENxzcK7nvZJ_w9ps0ndvP708LevcnRflfScMgsvqNR4tqXDLC_vTzWIc_Vk75mCk1ftalmSO9dLJX9X0nZmz-QtHBafk-pcJ_Zq0MAfm_RTdkIzw5tX1BuslIVgqcl-tKstpLyRS3Zd6XkTMmgQA08sn7YX9fsimGJwXfqTa-pmL1ZEntyhpfvVDDZ69c5G6-HDQvul23jcRRcD0XAvlrje-CdqfzNZjcPwaPzvf5Jhn6x1FZd3CWbM9q7pYPc7pvoshG1-EKoXfZAzgyg41gTclcNKW7IrkoboiFPcvxNKH4i-fw7qef&sig=Cg0ArKJSzA5L9rojDX6kEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl= Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Thu, 06 Jul 2023 11:00:52 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	pixel googleads.g.doubleclick.net/xbbe/ Frame 02D8	0 0	66ms 62ms	Image text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjpzPLpASABMAE&v=APEucNXFi6SXn9b1r_iS8LDhZSx-aLVdVpOY-5JbUsuV6h1HmmOMW-yGex_dNc0yNshu6jnYCVFdzJRJTzKsGHFZcrLIjmTrjg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 02D8	0 20 B	59ms 55ms	Image image/gif	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:52 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 02D8	42 B 64 B	62ms 59ms	Image image/gif	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrjOD5T7kAkyIjxydo29QVFXqaAWkk18hAGU5TPD02yxxr-srykXwAy3pl5WprNZKBWcdygNdzYtTZ-juXwrVzocBlMAqb90ajQoVtkNfjE3YTOr1O-Rx8w7H01nmAHVaiHFPKNrtmeR60&sai=AMfl-YSHtMU12dIMXPkw6YIc_fIU8ti0Y68LrlkuHTHjZswZUWUR0YBTRzMyjVaxhzubrVbXPGnMUbua2GBSlD9YEu8emQej0H9HsbnMS-7yh6FV2OlWFUAaFovynnezuiTSwFvey5Y-QipAI65L&sig=Cg0ArKJSzO8SsrU-xCNBEAE&cid=CAQSSwBygQiDUo8P_fQVivArfhelJ-nYRE_r9_ZRUGvWsrQEYPFWr3KWn6jT01HXpAPvhRjGEQ2tuXyzEVej3EvEG8QANzn4BFh2HtDmXxgB&id=lidarv&acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D42304%26vmtime%3D11%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D660351779%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1688641252806&avm=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:52 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ googleads.g.doubleclick.net/pagead/interaction/ Frame 02D8	42 B 64 B	65ms 60ms	Image image/gif	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/interaction/?ai=C-3p0456mZLH1CY-J1PIP9J-M4AiA6YfNcJ-BmeGzEYWQ36SHMhABIJWbyiFglYKAgMgHoAHe_KCDA8gBBakCRzIujSU5sj6oAwHIA5sEqgT-AU_QplvjZsSd6XUcxn09RK0yywZDra9y5_2_Q8TNUnPpFCaGO6Jk3HEZoPjsYTBCRzw1HXJweqpElG-lVwHx7gVADL4sXwRkR7Vmzbo-SW9QwFM05IMiIwlFHQOAB_MrfeF3pXLSNa_lccbCeYXebDd2RFt2nkO1iDteFOXjm1Jw342mm3JEa9CcWfKqlpfPN4waCb3lkbVG1kgWtJ68WIbMYHiBXjbnCD2TNDrV3AvxGwqrZVEoDcEwmrcHK8BvQ2R9SeL_spE85bD3aXRocaJf28MZueoVhUQoKKkibY0tYCW_rawDkxlgRE0240RgI5Arlhur7o_aggfRCLgmwAS1mrG3_wPgBAOQBgGgBk6AB4qD33yoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA5gLAcgLAYAMAbATgfeAFNATANgTDYgUBNgUAdAVAfgWAYAXAQ&sigh=JzT6yheVXNA&label=vast_creativeview&ad_mt=11&acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D42304%26vmtime%3D11%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D660351779%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1688641252806 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:52 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	csi csi.gstatic.com/ Frame 02D8	0 17 B	149ms 147ms	Ping image/gif	