urlscan.io logo urlscan.io
SecurityTrails logo

c.r74n.com Open in urlscan Pro
2606:50c0:8002::153  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://c.r74n.com/
Effective URL: https://c.r74n.com/
Submission: On October 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 12 domains to perform 66 HTTP transactions. The main IP is 2606:50c0:8002::153, located in United States and belongs to FASTLY, US. The main domain is c.r74n.com.
TLS certificate: Issued by R3 on September 25th 2023. Valid for: 3 months.
This is the only time c.r74n.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:50c0:8003::153 (United States)

ASN54113 (FASTLY, US)
c.r74n.com
4    2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)
c.r74n.com
18    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    185.199.109.153 (San Francisco, United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-109-153.github.com
r74n.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
6    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    34.246.213.214 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-213-214.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
7    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
5    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
4    185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    108.177.15.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f155.1e100.net
bid.g.doubleclick.net
1    2600:9000:223f:5200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
7    2600:1f13:800:7781:c98b:653f:bcad:438a (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
6    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
25 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
373 KB
13 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
bid.g.doubleclick.net — Cisco Umbrella Rank: 1020
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443
65 KB
10 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1153
static.adsafeprotected.com — Cisco Umbrella Rank: 720
dt.adsafeprotected.com — Cisco Umbrella Rank: 658
106 KB
6 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
253 KB
6 r74n.com
c.r74n.com
r74n.com — Cisco Umbrella Rank: 346544
26 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
3 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
137 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
59 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1200
597 B
66 12
Domain Requested by
18 pagead2.googlesyndication.com c.r74n.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
fw.adsafeprotected.com
www.googletagservices.com
7 dt.adsafeprotected.com googleads.g.doubleclick.net
7 tpc.googlesyndication.com c.r74n.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
6 s0.2mdn.net c.r74n.com
s0.2mdn.net
googleads.g.doubleclick.net
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
c.r74n.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 c.r74n.com 1 redirects c.r74n.com
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net c.r74n.com
2 fw.adsafeprotected.com 1 redirects c.r74n.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com c.r74n.com
www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 static.adsafeprotected.com googleads.g.doubleclick.net
1 bid.g.doubleclick.net googleads.g.doubleclick.net
1 www.googletagservices.com c.r74n.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 r74n.com c.r74n.com
66 20
Subject Issuer Validity Valid
c.r74n.com
R3		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
r74n.com
R3		 2023-09-17 -
2023-12-16		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://c.r74n.com/
Frame ID: 52B8BB0C54E32B082A832B9577D2632C
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: E763A306EA48F8B903847ED1AA00067E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8485284630785740&output=html&adk=1812271804&adf=3025194257&lmt=1691280296&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fc.r74n.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697399726594&bpp=3&bdt=305&idt=224&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4539263373505&frm=20&pv=2&ga_vid=27131134.1697399727&ga_sid=1697399727&ga_hid=1744649082&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078600%2C31078658%2C31078702%2C44805098%2C44805112%2C44805336%2C31078297&oid=2&pvsid=1862137639710744&tmod=291866489&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=260
Frame ID: E2F2891DCB6663B21FC0D785BEBC3844
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8485284630785740&output=html&h=280&slotname=5555682735&adk=1080178280&adf=1839787983&pi=t.ma~as.5555682735&w=788&fwrn=4&fwrnh=100&lmt=1691280296&rafmt=1&format=788x280&url=https%3A%2F%2Fc.r74n.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697399726597&bpp=2&bdt=308&idt=265&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4539263373505&frm=20&pv=1&ga_vid=27131134.1697399727&ga_sid=1697399727&ga_hid=1744649082&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=3019&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078600%2C31078658%2C31078702%2C44805098%2C44805112%2C44805336%2C31078297&oid=2&pvsid=1862137639710744&tmod=291866489&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ThK4wegfuU&p=https%3A//c.r74n.com&dtd=269
Frame ID: D8833176BFCAFC0EBD02FDA5A140103C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Frame ID: B2D89C30017B676A69B44ED7612BCD53
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiriqrpATAB&v=APEucNWj5DA-HXMB1wysry1-W6EaCoYkLgNUkzUi5uwYnLdi-qbPaRvMi_Kc19lOweKZfJalddjbsLoavGyptAsfeQs0R_6cukqzRcke_6ZLsK-ZzQ0_BT6kJHO4g66dUOcJrKX58_MGdB1RW5GT_qolKOCX65ic8yn73bKjxkLuAe0my9728Jc
Frame ID: EE36D3BEFB2348465DB135DAA70E854F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: FE469847A548033423DE07BB2C87B5BA
Requests: 27 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B8B5985D8B7CD593AC3CA73D9B77F904
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 83D6C2CB8B56CA253B415CD329A7A7B0
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/index.html?ev=01_250
Frame ID: CA5120E22DA76BA9F7AA27523658CAA7
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2C74645D2AD836CED1245584D7A8F8C3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4927C718A8CCD82CFCC6E601DCBBBCF9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Copy Paste Dump

Page URL History Show full URLs

  1. http://c.r74n.com/ HTTP 301
    https://c.r74n.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

66
Requests

92 %
HTTPS

67 %
IPv6

12
Domains

20
Subdomains

21
IPs

4
Countries

1184 kB
Transfer

2797 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://c.r74n.com/ HTTP 301
    https://c.r74n.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHM2hxiQ7GEXTBGxibKxA08&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHM2hxiQ7GEXTBGxibKxA08&google_cver=1&C=1
Request Chain 28
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSxDsPtpmOaMa257QcPs1QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHM2hxiQ7GEXTBGxibKxA08&google_cver=1
Request Chain 29
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENcuuQlEmIlW0u9VimRGjes&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENcuuQlEmIlW0u9VimRGjes%26google_cver%3D1
Request Chain 30
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkwNjU3Njk5NTY2NDY5NzU2NQ%3D%3D
Request Chain 35
  • https://fw.adsafeprotected.com/rfw/bgd/1474271/71242846/xbbe/creative/adj?p=APEucNWxn_NXSrgvSrEZsSV2yBhcEkfyTocwmEbvrd9uPNkQjMeaSkc&d=CokBAKAmf-Bu9iQyFnzHliJ05vOpiRj7Z6cZejxafkt4qIxLzLqK7jf2c5VVZ2n2-F2dBQACyX-4ZKAfUWrAE-9HGu77ZbN3loDX_Om59amnsZud7S1OWJpXI2MzKi_frwxLxK_AqczEIq2JuLlD4TBO9lNnlcCgGbQxjZ1kRtbpZRCgduYsIwqRj3cSuRQAoCZ_4CWwFi1eYuMjLbk1j-8Gv1FGxH5D19cHsFFPcQ3pv5MVCRUX6i_sUWSck2JfVLzNxslsce9E4YgFdOmV3uVsNpdEUV2j66bhoH9Gjue3jIgim2vc1mYCqj_jbweR8tncjmigGtyiH0FtOjstVf3IPvGqLQbjtNULgxIdbjLmoD6bTfBCmzEkGnYtocNLckJx1h9PVtpUOlsh3ZmXyF1iGBnvOTw28c2NJvk0JO03lX32fA0q2eNhi5ENSHo1Do2QLTqwH6NrE3tO2bHfP6Mz_PMxKh-ONOPPc0U7LFbtR1Pb-w-tQLCNOL4ZIQuMP4HTWOvoTUtp3SH1lIUldNIIxf0Hl6JtwyG9zuaNSUA8n_y9IAWeEVR9B8swjV7wvugvEPE2yMG9Fk-w5mtAjC1zC_AccxHp46G-F7uEjVr-TfkXvpQzCOafCg-sQeBvW1w6SvDRsxlO1eiZ6YCc80gy7uR-zGq6yWGv1JkPS-Hp52pmDAxf3hEVXiV9hy2RkvkHHvBWLHOifi74f1zNNYRiqeGJfh9_Umm17Xnsh8mrLPhjjuNsZvvgr5CkPMPGUFlOZV0cVyJ-AmBLk7QQaZb6nQ3wwBYLd_tILoruNnLjKl8bvAW08yVAuyP4qenFbY38LwsmszeLd2kBCkJH4lv5SzbdI_C2bsE901HQaXWEMiz-15X5aeRTtkx1dU6VUNH_MmrJiRoVT5VQAtUwQ9ER6RVpnFXkKu9T38-JgU_awpHRAJ2bpywodK41HpYw7FKkx5AjloXYhUiNGFllQ7BpRZWWVAnmr3HlPTPI_B68VPwnmZxrnqjIrdsucgl2q0T5xvrSWqBnSNRdkz2uwhxi0f7ZyuCFzJj5JxkGT-sKiCGrksUFOUq0X7z_bpMeo1ENX4SV2hz8tFqcfGwltudysE_6057YGbSge7TEBtGarhVFPKcDl2RVtPNNcUTYV0U2xfNxme_dmjg8TGXGNJ4JK3Y09DpEDudmO5nQasATGPJkiBQ8GEIJHfxPB3aCk5thhFsobXTfUJAZTUJLKP8P2XzGZ8Yik35HWRTSenEqlqMLd6Tq-Llwmg81lOYyAOTwzwx0Q3Ye-eQ8sePR9HLiBjBSd3vXw_ktCucxLDX9EzZ-zyT1fEGDe3yheo9QyM4a0bA15NJz4sFBr8sVX1M1TL3OwTLktyFpentDY78ekGmD6nP9VK6qPZ8JIxtIqGUay3Mliv40VlHTPpgFtuJj3LIp8yWUg-5YRuiOIUQJmCdkFHpcwBB9aJPiw0RDyorNmBON4GmYMu04c2qYkJzS9YfDqKzNxyktXrC97oBFTQsl9ieToQPr329F8zBhl3_VduhVM9VXO2WSeL1CThWiH_1pg5qbLRbmJXjvtWZzyub5ofgRlwWnIPHvudTIsSwu6i9PKFdvsAZovn01QT4yJErgVdzASt2QRtbLjShArhKNhBH9bzC5laIawnySHy_MabjHEfqsW-WDrZ9MrCHSsQYT9yCo1RcuC5nEGSM6mW_Fph_LaAKy--nWH-i80529mdCEMB1G24gEkXhcNH4L6k-H8hlEa4LSnTxXlanR43G5rvYuMeyOIdGLHruysg5RgEN3w4YAL2r1T6wX-kkvtZKNoGSs4ObKgPbSGAvrjfoF2IjeczAnA3LtQ5rS8cjVFvyd1hngshXj5WmAb4SIcFp1SXvOJb7wOOEUwsCz9a2Dru9wkoBLSXrgDBWjm3_EFaTWIl_kSHRwh5ckFhOh80c--bZuhSldT4YvqEaR-lOaQjS1Yw20FFokBR9wL4vmE9AWY8PcWNU36AR4egQOs20OIMThH6JBlMHqS2pWtI3PtXTypiDPJ18X98N_fTslmjpoWBGU9u291vzv0y1JRGRNF2dnqL-BKmwTMv7Wh4icPiHPoUiEzffKvankzRxP6jpPohREeZWyz9xW8SyBFdowKOiMD3v7EHr4VQfPO5gfvUEqnGhOJUNUXGm31Be6vJu6T6MpMRhohAY75BiIohMhC7nOI8AxcIgLYixC9CdaG7mNfNoC2_hnMD4W4BmvyN3-24V53QrNpJymAZrO0l83tlWyuGO7x5Cz853O3V1Penek3wPmOZe721vGR_0OA4zSXIOlLqXXqCYc99e6UFwZIElp8G3PvD6gYT8x33h5IaPNthdbAVyWf0dufEvIr7V6GcKVLDhYQK6eVe-iVfoE1W7IRVwM4QWk80HTjE24LsR4KEcuMXJEDvMCN8Fyh3I1nDy4Ch78dlbW8e3MqnaCuMDjS2ZW3nWe8kELCtxZQPliXE55Tp2vD3m2C7P_hOBe2fyeLPBYMdvP5e7AJSxmH0G3xEX-MD5oDs1iSpCM2dOCo1lPdde6WLnX6oLxLQOeeFRT5jiomTcD8vlt8JUvvobC5uzB51Pk_hWR4fvHhC6wiZ4zLFJAtAn-8GF3nDLg3MaMQAiaQs39ZBFGQ3YczXPEaMSV6aUbbLr8ck6z9cNhjxFjXABwatZpHiOX5LAQPXzrS_oogxbQg3v17gDcsK-8P5Csu9biRtCABFfcfxWbxCVIcVBgzbs6rmGKwSxReZG-dChdB2-CdFynKtLUe22I8I_bdy4Ly_UyXsrbx2eTmMEzVpceSiBREoLavvrJaG4O6P-DfClYqrv8gDGVi9CIaar9hJ8jPWZvcjggWWGCjOg95cs5OKw0kCmgMmamVkA_PFH3JnGE1xHxd-W5ilrLjq0d02kwL9QTYquJ5mQD9VuHnOwKv4JME3GtEHdjZvn3YpaMuu-8k5-UXi0thJHajXM-h2NBmS-lWJv47Kex4uHXH-bYiUgPgsX5X3daFbSzOCG3JtJP3yjQ9IG8ZABx2Px4efPIGh9yrXNPhaIN7xFcDvtvGmbzrHY0x3SXIJj2dAsNzX4rzfA91Vwu8R-PTA68xSQ-APXnft4AJRNx8-Au-8MKE_Ht_PXDQI1eSWzA25r839ViDB7RriudBimAAaKdm8sw_nw4GAG-QzD2WiLMpZj-sFaYIX_hB9XojZgAbauZ4Zo7gqIZedIQ-FhMh48O2yjosH0QpAYJCf9IWm88TnFMfkWlAyzypumSsenubb4cNVflDgBG299PWWLzoCCrx7nxekDOT-fiUSKmqTxOAmjagy0cM0EZDWSzxTfeqlg2kNGRn1Rw-KfVItg77b_yNtXzBYyW69DbyMeGsrZxHkRSqvayRymGvBuKHeV5uHtWqi0HWwDCh57RRJAvHa9OhskEUTwIWgO4pY1nb4spOgQzjZe7J1QiMVniQU5N1rhJYvmngCc_NPgaZmcdVT58tkhFBpXsGcVLB3nGJxJkpa-z9YuDc173a1PF3PBLX3AW57lYlJm6rqelKPCMo5u8dsHKxrl_tq13l8ym65WQZ_weMVEGUFCwaVHBn83A8c3KZYw3QZCqfzaR1Z1CNkIYPwN5KQirhqNmaez45wnDJOq2jiCv2_adRoYVQmptOVc29rSDBezsQjtsl3rgGlEIBBJLAMgJpo3dtp8xBuWxsEi_zU0e58MpCT7MLoLqTI0vr4lLfHVMZ4_C5fWSpcKWYqCltcJkGDucVZETii460d6XfYBB0_K0xnjESKmFGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1012200182&ias_pubId=pub-8485284630785740&ias_chanId=1&ias_placementId=20118583893&bidurl=https://c.r74n.