2607:f8b0:4023:1002::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=7~ljr1ehhw&c=8284531598989&slotId=4142265799494.5&qqid=CPHytu_2-f8CFY8EVQgd9A8DjA&fb=outstream-lima&gpm_i=8&gpm_c=8&gpm_a=8&smb=1000&br=793&mt=video%2Fmp4&vs=640x360&dm=42000&event_name=first_play&asset_bytes=194125&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.1be~videopreviewstarted.1bg Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4023:1002::5e Fort Worth, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:52 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 88D5	0 20 B	117ms 117ms	Image image/gif	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BmtFN456mZIu8O-_smLAP8c2lIAAAAAA4AeAEAg&bg=!0dKl0obNAAb90kgr3dI7ADkAdvg8WnmXS4vVvN47AOnupKvxPy5STwXpiWX2_5tlL3h3aSlGgHX-YXajzF6rOQskV8zBhLE_PS0CAAAAaFIAAAAHaAEHmQL36iBk302gqIm5LxIBdY1du1QvNVsWzGbk-PKpFLE9rMNAewp42seZDEuSKkaE9aVjqiGJxy4YcluQkKXZRjwGc0iWISqBZfAVlBmpiIIrf8dW2kuyR-VWKLggt93w4iH0Mp8eUUPWguIHubTkfgVbTYC5RBGrcbOVvkiATvezTqBLg9StEDgqKvaRaBBgG5X-LhqiOBT4al1qfMyeGFNUFaNN1pvGIMs_Id5DowBMHizSOe64MOWv3LwclB0WbRxQ11e6V90HMH3F5i3hvzK0jvNPhoj5eVwyxmISe9ETKVEm_Fo99loInRAY9ljaml-GJUmERmXtuuQ6yMd90OBJ7aOk0dsDZNVhELMbWeQiPDVN8svx5QoOPJoAIGmWKVT38PO-_bRBFIKh7EqEoU1yUxLT1LdDQIPcnYyeIj3nIcvNrR-2f6BeGYZ90ywe47_QmqVWnNqg9kpquIIhcoW-qLr7s7rXPvn4SEnn2FInhOuCu_sL7iCN6mksKVprUE1nicqMjqnR_seNO_6lz8OVc9V0Mcut2MqGTE7bRn7355HnO1y1gRR56ges9ZVY8z-krOPEqQU4Kx2xkRAsLYnFyFqEE4O8N58Q9RA50C_7MFYDTLfjIlMLvE2zcOC8pwQL2I7NanInQ6lQfi3F7eZqyy8O_AI5SyhZCioBIvUAXpMG3NUvMKpos1PFQieKr1TTK_jfvZSw_1SSDpckjUQUUrhviMgngA6vvOUcA7EeF2KplNBJh3AoTpBevF3yQjSULCQ0IYqaIXWWmbTMQBVk4pxE4sm2bxIoPTO1tyMxD-DwoliMezfq9z66tPRMBYekxWVh6iyd40qQL3HybCu2U0T7GT2Nt03X5rRMesOFOjDG82Z8RkIfny4MwtpzbAkevAJUWaezUcnbCGmERC-kO33pyIiWGT_weDiBJkGGSAHb3GNMGtmhMSfji0OcDQxVp5pc2fJPTkefJyxZVPbVW5j9Fc3xM5D_dk5jrOscqQ7F3FRrckCR Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:52 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame EE4D	13 KB 5 KB	23ms 23ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://d.aydogs.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 3571 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 06 Jul 2023 10:01:21 GMT expires Fri, 05 Jul 2024 10:01:21 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 4586	783 B 1 KB	346ms 31ms	Document text/html	2a00:1450:4001:806::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash d286ccd7f74359206304262cf36d5a71764bf423f86d0d04874ad7a3dc3688dd Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce--mAcXN6zvQ-8_KpMnGlq7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://d.aydogs.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 514 content-security-policy script-src 'report-sample' 'nonce--mAcXN6zvQ-8_KpMnGlq7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Thu, 06 Jul 2023 11:00:53 GMT expires Thu, 06 Jul 2023 11:00:53 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response pagead2.googlesyndication.com/bg/ Frame EE4D	38 KB 14 KB	23ms 22ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Wed, 05 Jul 2023 10:17:57 GMT content-encoding br x-content-type-options nosniff age 88975 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14768 x-xss-protection 0 last-modified Mon, 26 Jun 2023 15:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 04 Jul 2024 10:17:57 GMT