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jiD8J8nlo3bDxpWGOfvBZJ&adsafe_url=https%3A%2F%2Fc.r74n.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fc.r74n.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231011%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231011%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-0-%26adk%3D1812271801%26client%3Dca-pub-8485284630785740%26fa%3D1%26ifi%3D3%26uci%3Da!3%26btvi%3D2%26xpc%3Dpna5HyYmTY%26p%3Dhttps%253A%2F%2Fc.r74n.com&adsafe_type=be&adsafe_jsinfo=,id:a75ebdc1-c26c-620c-dd72-244c4461b915,c:r9eUJX,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-z72dc,rg:ie,pt:1-2-3-4-5-6-7-8-9-10-11-12-13-14-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tSMQhcx+11%7C12%7C13%7C141*.1474271-71242846%7C1411,idMap:141*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:1,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:21,oid:c9d70dfa-6b94-11ee-90c4-c682f1dd9ee1,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWxn_NXSrgvSrEZsSV2yBhcEkfyTocwmEbvrd9uPNkQjMeaSkc&d=CokBAKAmf-Bu9iQyFnzHliJ05vOpiRj7Z6cZejxafkt4qIxLzLqK7jf2c5VVZ2n2-F2dBQACyX-4ZKAfUWrAE-9HGu77ZbN3loDX_Om59amnsZud7S1OWJpXI2MzKi_frwxLxK_AqczEIq2JuLlD4TBO9lNnlcCgGbQxjZ1kRtbpZRCgduYsIwqRj3cSuRQAoCZ_4CWwFi1eYuMjLbk1j-8Gv1FGxH5D19cHsFFPcQ3pv5MVCRUX6i_sUWSck2JfVLzNxslsce9E4YgFdOmV3uVsNpdEUV2j66bhoH9Gjue3jIgim2vc1mYCqj_jbweR8tncjmigGtyiH0FtOjstVf3IPvGqLQbjtNULgxIdbjLmoD6bTfBCmzEkGnYtocNLckJx1h9PVtpUOlsh3ZmXyF1iGBnvOTw28c2NJvk0JO03lX32fA0q2eNhi5ENSHo1Do2QLTqwH6NrE3tO2bHfP6Mz_PMxKh-ONOPPc0U7LFbtR1Pb-w-tQLCNOL4ZIQuMP4HTWOvoTUtp3SH1lIUldNIIxf0Hl6JtwyG9zuaNSUA8n_y9IAWeEVR9B8swjV7wvugvEPE2yMG9Fk-w5mtAjC1zC_AccxHp46G-F7uEjVr-TfkXvpQzCOafCg-sQeBvW1w6SvDRsxlO1eiZ6YCc80gy7uR-zGq6yWGv1JkPS-Hp52pmDAxf3hEVXiV9hy2RkvkHHvBWLHOifi74f1zNNYRiqeGJfh9_Umm17Xnsh8mrLPhjjuNsZvvgr5CkPMPGUFlOZV0cVyJ-AmBLk7QQaZb6nQ3wwBYLd_tILoruNnLjKl8bvAW08yVAuyP4qenFbY38LwsmszeLd2kBCkJH4lv5SzbdI_C2bsE901HQaXWEMiz-15X5aeRTtkx1dU6VUNH_MmrJiRoVT5VQAtUwQ9ER6RVpnFXkKu9T38-JgU_awpHRAJ2bpywodK41HpYw7FKkx5AjloXYhUiNGFllQ7BpRZWWVAnmr3HlPTPI_B68VPwnmZxrnqjIrdsucgl2q0T5xvrSWqBnSNRdkz2uwhxi0f7ZyuCFzJj5JxkGT-sKiCGrksUFOUq0X7z_bpMeo1ENX4SV2hz8tFqcfGwltudysE_6057YGbSge7TEBtGarhVFPKcDl2RVtPNNcUTYV0U2xfNxme_dmjg8TGXGNJ4JK3Y09DpEDudmO5nQasATGPJkiBQ8GEIJHfxPB3aCk5thhFsobXTfUJAZTUJLKP8P2XzGZ8Yik35HWRTSenEqlqMLd6Tq-Llwmg81lOYyAOTwzwx0Q3Ye-eQ8sePR9HLiBjBSd3vXw_ktCucxLDX9EzZ-zyT1fEGDe3yheo9QyM4a0bA15NJz4sFBr8sVX1M1TL3OwTLktyFpentDY78ekGmD6nP9VK6qPZ8JIxtIqGUay3Mliv40VlHTPpgFtuJj3LIp8yWUg-5YRuiOIUQJmCdkFHpcwBB9aJPiw0RDyorNmBON4GmYMu04c2qYkJzS9YfDqKzNxyktXrC97oBFTQsl9ieToQPr329F8zBhl3_VduhVM9VXO2WSeL1CThWiH_1pg5qbLRbmJXjvtWZzyub5ofgRlwWnIPHvudTIsSwu6i9PKFdvsAZovn01QT4yJErgVdzASt2QRtbLjShArhKNhBH9bzC5laIawnySHy_MabjHEfqsW-WDrZ9MrCHSsQYT9yCo1RcuC5nEGSM6mW_Fph_LaAKy--nWH-i80529mdCEMB1G24gEkXhcNH4L6k-H8hlEa4LSnTxXlanR43G5rvYuMeyOIdGLHruysg5RgEN3w4YAL2r1T6wX-kkvtZKNoGSs4ObKgPbSGAvrjfoF2IjeczAnA3LtQ5rS8cjVFvyd1hngshXj5WmAb4SIcFp1SXvOJb7wOOEUwsCz9a2Dru9wkoBLSXrgDBWjm3_EFaTWIl_kSHRwh5ckFhOh80c--bZuhSldT4YvqEaR-lOaQjS1Yw20FFokBR9wL4vmE9AWY8PcWNU36AR4egQOs20OIMThH6JBlMHqS2pWtI3PtXTypiDPJ18X98N_fTslmjpoWBGU9u291vzv0y1JRGRNF2dnqL-BKmwTMv7Wh4icPiHPoUiEzffKvankzRxP6jpPohREeZWyz9xW8SyBFdowKOiMD3v7EHr4VQfPO5gfvUEqnGhOJUNUXGm31Be6vJu6T6MpMRhohAY75BiIohMhC7nOI8AxcIgLYixC9CdaG7mNfNoC2_hnMD4W4BmvyN3-24V53QrNpJymAZrO0l83tlWyuGO7x5Cz853O3V1Penek3wPmOZe721vGR_0OA4zSXIOlLqXXqCYc99e6UFwZIElp8G3PvD6gYT8x33h5IaPNthdbAVyWf0dufEvIr7V6GcKVLDhYQK6eVe-iVfoE1W7IRVwM4QWk80HTjE24LsR4KEcuMXJEDvMCN8Fyh3I1nDy4Ch78dlbW8e3MqnaCuMDjS2ZW3nWe8kELCtxZQPliXE55Tp2vD3m2C7P_hOBe2fyeLPBYMdvP5e7AJSxmH0G3xEX-MD5oDs1iSpCM2dOCo1lPdde6WLnX6oLxLQOeeFRT5jiomTcD8vlt8JUvvobC5uzB51Pk_hWR4fvHhC6wiZ4zLFJAtAn-8GF3nDLg3MaMQAiaQs39ZBFGQ3YczXPEaMSV6aUbbLr8ck6z9cNhjxFjXABwatZpHiOX5LAQPXzrS_oogxbQg3v17gDcsK-8P5Csu9biRtCABFfcfxWbxCVIcVBgzbs6rmGKwSxReZG-dChdB2-CdFynKtLUe22I8I_bdy4Ly_UyXsrbx2eTmMEzVpceSiBREoLavvrJaG4O6P-DfClYqrv8gDGVi9CIaar9hJ8jPWZvcjggWWGCjOg95cs5OKw0kCmgMmamVkA_PFH3JnGE1xHxd-W5ilrLjq0d02kwL9QTYquJ5mQD9VuHnOwKv4JME3GtEHdjZvn3YpaMuu-8k5-UXi0thJHajXM-h2NBmS-lWJv47Kex4uHXH-bYiUgPgsX5X3daFbSzOCG3JtJP3yjQ9IG8ZABx2Px4efPIGh9yrXNPhaIN7xFcDvtvGmbzrHY0x3SXIJj2dAsNzX4rzfA91Vwu8R-PTA68xSQ-APXnft4AJRNx8-Au-8MKE_Ht_PXDQI1eSWzA25r839ViDB7RriudBimAAaKdm8sw_nw4GAG-QzD2WiLMpZj-sFaYIX_hB9XojZgAbauZ4Zo7gqIZedIQ-FhMh48O2yjosH0QpAYJCf9IWm88TnFMfkWlAyzypumSsenubb4cNVflDgBG299PWWLzoCCrx7nxekDOT-fiUSKmqTxOAmjagy0cM0EZDWSzxTfeqlg2kNGRn1Rw-KfVItg77b_yNtXzBYyW69DbyMeGsrZxHkRSqvayRymGvBuKHeV5uHtWqi0HWwDCh57RRJAvHa9OhskEUTwIWgO4pY1nb4spOgQzjZe7J1QiMVniQU5N1rhJYvmngCc_NPgaZmcdVT58tkhFBpXsGcVLB3nGJxJkpa-z9YuDc173a1PF3PBLX3AW57lYlJm6rqelKPCMo5u8dsHKxrl_tq13l8ym65WQZ_weMVEGUFCwaVHBn83A8c3KZYw3QZCqfzaR1Z1CNkIYPwN5KQirhqNmaez45wnDJOq2jiCv2_adRoYVQmptOVc29rSDBezsQjtsl3rgGlEIBBJLAMgJpo3dtp8xBuWxsEi_zU0e58MpCT7MLoLqTI0vr4lLfHVMZ4_C5fWSpcKWYqCltcJkGDucVZETii460d6XfYBB0_K0xnjESKmFGAFgAQ&bundleId=

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
c.r74n.com/
Redirect Chain
  • http://c.r74n.com/
  • https://c.r74n.com/
20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.r74n.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
637fd845c5425b43c20aff280a2f2b6cc71094292442a4b3b6357aa693b80f13
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
max-age=600
content-encoding
gzip
content-length
5768
content-type
text/html; charset=utf-8
date
Sun, 15 Oct 2023 19:55:26 GMT
etag
W/"64ceffc8-5030"
expires
Sun, 15 Oct 2023 10:45:25 GMT
last-modified
Sun, 06 Aug 2023 02:04:56 GMT
server
GitHub.com
strict-transport-security
max-age=31556952
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-fastly-request-id
a6223acf2e5025c7e015d92389773d622bea2a1f
x-github-request-id
6F22:C3F8:4832A9B:4924B87:652BC06D
x-proxy-cache
MISS
x-served-by
cache-fra-eddf8230056-FRA
x-timer
S1697399726.172215,VS0,VE104

Redirect headers

Accept-Ranges
bytes
Age
2497
Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Sun, 15 Oct 2023 19:55:26 GMT
Location
https://c.r74n.com/
Server
GitHub.com
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
1
X-Fastly-Request-ID
7348b467fcd1a318f3ef07291f85819b05b17a8a
X-GitHub-Request-Id
E8FA:D50A:40F2D1C:41BAA0C:652C39EC
X-Served-By
cache-fra-eddf8230050-FRA
X-Timer
S1697399726.124362,VS0,VE2
stylesheet.css
c.r74n.com/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.r74n.com/stylesheet.css
Requested by
Host: c.r74n.com
URL: https://c.r74n.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
d1619b0f7772b0ff8c31a640685f9359d506e79f419e425622dd75dcc65d517d
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.r74n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-fastly-request-id
739420838a509b960fb24224a61cee3947a86a78
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Sun, 15 Oct 2023 19:55:26 GMT
age
0
x-cache
HIT
x-cache-hits
1
x-proxy-cache
MISS
content-length
2860
x-served-by
cache-fra-eddf8230056-FRA
last-modified
Sun, 06 Aug 2023 02:04:56 GMT
server
GitHub.com
x-github-request-id
C554:10E30:603E20:63191B:6512AC6D
x-timer
S1697399726.301820,VS0,VE87
etag
W/"64ceffc8-272c"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Tue, 26 Sep 2023 10:13:25 GMT
scripts.js
c.r74n.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.r74n.com/scripts.js
Requested by
Host: c.r74n.com
URL: https://c.r74n.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
576a62af94cefeacf653bc38a6dd2798201ddd285c1d34a24819de32b61ac9ba
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.r74n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-fastly-request-id
44c9f03cb53cf50043a1e4045b0a1e5385732022
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Sun, 15 Oct 2023 19:55:26 GMT
age
0
x-cache
HIT
x-cache-hits
1
x-proxy-cache
MISS
content-length
2882
x-served-by
cache-fra-eddf8230056-FRA
last-modified
Sun, 06 Aug 2023 02:04:56 GMT
server
GitHub.com
x-github-request-id
76F0:D4A3:1AD5A2:1BAC01:651220F5
x-timer
S1697399726.302219,VS0,VE97
etag
W/"64ceffc8-1f86"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Tue, 26 Sep 2023 00:18:21 GMT
favicon_smaller_old.png
c.r74n.com/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.r74n.com/favicon_smaller_old.png
Requested by
Host: c.r74n.com
URL: https://c.r74n.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
5f309934f54f89542291af2f89521b95044413c0ada623a8f669126404ca2122
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.r74n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-fastly-request-id
21c156218469149941e42ae8e997ce74188a528a
strict-transport-security
max-age=31556952
date
Sun, 15 Oct 2023 19:55:26 GMT
via
1.1 varnish
x-cache-hits
1
age
0
x-cache
HIT
x-proxy-cache
MISS
content-length
12542
x-served-by
cache-fra-eddf8230056-FRA
last-modified
Sun, 06 Aug 2023 02:04:56 GMT
server
GitHub.com
x-github-request-id
1F44:AD02:1871EB:1987A6:651BB37A
x-timer
S1697399726.302186,VS0,VE111
etag
"64ceffc8-30fe"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Tue, 03 Oct 2023 06:33:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: c.r74n.com
URL: https://c.r74n.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4db55f0678db783d012c675088fdb09d764ae160b9d009ec04f923fa8889cb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.r74n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 19:55:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51491
x-xss-protection
0
server
cafe
etag
15143175557691354393
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 15 Oct 2023 19:55:26 GMT
js
www.googletagmanager.com/gtag/ 		130 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-93720349-8
Requested by
Host: c.r74n.com
URL: https://c.r74n.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c33da50233a6df2428c1d9bf883b19307e2e879475d1dfe286cccdb948a1188e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.r74n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 19:55:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
50827
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 15 Oct 2023 19:55:26 GMT
favicon.svg
r74n.com/icons/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r74n.com/icons/favicon.svg
Requested by
Host: c.r74n.com
URL: https://c.r74n.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
676625bb3eba6bc41f414c1bb987eb6d2b0f0cb6230bd98d2a104fd4beaf678b
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.r74n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-fastly-request-id
77aff2573e06ce07fdd6df1a739d5c91a1bdaa3c
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Sun, 15 Oct 2023 19:55:26 GMT
age
0
x-cache
HIT
x-cache-hits
1
x-proxy-cache
MISS
content-length
1059
x-served-by
cache-fra-eddf8230074-FRA
last-modified
Fri, 13 Oct 2023 22:45:22 GMT
server
GitHub.com
x-github-request-id
1AE6:A667:2409A74:2479C99:6529CD66
x-timer
S1697399726.355443,VS0,VE108
etag
W/"6529c882-ab3"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
expires
Fri, 13 Oct 2023 23:16:14 GMT
truncated
/ 		350 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
100c39b497208c6fd87755492545d873da333d4556f6d7177b2ea8c9bcae2c66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		350 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c541693595bb34420337e46d51f6558ffc9504dba45d8731fad10a6bd26b787