POST H3	204	csi csi.gstatic.com/ Frame 6B4A	0 17 B	165ms 153ms	Ping image/gif	2607:f8b0:4023:1002::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~ljr1egzr&c=2361588229887&slotId=1180794114943.5&qqid=CJWHuu_2-f8CFUpg4Aod-VMF5g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=982&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.na&ape=1&ple=1&umsem=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230516_RC00/outstream.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4023:1002::5e Fort Worth, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:53 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame EE4D	0 10 B	28ms 27ms	Image text/plain	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?yZoCTg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 11:00:53 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 181A	42 B 64 B	57ms 57ms	Fetch image/gif	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUQErJiot_y1YAxS53zb37AX0OdGuLlL-f5V602xb2p82qSdxgGPsg_mkYlZQlZnqkCwDTE143V4SazsN4bHGoBjl9A0EzlPReCOGnI_xwuxhyzKr1Ti79p6BjhDklBARWcy76vd3y_miQ&sai=AMfl-YSGlHZXzr6yHLi_wkagt_F8tHyfVDxy-7UmU6oTYZkUWJTSzYBlSN4_9KfK_--jdi9T_Tpm6cIx1DOWKuqr7yfuAZmImbBya8woqpHN8uRCEgfsqHtiVD8hQ0XMfemGACw7-ifqZcyY_kBR&sig=Cg0ArKJSzAAZBUtEEMP9EAE&cid=CAQSSwBygQiDi2rRzPNHgap2m2Q1GOEE6NdXR-AwhkaQ626fZwSjNq4fBcH1kJGQpH7PmKJRR76aSOINLNVePL_VD6Yy8vBzmzo__Bi-TBgB&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=676617758&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688641251562&rpt=510&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:53 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 4586	0 0	55ms 55ms	Image text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306280101&jk=3480017721456100&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 181A	0 20 B	55ms 55ms	Ping image/gif	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3754300653365&version=m202301230201&ct=76&x=1&cor=10361204185516399000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:53 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	60ms 60ms	Image text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306280101&jk=3480017721456100&bg=!KyilKHzNAAb90kgr3dI7ADkAdvg8WsJ64d8o61U2_fceoJoPjZPcJWfgUfKWmHOHHy9rGYi39h0lzfiiQhxzxDIx5yEC0YWx8d4CAAAAalIAAAAIaAEHCgDXPvyu-qrqmj1i0Pm_m-auVsxyclDWWk0zVDrJcYZfgTsTWm1aX8wmjuCbNYaezQoblLqhEJ8S7onokUAOJjxuKs4jehadqd7JAAVgSrS99DQ_SHgOCGmvK0fh43dmX8thsRRFbr5JxxJInKd4s9FM2GUwnwojX2Kn4tXsL_UNz_jHunK9FhsuW0eIuhblkGXfWqpVro4lrT6rU414E4fIp1W_-9l0r6KaIdFH7ohFOQiNYTMGTa8WmBBlFNLca8_K39X7K1r4iRRGpCObBq6Te_7H4lARZCeZApw0k9pVeHGDXO0KhlDgeSCwErCjmlc-LwIzIV64pGiko-pdaknBXOMoQmksSXY4XsVSAXUp2xYeOMxmSxi-OI_uEAwImuZDHjRCfCGGhuPKv8dgVNj9SmcPrQngE5Dh-wpV5xc5f1Me1HSdMxtJ95Wwkxb5iJPEb57xWeG8cDYUHKNUgolyM4SBCnjzgxfsMY9Nj5t0A1AD_ynxAo24MtUl5Wj0v1OGmrXq-rih94ioHk4kJjHX7_Y1tNI6rPhj3952_1_64HQE13PtqVe5XQ-DjTOzHN_Uy4P62JIPSZPoxKWmGNQCfenDiAp25mpnzW20uMbxuDf69gvYI0hyBCHyN1iu74RSoOk2_NkZEEZFJeF_DyhW7LufOXKLJumK2aBA5hexE0KwlCA7wAS5Um1lwh0PfdifCvepX-fTf7weZfYpAw59lhZsxp3UsT6CEnQa