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/svg+xml
js
www.googletagmanager.com/gtag/ 		257 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G4E4Q8F375&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-93720349-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
41b96cc29a7d2f670852799b5aceeb1a348dd6d545559f6719059e8df162e3ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.r74n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 19:55:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89147
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 15 Oct 2023 19:55:26 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-93720349-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.r74n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 15 Oct 2023 19:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
344
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 15 Oct 2023 21:49:42 GMT
collect
www.google-analytics.com/j/ 		1 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1744649082&t=pageview&_s=1&dl=https%3A%2F%2Fc.r74n.com%2F&ul=en-us&de=UTF-8&dt=Copy%20Paste%20Dump&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=510936657&gjid=1895738898&cid=27131134.1697399727&tid=UA-93720349-8&_gid=1539764749.1697399727&_r=1&gtm=457e3ab0&jsscut=1&z=1685481973
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://c.r74n.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://c.r74n.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
241 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-G4E4Q8F375&gtm=45je3ab0&_p=1744649082&cid=27131134.1697399727&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1697399726&sct=1&seg=0&dl=https%3A%2F%2Fc.r74n.com%2F&dt=Copy%20Paste%20Dump&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G4E4Q8F375&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.r74n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://c.r74n.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/ 		393 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8485284630785740&plah=c.r74n.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dd266123df3cd8891779d83af9a4f32dbbe5b22e27605a25d89b62d216f673b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.r74n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 19:55:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136618
x-xss-protection
0
server
cafe
etag
3225412232544902402
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 15 Oct 2023 19:55:26 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame E763 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c.r74n.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
25151
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 Oct 2023 12:56:15 GMT
etag
2603938475786422795
expires
Sun, 29 Oct 2023 12:56:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		383 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=c.r74n.com&callback=_gfp_s_&client=ca-pub-8485284630785740
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8485284630785740&plah=c.r74n.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d68af210ed13bd3f53d639a8068ca96515d132aa93dc61c2a5c5f213f8228df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.r74n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 19:55:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
245
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E2F2 		52 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8485284630785740&output=html&adk=1812271804&adf=3025194257&lmt=1691280296&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fc.r74n.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697399726594&bpp=3&bdt=305&idt=224&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4539263373505&frm=20&pv=2&ga_vid=27131134.1697399727&ga_sid=1697399727&ga_hid=1744649082&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078600%2C31078658%2C31078702%2C44805098%2C44805112%2C44805336%2C31078297&oid=2&pvsid=1862137639710744&tmod=291866489&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=260
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8485284630785740&plah=c.r74n.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6f0cab761502ca7b1a5d3be10e05cff2eec9667139e751a6b206099c9cb5941
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c.r74n.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
17749
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 Oct 2023 19:55:27 GMT
expires
Sun, 15 Oct 2023 19:55:27 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D883 		436 B
432 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8485284630785740&output=html&h=280&slotname=5555682735&adk=1080178280&adf=1839787983&pi=t.ma~as.5555682735&w=788&fwrn=4&fwrnh=100&lmt=1691280296&rafmt=1&format=788x280&url=https%3A%2F%2Fc.r74n.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697399726597&bpp=2&bdt=308&idt=265&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4539263373505&frm=20&pv=1&ga_vid=27131134.1697399727&ga_sid=1697399727&ga_hid=1744649082&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=3019&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C31078600%2C31078658%2C31078702%2C44805098%2C44805112%2C44805336%2C31078297&oid=2&pvsid=1862137639710744&tmod=291866489&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=ThK4wegfuU&p=https%3A//c.r74n.com&dtd=269
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8485284630785740&plah=c.r74n.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5384d274c9207173284f1bbbee4b0a370a29c639636feb4cf8e93f70d525c364
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c.r74n.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 Oct 2023 19:55:27 GMT
expires
Sun, 15 Oct 2023 19:55:27 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/ 		157 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8485284630785740&plah=c.r74n.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15af2af4b79e0a55d6c15b7d7db7c2724885237310d7dee1ec4ddb149a1b01af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.r74n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 19:55:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54685
x-xss-protection
0
server
cafe
etag
6730273709399293562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 15 Oct 2023 19:55:27 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame B2D8 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8485284630785740&plah=c.r74n.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c.r74n.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
34118
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 Oct 2023 10:26:49 GMT
etag
2603938475786422795
expires
Sun, 29 Oct 2023 10:26:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame EE36 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiriqrpATAB&v=APEucNWj5DA-HXMB1wysry1-W6EaCoYkLgNUkzUi5uwYnLdi-qbPaRvMi_Kc19lOweKZfJalddjbsLoavGyptAsfeQs0R_6cukqzRcke_6ZLsK-ZzQ0_BT6kJHO4g66dUOcJrKX58_MGdB1RW5GT_qolKOCX65ic8yn73bKjxkLuAe0my9728Jc
Requested by
Host: c.r74n.com
URL: https://c.r74n.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 15 Oct 2023 19:55:27 GMT
expires
Sun, 15 Oct 2023 19:55:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame FE46 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: c.r74n.com
URL: https://c.r74n.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 19:55:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 15 Oct 2023 19:55:28 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1474271/71242846/xbbe/creative/ Frame FE46 		257 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1474271/71242846/xbbe/creative/adj?p=APEucNWxn_NXSrgvSrEZsSV2yBhcEkfyTocwmEbvrd9uPNkQjMeaSkc&d=CokBAKAmf-Bu9iQyFnzHliJ05vOpiRj7Z6cZejxafkt4qIxLzLqK7jf2c5VVZ2n2-F2dBQACyX-4ZKAfUWrAE-9HGu77ZbN3loDX_Om59amnsZud7S1OWJpXI2MzKi_frwxLxK_AqczEIq2JuLlD4TBO9lNnlcCgGbQxjZ1kRtbpZRCgduYsIwqRj3cSuRQAoCZ_4CWwFi1eYuMjLbk1j-8Gv1FGxH5D19cHsFFPcQ3pv5MVCRUX6i_sUWSck2JfVLzNxslsce9E4YgFdOmV3uVsNpdEUV2j66bhoH9Gjue3jIgim2vc1mYCqj_jbweR8tncjmigGtyiH0FtOjstVf3IPvGqLQbjtNULgxIdbjLmoD6bTfBCmzEkGnYtocNLckJx1h9PVtpUOlsh3ZmXyF1iGBnvOTw28c2NJvk0JO03lX32fA0q2eNhi5ENSHo1Do2QLTqwH6NrE3tO2bHfP6Mz_PMxKh-ONOPPc0U7LFbtR1Pb-w-tQLCNOL4ZIQuMP4HTWOvoTUtp3SH1lIUldNIIxf0Hl6JtwyG9zuaNSUA8n_y9IAWeEVR9B8swjV7wvugvEPE2yMG9Fk-w5mtAjC1zC_AccxHp46G-F7uEjVr-TfkXvpQzCOafCg-sQeBvW1w6SvDRsxlO1eiZ6YCc80gy7uR-zGq6yWGv1JkPS-Hp52pmDAxf3hEVXiV9hy2RkvkHHvBWLHOifi74f1zNNYRiqeGJfh9_Umm17Xnsh8mrLPhjjuNsZvvgr5CkPMPGUFlOZV0cVyJ-AmBLk7QQaZb6nQ3wwBYLd_tILoruNnLjKl8bvAW08yVAuyP4qenFbY38LwsmszeLd2kBCkJH4lv5SzbdI_C2bsE901HQaXWEMiz-15X5aeRTtkx1dU6VUNH_MmrJiRoVT5VQAtUwQ9ER6RVpnFXkKu9T38-JgU_awpHRAJ2bpywodK41HpYw7FKkx5AjloXYhUiNGFllQ7BpRZWWVAnmr3HlPTPI_B68VPwnmZxrnqjIrdsucgl2q0T5xvrSWqBnSNRdkz2uwhxi0f7ZyuCFzJj5JxkGT-sKiCGrksUFOUq0X7z_bpMeo1ENX4SV2hz8tFqcfGwltudysE_6057YGbSge7TEBtGarhVFPKcDl2RVtPNNcUTYV0U2xfNxme_dmjg8TGXGNJ4JK3Y09DpEDudmO5nQasATGPJkiBQ8GEIJHfxPB3aCk5thhFsobXTfUJAZTUJLKP8P2XzGZ8Yik35HWRTSenEqlqMLd6Tq-Llwmg81lOYyAOTwzwx0Q3Ye-eQ8sePR9HLiBjBSd3vXw_ktCucxLDX9EzZ-zyT1fEGDe3yheo9QyM4a0bA15NJz4sFBr8sVX1M1TL3OwTLktyFpentDY78ekGmD6nP9VK6qPZ8JIxtIqGUay3Mliv40VlHTPpgFtuJj3LIp8yWUg-5YRuiOIUQJmCdkFHpcwBB9aJPiw0RDyorNmBON4GmYMu04c2qYkJzS9YfDqKzNxyktXrC97oBFTQsl9ieToQPr329F8zBhl3_VduhVM9VXO2WSeL1CThWiH_1pg5qbLRbmJXjvtWZzyub5ofgRlwWnIPHvudTIsSwu6i9PKFdvsAZovn01QT4yJErgVdzASt2QRtbLjShArhKNhBH9bzC5laIawnySHy_MabjHEfqsW-WDrZ9MrCHSsQYT9yCo1RcuC5nEGSM6mW_Fph_LaAKy--nWH-i80529mdCEMB1G24gEkXhcNH4L6k-H8hlEa4LSnTxXlanR43G5rvYuMeyOIdGLHruysg5RgEN3w4YAL2r1T6wX-kkvtZKNoGSs4ObKgPbSGAvrjfoF2IjeczAnA3LtQ5rS8cjVFvyd1hngshXj5WmAb4SIcFp1SXvOJb7wOOEUwsCz9a2Dru9wkoBLSXrgDBWjm3_EFaTWIl_kSHRwh5ckFhOh80c--bZuhSldT4YvqEaR-lOaQjS1Yw20FFokBR9wL4vmE9AWY8PcWNU36AR4egQOs20OIMThH6JBlMHqS2pWtI3PtXTypiDPJ18X98N_fTslmjpoWBGU9u291vzv0y1JRGRNF2dnqL-BKmwTMv7Wh4icPiHPoUiEzffKvankzRxP6jpPohREeZWyz9xW8SyBFdowKOiMD3v7EHr4VQfPO5gfvUEqnGhOJUNUXGm31Be6vJu6T6MpMRhohAY75BiIohMhC7nOI8AxcIgLYixC9CdaG7mNfNoC2_hnMD4W4BmvyN3-24V53QrNpJymAZrO0l83tlWyuGO7x5Cz853O3V1Penek3wPmOZe721vGR_0OA4zSXIOlLqXXqCYc99e6UFwZIElp8G3PvD6gYT8x33h5IaPNthdbAVyWf0dufEvIr7V6GcKVLDhYQK6eVe-iVfoE1W7IRVwM4QWk80HTjE24LsR4KEcuMXJEDvMCN8Fyh3I1nDy4Ch78dlbW8e3MqnaCuMDjS2ZW3nWe8kELCtxZQPliXE55Tp2vD3m2C7P_hOBe2fyeLPBYMdvP5e7AJSxmH0G3xEX-MD5oDs1iSpCM2dOCo1lPdde6WLnX6oLxLQOeeFRT5jiomTcD8vlt8JUvvobC5uzB51Pk_hWR4fvHhC6wiZ4zLFJAtAn-8GF3nDLg3MaMQAiaQs39ZBFGQ3YczXPEaMSV6aUbbLr8ck6z9cNhjxFjXABwatZpHiOX5LAQPXzrS_oogxbQg3v17gDcsK-8P5Csu9biRtCABFfcfxWbxCVIcVBgzbs6rmGKwSxReZG-dChdB2-CdFynKtLUe22I8I_bdy4Ly_UyXsrbx2eTmMEzVpceSiBREoLavvrJaG4O6P-DfClYqrv8gDGVi9CIaar9hJ8jPWZvcjggWWGCjOg95cs5OKw0kCmgMmamVkA_PFH3JnGE1xHxd-W5ilrLjq0d02kwL9QTYquJ5mQD9VuHnOwKv4JME3GtEHdjZvn3YpaMuu-8k5-UXi0thJHajXM-h2NBmS-lWJv47Kex4uHXH-bYiUgPgsX5X3daFbSzOCG3JtJP3yjQ9IG8ZABx2Px4efPIGh9yrXNPhaIN7xFcDvtvGmbzrHY0x3SXIJj2dAsNzX4rzfA91Vwu8R-PTA68xSQ-APXnft4AJRNx8-Au-8MKE_Ht_PXDQI1eSWzA25r839ViDB7RriudBimAAaKdm8sw_nw4GAG-QzD2WiLMpZj-sFaYIX_hB9XojZgAbauZ4Zo7gqIZedIQ-FhMh48O2yjosH0QpAYJCf9IWm88TnFMfkWlAyzypumSsenubb4cNVflDgBG299PWWLzoCCrx7nxekDOT-fiUSKmqTxOAmjagy0cM0EZDWSzxTfeqlg2kNGRn1Rw-KfVItg77b_yNtXzBYyW69DbyMeGsrZxHkRSqvayRymGvBuKHeV5uHtWqi0HWwDCh57RRJAvHa9OhskEUTwIWgO4pY1nb4spOgQzjZe7J1QiMVniQU5N1rhJYvmngCc_NPgaZmcdVT58tkhFBpXsGcVLB3nGJxJkpa-z9YuDc173a1PF3PBLX3AW57lYlJm6rqelKPCMo5u8dsHKxrl_tq13l8ym65WQZ_weMVEGUFCwaVHBn83A8c3KZYw3QZCqfzaR1Z1CNkIYPwN5KQirhqNmaez45wnDJOq2jiCv2_adRoYVQmptOVc29rSDBezsQjtsl3rgGlEIBBJLAMgJpo3dtp8xBuWxsEi_zU0e58MpCT7MLoLqTI0vr4lLfHVMZ4_C5fWSpcKWYqCltcJkGDucVZETii460d6XfYBB0_K0xnjESKmFGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1012200182&ias_pubId=pub-8485284630785740&ias_chanId=1&ias_placementId=20118583893&bidurl=https://c.r74n.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jiD8J8nlo3bDxpWGOfvBZJ
Requested by
Host: c.r74n.com
URL: https://c.r74n.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.213.214 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-213-214.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f9ed7de37bfe58b63fe3b443a8933dc99f63d13e69845f90cf5cc8b37bc51ede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:28 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame FE46 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js
Requested by
Host: c.r74n.com
URL: https://c.r74n.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 14 Oct 2023 19:59:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
86141
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 28 Oct 2023 19:59:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame FE46 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c.r74n.com
URL: https://c.r74n.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 13:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
22758
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8339
x-xss-protection
0
server
cafe
etag
16954770952846736976
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Oct 2023 13:36:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FE46 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c.r74n.com
URL: https://c.r74n.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 19:55:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60003
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1697024009209687"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Oct 2023 19:55:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FE46 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CPjh_oD8UdxlzEUmnwI2l8MPP30jZInP_xVAXehhlPnMcdhWHQVX4L6EGx0qDdCus_ZuK7TkoM-QHf_-aX2iJCXb_lEFWgxt-jaMEdrFi7FgSu2DY
Requested by
Host: c.r74n.com
URL: https://c.r74n.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FE46 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7772492457612648738&x=1&ct=76
Requested by
Host: c.r74n.com
URL: https://c.r74n.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame EE36
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHM2hxiQ7GEXTBGxibKxA08&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHM2hxiQ7GEXTBGxibKxA08&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHM2hxiQ7GEXTBGxibKxA08&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiriqrpATAB&v=APEucNWj5DA-HXMB1wysry1-W6EaCoYkLgNUkzUi5uwYnLdi-qbPaRvMi_Kc19lOweKZfJalddjbsLoavGyptAsfeQs0R_6cukqzRcke_6ZLsK-ZzQ0_BT6kJHO4g66dUOcJrKX58_MGdB1RW5GT_qolKOCX65ic8yn73bKjxkLuAe0my9728Jc