0s4v7RD9LjijyPVdeoue4X6uJ0rq-bSJbK9TR4pH_5aWTJn2UhG8efKwC9vHRQD87yXQS0Br1xo70LW4_vGzLuH2Jer-DN_XT7alajlxixjAEC5BELTdfhqZ6keKW1KR84CHM7GgoJzzX4YedQYPJi6Wm8UiIL6V4BarCNv3Bk1nqJxf8O0MBV-UGllKONzOuiYJbr6OLCkST8o_f87fIKN3loFqP_POHlr3uihHOYSdWZl1IlvqTBgz-99d8CZwEN7OjHeIT8KfiidV43MvKIXzSU0oa1pS0p8cxd1mhKbk1UPrLJP3LQOjkz1NbECQ59AiNO2kA9b2mnxKoZiWZbVXdW0SdypYhUgYFGNgibyp5NLkRZc9Q7Evo_egvcsAVbe6ZnmJtL8uW8Hf2wB_oIcOaQUNKmA14QPvsHVzthc7-QTJc9kZ_XaOqA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://d.aydogs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 02D8	42 B 64 B	60ms 60ms	Image image/gif	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrjOD5T7kAkyIjxydo29QVFXqaAWkk18hAGU5TPD02yxxr-srykXwAy3pl5WprNZKBWcdygNdzYtTZ-juXwrVzocBlMAqb90ajQoVtkNfjE3YTOr1O-Rx8w7H01nmAHVaiHFPKNrtmeR60&sai=AMfl-YSHtMU12dIMXPkw6YIc_fIU8ti0Y68LrlkuHTHjZswZUWUR0YBTRzMyjVaxhzubrVbXPGnMUbua2GBSlD9YEu8emQej0H9HsbnMS-7yh6FV2OlWFUAaFovynnezuiTSwFvey5Y-QipAI65L&sig=Cg0ArKJSzO8SsrU-xCNBEAE&cid=CAQSSwBygQiDUo8P_fQVivArfhelJ-nYRE_r9_ZRUGvWsrQEYPFWr3KWn6jT01HXpAPvhRjGEQ2tuXyzEVej3EvEG8QANzn4BFh2HtDmXxgB&id=lidarv&acvw=sv%3D953%26v%3D20230516%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D13,1,588,1023%26tos%3D2013,0,0,0,0%26mtos%3D2013,2013,2013,2013,2013%26amtos%3D0,0,0,0,0%26mcvt%3D2013%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2229%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D1%26pst%3D217%26dur%3D42304%26vmtime%3D2242%26dtos%3D2013%26dtoss%3D1%26dvs%3D2013%26dfvs%3D2013%26dvpt%3D2229%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D660351779%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,2013,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.3%26t%3D1688641252806 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://988e64b2bac850a2721dc12fe2a9fcf6.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Thu, 06 Jul 2023 11:00:55 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	bf92c8be83eeb2dbf186eb1436ebcb5e.svg s0.2mdn.net/sadbundle/17496557209186318969/media/ Frame C3A4	4 KB 2 KB	22ms 21ms	Image image/svg+xml	2a00:1450:4001:811::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/17496557209186318969/media/bf92c8be83eeb2dbf186eb1436ebcb5e.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/17496557209186318969/53adf3c004f481c8e3ae8cc4f454770c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6648009549b81e81582f3fb8345dd6305ee4a232fd4eac4fd803a78cb69b0c1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17496557209186318969/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 06:05:11 GMT content-encoding gzip x-content-type-options nosniff age 17745 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1630 x-xss-protection 0 last-modified Thu, 02 Mar 2023 21:23:28 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 05 Jul 2024 06:05:11 GMT
GET H3	200	3da15c1a1519d4142b61be4acb2551ca.jpg s0.2mdn.net/sadbundle/17496557209186318969/media/ Frame C3A4	20 KB 20 KB	21ms 21ms	Image image/jpeg	2a00:1450:4001:811::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/17496557209186318969/media/3da15c1a1519d4142b61be4acb2551ca.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 59b122193996b704d97e25c4b10369a2c0e7c514dbef92ad01fafc8412f483dc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17496557209186318969/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 04:03:12 GMT x-content-type-options nosniff age 284264 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20743 x-xss-protection 0 last-modified Thu, 02 Mar 2023 21:23:28 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 02 Jul 2024 04:03:12 GMT
GET H3	200	713b56ab02d7a1b47d67f0170e6ca33d.jpg s0.2mdn.net/sadbundle/17496557209186318969/media/ Frame C3A4	2 KB 2 KB	22ms 22ms	Image image/jpeg	2a00:1450:4001:811::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/17496557209186318969/media/713b56ab02d7a1b47d67f0170e6ca33d.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9b98176cef1e3c0a7203c7dfcc22df4abec1e26a60b1f9a5cda4f225a29c2bb1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17496557209186318969/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 04:03:16 GMT x-content-type-options nosniff age 284260 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2243 x-xss-protection 0 last-modified Thu, 02 Mar 2023 21:23:28 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 02 Jul 2024 04:03:16 GMT
GET H3	200	8048b515782255de4c53f292b513bd11.png s0.2mdn.net/sadbundle/17496557209186318969/media/ Frame C3A4	6 KB 6 KB	23ms 22ms	Image image/png	2a00:1450:4001:811::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/17496557209186318969/media/8048b515782255de4c53f292b513bd11.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 388606324bdc3e3561ea3039f85d3c2500dec60853a6e320a5f225881f1b854d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17496557209186318969/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Thu, 06 Jul 2023 07:36:15 GMT x-content-type-options nosniff age 12281 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6304 x-xss-protection 0 last-modified Thu, 02 Mar 2023 21:23:28 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 05 Jul 2024 07:36:15 GMT
GET H3	200	e0669175a798ac1752bbfdc5f70721d1.png s0.2mdn.net/sadbundle/17496557209186318969/media/ Frame C3A4	8 KB 8 KB	25ms 24ms	Image image/png	2a00:1450:4001:811::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/17496557209186318969/media/e0669175a798ac1752bbfdc5f70721d1.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b9c8881b4d89dce4c1daba80e3d17e90ce1ef7f7d3233a537eec2b076df5d9ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/17496557209186318969/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Mon, 03 Jul 2023 04:03:16 GMT x-content-type-options nosniff age 284260 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8415 x-xss-protection 0 last-modified Thu, 02 Mar 2023 21:23:28 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 02 Jul 2024 04:03:16 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ennovelas-tv.com

URL

https://ennovelas-tv.com/wp-content/themes/vo2023/assets/fonts/iconFont.ttf?hk7yuf

Domain

ennovelas-tv.com

URL

https://ennovelas-tv.com/wp-content/themes/vo2023/assets/fonts/iconFont.woff?hk7yuf