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtAsma%2FfxK6ZXfob1DNeGN9zTRxd4NiGUOayjopY%2Fm1N9ctRnBESJHQ%2FjCmb0bcaefqvbdmRrsIoWnSQ7MYMGWL79cKV11JNbBAQ8lySZH64KDRL83QlEGd012lr6iRcJnBts2Svd9IO2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
816a9eac9a3f9183-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mgIBB4Hl0e60hEiCFG5alQzOyTlKM%2FHRRzK3txQOrlczbkwTfkDQuI9Sc3MvdQJbNEwfLyVZqywsPv8IyOfH%2F2XR9Hz2Qa7PjVeruMh2QcACompga%2Fc8YsJ9sOJThmPAm1q1lsLEdyZpnA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEHM2hxiQ7GEXTBGxibKxA08&google_cver=1&C=1
cache-control
no-cache
cf-ray
816a9eac6d343602-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame EE36
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSxDsPtpmOaMa257QcPs1QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHM2hxiQ7GEXTBGxibKxA08&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHM2hxiQ7GEXTBGxibKxA08&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiriqrpATAB&v=APEucNWj5DA-HXMB1wysry1-W6EaCoYkLgNUkzUi5uwYnLdi-qbPaRvMi_Kc19lOweKZfJalddjbsLoavGyptAsfeQs0R_6cukqzRcke_6ZLsK-ZzQ0_BT6kJHO4g66dUOcJrKX58_MGdB1RW5GT_qolKOCX65ic8yn73bKjxkLuAe0my9728Jc
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gkdob7bpLCWJnsnifzGFQfDH%2FjosYJQnOZbkB2rg8zzy03OAmhVDiRC80Pi9XdNBYzjWacb%2FFAVfzCTNbqFrVhswIikKlFhf9IkNUKIb6BzFLTgAoNNGqVRLq11VM03qAp8S%2Ffix6jo58w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
816a9eacba5a9183-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHM2hxiQ7GEXTBGxibKxA08&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame EE36
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENcuuQlEmIlW0u9VimRGjes&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENcuuQlEmIlW0u9VimRGjes%26google_cver%3D1
43 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENcuuQlEmIlW0u9VimRGjes%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiriqrpATAB&v=APEucNWj5DA-HXMB1wysry1-W6EaCoYkLgNUkzUi5uwYnLdi-qbPaRvMi_Kc19lOweKZfJalddjbsLoavGyptAsfeQs0R_6cukqzRcke_6ZLsK-ZzQ0_BT6kJHO4g66dUOcJrKX58_MGdB1RW5GT_qolKOCX65ic8yn73bKjxkLuAe0my9728Jc
Protocol
H2
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:28 GMT
an-x-request-uuid
e0001235-9b4e-4e72-a9fc-073f3e962a58
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.77; 45.141.152.77; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:28 GMT
an-x-request-uuid
480e5389-fcbb-4e62-a866-ba512cd4c2f9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESENcuuQlEmIlW0u9VimRGjes%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.77; 45.141.152.77; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EE36
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkwNjU3Njk5NTY2NDY5NzU2NQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkwNjU3Njk5NTY2NDY5NzU2NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiriqrpATAB&v=APEucNWj5DA-HXMB1wysry1-W6EaCoYkLgNUkzUi5uwYnLdi-qbPaRvMi_Kc19lOweKZfJalddjbsLoavGyptAsfeQs0R_6cukqzRcke_6ZLsK-ZzQ0_BT6kJHO4g66dUOcJrKX58_MGdB1RW5GT_qolKOCX65ic8yn73bKjxkLuAe0my9728Jc
Protocol
H2
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:28 GMT
an-x-request-uuid
9f7f5cb1-1129-475a-9cfe-aa24066f569e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkwNjU3Njk5NTY2NDY5NzU2NQ%3D%3D
x-proxy-origin
45.141.152.77; 45.141.152.77; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FE46 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2177772814054&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FE46 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2177772814054&version=m202309260101&ct=76&x=1&cor=7772492457612648000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame FE46 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cy8nPmOl32CSpqKqc35eIwqg0SKTq8hv3OTbzmDYlQWysUQoVf83GL2j_PxybyQNlMdfaiGCN5SAUiN-igw88Q5a3YUN5CEPT5jipfGzPwzU6LEWI4wBAjDO6Xb9gKkPAE4MHikey4hNMbSZjWXZARYFgsQTq331n5To5psOmweNLItI4&cry=1&dbm_d=AKAmf-Bf340Z1Z8TICSzx0Ikg8Vo1cs7220kl-MliDay_HZC1xuAWsm5nVH62mF1Q10rB39T8hkcwxeCtmf2BEUPlcjUaF81su80FJVm7Ic9rkRixW3skHGARBFbsW3VrGgVQOYJRQpx3_jOo-xls1YmjtzA_azTbnPL9BfPVwEk3gWVpGw2trWHowBeS-Mc8hbjeu8vPBQUhg3zeBeOq_6zYDrf8QZtJ-R5ZL6DSPSfgzIr44s_wx11sZTnLsSje-95Pp6qalZNfj4CUJAv0nQM67LN3uyKz9nUvKw-1HjEiCikU-r3Qy0TmHmOmgcvscGKkqWNiPhj06UruaC-S72GXPPHxDxqj9u3iyYN4a1T5SkV0zjB1XVe4KZIdAvxy3f1Wm9Pi2hEd0snDgsSLYoBs4zuI1SlczPDIjbEpaP8i0g6Jqf2RHcLF8pJIpTFwbSCmi02SglU3_cH27y4ok0l0q9_rJV74M8H0kr8f19LPNh8S8gBlqkkfWVjR4XwfkQq385OZnIOEQ5AvK3SLVzQqKVT_ucQlesUniuLYz7tKjaFydRwrbT2NqWN4tuPdHmay8DoVHRXiE8LkMrZSAPRHI6x8V-XfqKbNzFIlv8JpU5rub27krgwU6Uzlz5oAzdc9LHLb0qrABD_c9Gs5ufCS_tybqtWpxFwN6KfoAnYEL0qghGq3E9lr4McHtH5Yaa-Uyb2uZ17AoTvvsnExulTiU2PQAuFbTyWdDs8znl1GM_90UvZi7e6Uy2RxJtDP_Djq6MxdFB1ZhoPK_3rZ6i24bLuk6r66njRAXm2cmPqankqljQ8XDQrmQfD3CphsKc_oRjbiwjlJA7TKq4eRs-dXpr4LllhcSVFLr8hNTxCYHp1KwS8QywSz9MMYa2kxryVYftZmwSSxvL93pknE9L_pPSRWsvb0dcg-IGGNqSiTFsBuHEQtCaL8oKYREoSaM5NsLotmbdsowNYeXWbL3KAVhzUV7Z4ylq4LT5H4L722O5hcfuFKAEMvEIW_KSQQ4qVYGR8EvBfnNaotsDNBijlPrfQVP9UvbnaGQ4CudsYztq-YnpES03l4JFfQEdTkI0WloWPh_fYmy4NCo3NyXpmhCcR2-0weRaxBUvEmaA36fFQ-Ws7q6GwTw5a__5LWU9omsjFujkwL_Q71bhDb0lmGvJWYAFhkbHG67pS896-4EXimgYwLy6cTM_2FszedPM_AlKD3aBv0XEoAFitLl3qSiPPoK365pq50NVUPG0VvRLcQBPYEm2qr8IkrE4NYSmq8Veq5NIGvU6TPZrSX-NBV2yJFXNVHWRHSR_qnz2IAvfo8VjsleGTEuZ8PS_Ssl8n1AKzlXfZoLYSIlENnxczSpVOTicLrrfGkBPylJ0aLCz-SXUAjEUm1_96bKxUVy9x97bhcTmkNNfQ4SFCgw3J06zZQa1edAlK9BmEpiOnJVK1sNBwPhByuRUXInViMZklIxdxguy_DpN_QiYmChwTKgOVEPKCO1TIcmJbzOvh3-nOrun0nIu2wxw9sDKp_syvgvwzzquSgM6v-gLE6pqFjYZBXE_bshMDEiRqyInVffxEEmSZKguGbuituvABoyUmA1onbZbtLtsFaoiMNVjemRokhXcL3XjvSQ_x9i_OtxOn8wuvBC4MPxgli_MXlyf22_4_xskEVWVvfZ77ZcDGkFzhzfc0UDs7NB-DYNaQIsDZewIDna4biLj9vMFcY3D99-uZm4I6xWl7Jv9sbt12z-KEEkSLB9WZw-EDR8YlnJiieHAtpOvqkEGkDGaEXSnl7wsqUTZeN2jNFHLNf9KySbtQLHoE5ML-UmOiC-10aueORA2slfAEXmjb64q5yBeEyDYanypUXco26yJolmkV5vxXTYDWuL0Mw-qs2wLvR3wi2MwUlqYwopRi0KkCgjNdi-iKPt3XcaIyYGBsycX26um-Q2JVhAqZKZnUgoGn_ao0zUsk_XZ6x1n3hD7B-YTmSM-ZqqVWk91-rkuhLgG0i7bG8QaXDBHpo2uQVh0l7JbtwxIxpNa07rq949JyB_MSqnWfjScd_LXKUi9GF0YfBhHEcYZtP1hICUy1T1CfS79GAkaYuLe0oZHYu9SappiWdaPYZ-LzYdDWddZ__8G2y8wRXyDb3iPd2FwTQ-oumS75aExQ5YH196LoFG0ROIJd-_w5G-RDQKxGUQZZQm9hbReSKFiiAw9U85gvP2I0S-JWbCylBW0dAsJ89fucYUMghacicvT8mFYcosMYF8Fv6L9JoLL8b43y7KlK-v5n7DOlVa-5yxcgcaFDvtLO5Ai6wBkM5V9IiDg2NAFzt0iyLui4O-5lMtt22hE55sTTTnqkuWEwdPPE99jhJTvKwuEvA_8AdTstf6MXFSTVU_ZKi8N9k1PJMp4bOUltP9hkZBnlmJ-gFGwQ2krBwAWVDrZsQMHAGXuBXKNgYEXJENnryGDWpasubQQVpp5I7695e8HBLbPOmtZq3CH3_sCh5QflNQ4mXxd-u6AgPowpUNvvZDvSf1NT4iJh1MRrILRF6WmUFLl5J8EloVvoajhnjqruhHmzW__OoZh8Eb1A0PPzwjXHK2NiHDvo0mPwA4UttIqKiZgV3rzTf-0ZTsmZQea-HR6CL2AqwDVVsOEmNZHj1JqBOhdn_YNNk_wVqo_NuRXfaQXQX6H3wD2so4iBFCUf4HqTmgfdCyeQa2c5FZ6TLXUD5zOGvpPqSXAOK6lMp5CqVo6Zx1bYoLJxl21w9q4J_cj_sYIcRG1zFIq20tBQN3pbWabMaFIZDjEuNFQNOaY6gzvKI1V2CJif214Zp3Tm-lAVW4cmIE5C4iWfEWhakiahtCnvLqVXP5MI7r0kTHDXnltVbe-ozrXiUaRaHnw6TtZEH-H89VqEurhgMoJRuNyDLyC5_gjvNbJ2qawM_DWBZh8jJno6h_2gugWSSVbLJablAGpmpklMDTTvwUSn9WAqkrnDwycuWR2_cU_OjoOflaJJmnpetthYHsInX5pFyt3sfA1I&cid=CAQSSwDICaaN3bafMQblsbBIv81NHufDKQk-zC6C6kyNL6-JS3x1TGePwuX1kqXClmKgpbXCZBg7nFWRE4ouOtHel32AQdPytMZ4xEiphRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fc.r74n.com%2F&ds=l&xdt=1&iif=1&cor=7772492457612648000&adk=497053795&idt=78&cac=0&dtd=13
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16bdcb36957103b8bfc2c7c529081278ad0aa36cdb1e6d2cd9b2533cf55d8742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12162
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame FE46 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cy8nPmOl32CSpqKqc35eIwqg0SKTq8hv3OTbzmDYlQWysUQoVf83GL2j_PxybyQNlMdfaiGCN5SAUiN-igw88Q5a3YUN5CEPT5jipfGzPwzU6LEWI4wBAjDO6Xb9gKkPAE4MHikey4hNMbSZjWXZARYFgsQTq331n5To5psOmweNLItI4&cry=1&dbm_d=AKAmf-Bf340Z1Z8TICSzx0Ikg8Vo1cs7220kl-MliDay_HZC1xuAWsm5nVH62mF1Q10rB39T8hkcwxeCtmf2BEUPlcjUaF81su80FJVm7Ic9rkRixW3skHGARBFbsW3VrGgVQOYJRQpx3_jOo-xls1YmjtzA_azTbnPL9BfPVwEk3gWVpGw2trWHowBeS-Mc8hbjeu8vPBQUhg3zeBeOq_6zYDrf8QZtJ-R5ZL6DSPSfgzIr44s_wx11sZTnLsSje-95Pp6qalZNfj4CUJAv0nQM67LN3uyKz9nUvKw-1HjEiCikU-r3Qy0TmHmOmgcvscGKkqWNiPhj06UruaC-S72GXPPHxDxqj9u3iyYN4a1T5SkV0zjB1XVe4KZIdAvxy3f1Wm9Pi2hEd0snDgsSLYoBs4zuI1SlczPDIjbEpaP8i0g6Jqf2RHcLF8pJIpTFwbSCmi02SglU3_cH27y4ok0l0q9_rJV74M8H0kr8f19LPNh8S8gBlqkkfWVjR4XwfkQq385OZnIOEQ5AvK3SLVzQqKVT_ucQlesUniuLYz7tKjaFydRwrbT2NqWN4tuPdHmay8DoVHRXiE8LkMrZSAPRHI6x8V-XfqKbNzFIlv8JpU5rub27krgwU6Uzlz5oAzdc9LHLb0qrABD_c9Gs5ufCS_tybqtWpxFwN6KfoAnYEL0qghGq3E9lr4McHtH5Yaa-Uyb2uZ17AoTvvsnExulTiU2PQAuFbTyWdDs8znl1GM_90UvZi7e6Uy2RxJtDP_Djq6MxdFB1ZhoPK_3rZ6i24bLuk6r66njRAXm2cmPqankqljQ8XDQrmQfD3CphsKc_oRjbiwjlJA7TKq4eRs-dXpr4LllhcSVFLr8hNTxCYHp1KwS8QywSz9MMYa2kxryVYftZmwSSxvL93pknE9L_pPSRWsvb0dcg-IGGNqSiTFsBuHEQtCaL8oKYREoSaM5NsLotmbdsowNYeXWbL3KAVhzUV7Z4ylq4LT5H4L722O5hcfuFKAEMvEIW_KSQQ4qVYGR8EvBfnNaotsDNBijlPrfQVP9UvbnaGQ4CudsYztq-YnpES03l4JFfQEdTkI0WloWPh_fYmy4NCo3NyXpmhCcR2-0weRaxBUvEmaA36fFQ-Ws7q6GwTw5a__5LWU9omsjFujkwL_Q71bhDb0lmGvJWYAFhkbHG67pS896-4EXimgYwLy6cTM_2FszedPM_AlKD3aBv0XEoAFitLl3qSiPPoK365pq50NVUPG0VvRLcQBPYEm2qr8IkrE4NYSmq8Veq5NIGvU6TPZrSX-NBV2yJFXNVHWRHSR_qnz2IAvfo8VjsleGTEuZ8PS_Ssl8n1AKzlXfZoLYSIlENnxczSpVOTicLrrfGkBPylJ0aLCz-SXUAjEUm1_96bKxUVy9x97bhcTmkNNfQ4SFCgw3J06zZQa1edAlK9BmEpiOnJVK1sNBwPhByuRUXInViMZklIxdxguy_DpN_QiYmChwTKgOVEPKCO1TIcmJbzOvh3-nOrun0nIu2wxw9sDKp_syvgvwzzquSgM6v-gLE6pqFjYZBXE_bshMDEiRqyInVffxEEmSZKguGbuituvABoyUmA1onbZbtLtsFaoiMNVjemRokhXcL3XjvSQ_x9i_OtxOn8wuvBC4MPxgli_MXlyf22_4_xskEVWVvfZ77ZcDGkFzhzfc0UDs7NB-DYNaQIsDZewIDna4biLj9vMFcY3D99-uZm4I6xWl7Jv9sbt12z-KEEkSLB9WZw-EDR8YlnJiieHAtpOvqkEGkDGaEXSnl7wsqUTZeN2jNFHLNf9KySbtQLHoE5ML-UmOiC-10aueORA2slfAEXmjb64q5yBeEyDYanypUXco26yJolmkV5vxXTYDWuL0Mw-qs2wLvR3wi2MwUlqYwopRi0KkCgjNdi-iKPt3XcaIyYGBsycX26um-Q2JVhAqZKZnUgoGn_ao0zUsk_XZ6x1n3hD7B-YTmSM-ZqqVWk91-rkuhLgG0i7bG8QaXDBHpo2uQVh0l7JbtwxIxpNa07rq949JyB_MSqnWfjScd_LXKUi9GF0YfBhHEcYZtP1hICUy1T1CfS79GAkaYuLe0oZHYu9SappiWdaPYZ-LzYdDWddZ__8G2y8wRXyDb3iPd2FwTQ-oumS75aExQ5YH196LoFG0ROIJd-_w5G-RDQKxGUQZZQm9hbReSKFiiAw9U85gvP2I0S-JWbCylBW0dAsJ89fucYUMghacicvT8mFYcosMYF8Fv6L9JoLL8b43y7KlK-v5n7DOlVa-5yxcgcaFDvtLO5Ai6wBkM5V9IiDg2NAFzt0iyLui4O-5lMtt22hE55sTTTnqkuWEwdPPE99jhJTvKwuEvA_8AdTstf6MXFSTVU_ZKi8N9k1PJMp4bOUltP9hkZBnlmJ-gFGwQ2krBwAWVDrZsQMHAGXuBXKNgYEXJENnryGDWpasubQQVpp5I7695e8HBLbPOmtZq3CH3_sCh5QflNQ4mXxd-u6AgPowpUNvvZDvSf1NT4iJh1MRrILRF6WmUFLl5J8EloVvoajhnjqruhHmzW__OoZh8Eb1A0PPzwjXHK2NiHDvo0mPwA4UttIqKiZgV3rzTf-0ZTsmZQea-HR6CL2AqwDVVsOEmNZHj1JqBOhdn_YNNk_wVqo_NuRXfaQXQX6H3wD2so4iBFCUf4HqTmgfdCyeQa2c5FZ6TLXUD5zOGvpPqSXAOK6lMp5CqVo6Zx1bYoLJxl21w9q4J_cj_sYIcRG1zFIq20tBQN3pbWabMaFIZDjEuNFQNOaY6gzvKI1V2CJif214Zp3Tm-lAVW4cmIE5C4iWfEWhakiahtCnvLqVXP5MI7r0kTHDXnltVbe-ozrXiUaRaHnw6TtZEH-H89VqEurhgMoJRuNyDLyC5_gjvNbJ2qawM_DWBZh8jJno6h_2gugWSSVbLJablAGpmpklMDTTvwUSn9WAqkrnDwycuWR2_cU_OjoOflaJJmnpetthYHsInX5pFyt3sfA1I&cid=CAQSSwDICaaN3bafMQblsbBIv81NHufDKQk-zC6C6kyNL6-JS3x1TGePwuX1kqXClmKgpbXCZBg7nFWRE4ouOtHel32AQdPytMZ4xEiphRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fc.r74n.com%2F&ds=l&xdt=1&iif=1&cor=7772492457612648000&adk=497053795&idt=78&cac=0&dtd=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 23:39:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
332176
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Oct 2024 23:39:12 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame FE46
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1474271/71242846/xbbe/creative/adj?p=APEucNWxn_NXSrgvSrEZsSV2yBhcEkfyTocwmEbvrd9uPNkQjMeaSkc&d=CokBAKAmf-Bu9iQyFnzHliJ05vOpiRj7Z6cZejxafkt4qIxLzLqK7jf2c5VVZ2n...
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWxn_NXSrgvSrEZsSV2yBhcEkfyTocwmEbvrd9uPNkQjMeaSkc&d=CokBAKAmf-Bu9iQyFnzHliJ05vOpiRj7Z6cZejxafkt4qIxLzLqK7jf2c5VVZ2n2-F2dBQACyX-4ZKAfUWrAE-9HG...
72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWxn_NXSrgvSrEZsSV2yBhcEkfyTocwmEbvrd9uPNkQjMeaSkc&d=CokBAKAmf-Bu9iQyFnzHliJ05vOpiRj7Z6cZejxafkt4qIxLzLqK7jf2c5VVZ2n2-F2dBQACyX-4ZKAfUWrAE-9HGu77ZbN3loDX_Om59amnsZud7S1OWJpXI2MzKi_frwxLxK_AqczEIq2JuLlD4TBO9lNnlcCgGbQxjZ1kRtbpZRCgduYsIwqRj3cSuRQAoCZ_4CWwFi1eYuMjLbk1j-8Gv1FGxH5D19cHsFFPcQ3pv5MVCRUX6i_sUWSck2JfVLzNxslsce9E4YgFdOmV3uVsNpdEUV2j66bhoH9Gjue3jIgim2vc1mYCqj_jbweR8tncjmigGtyiH0FtOjstVf3IPvGqLQbjtNULgxIdbjLmoD6bTfBCmzEkGnYtocNLckJx1h9PVtpUOlsh3ZmXyF1iGBnvOTw28c2NJvk0JO03lX32fA0q2eNhi5ENSHo1Do2QLTqwH6NrE3tO2bHfP6Mz_PMxKh-ONOPPc0U7LFbtR1Pb-w-tQLCNOL4ZIQuMP4HTWOvoTUtp3SH1lIUldNIIxf0Hl6JtwyG9zuaNSUA8n_y9IAWeEVR9B8swjV7wvugvEPE2yMG9Fk-w5mtAjC1zC_AccxHp46G-F7uEjVr-TfkXvpQzCOafCg-sQeBvW1w6SvDRsxlO1eiZ6YCc80gy7uR-zGq6yWGv1JkPS-Hp52pmDAxf3hEVXiV9hy2RkvkHHvBWLHOifi74f1zNNYRiqeGJfh9_Umm17Xnsh8mrLPhjjuNsZvvgr5CkPMPGUFlOZV0cVyJ-AmBLk7QQaZb6nQ3wwBYLd_tILoruNnLjKl8bvAW08yVAuyP4qenFbY38LwsmszeLd2kBCkJH4lv5SzbdI_C2bsE901HQaXWEMiz-15X5aeRTtkx1dU6VUNH_MmrJiRoVT5VQAtUwQ9ER6RVpnFXkKu9T38-JgU_awpHRAJ2bpywodK41HpYw7FKkx5AjloXYhUiNGFllQ7BpRZWWVAnmr3HlPTPI_B68VPwnmZxrnqjIrdsucgl2q0T5xvrSWqBnSNRdkz2uwhxi0f7ZyuCFzJj5JxkGT-sKiCGrksUFOUq0X7z_bpMeo1ENX4SV2hz8tFqcfGwltudysE_6057YGbSge7TEBtGarhVFPKcDl2RVtPNNcUTYV0U2xfNxme_dmjg8TGXGNJ4JK3Y09DpEDudmO5nQasATGPJkiBQ8GEIJHfxPB3aCk5thhFsobXTfUJAZTUJLKP8P2XzGZ8Yik35HWRTSenEqlqMLd6Tq-Llwmg81lOYyAOTwzwx0Q3Ye-eQ8sePR9HLiBjBSd3vXw_ktCucxLDX9EzZ-zyT1fEGDe3yheo9QyM4a0bA15NJz4sFBr8sVX1M1TL3OwTLktyFpentDY78ekGmD6nP9VK6qPZ8JIxtIqGUay3Mliv40VlHTPpgFtuJj3LIp8yWUg-5YRuiOIUQJmCdkFHpcwBB9aJPiw0RDyorNmBON4GmYMu04c2qYkJzS9YfDqKzNxyktXrC97oBFTQsl9ieToQPr329F8zBhl3_VduhVM9VXO2WSeL1CThWiH_1pg5qbLRbmJXjvtWZzyub5ofgRlwWnIPHvudTIsSwu6i9PKFdvsAZovn01QT4yJErgVdzASt2QRtbLjShArhKNhBH9bzC5laIawnySHy_MabjHEfqsW-WDrZ9MrCHSsQYT9yCo1RcuC5nEGSM6mW_Fph_LaAKy--nWH-i80529mdCEMB1G24gEkXhcNH4L6k-H8hlEa4LSnTxXlanR43G5rvYuMeyOIdGLHruysg5RgEN3w4YAL2r1T6wX-kkvtZKNoGSs4ObKgPbSGAvrjfoF2IjeczAnA3LtQ5rS8cjVFvyd1hngshXj5WmAb4SIcFp1SXvOJb7wOOEUwsCz9a2Dru9wkoBLSXrgDBWjm3_EFaTWIl_kSHRwh5ckFhOh80c--bZuhSldT4YvqEaR-lOaQjS1Yw20FFokBR9wL4vmE9AWY8PcWNU36AR4egQOs20OIMThH6JBlMHqS2pWtI3PtXTypiDPJ18X98N_fTslmjpoWBGU9u291vzv0y1JRGRNF2dnqL-BKmwTMv7Wh4icPiHPoUiEzffKvankzRxP6jpPohREeZWyz9xW8SyBFdowKOiMD3v7EHr4VQfPO5gfvUEqnGhOJUNUXGm31Be6vJu6T6MpMRhohAY75BiIohMhC7nOI8AxcIgLYixC9CdaG7mNfNoC2_hnMD4W4BmvyN3-24V53QrNpJymAZrO0l83tlWyuGO7x5Cz853O3V1Penek3wPmOZe721vGR_0OA4zSXIOlLqXXqCYc99e6UFwZIElp8G3PvD6gYT8x33h5IaPNthdbAVyWf0dufEvIr7V6GcKVLDhYQK6eVe-iVfoE1W7IRVwM4QWk80HTjE24LsR4KEcuMXJEDvMCN8Fyh3I1nDy4Ch78dlbW8e3MqnaCuMDjS2ZW3nWe8kELCtxZQPliXE55Tp2vD3m2C7P_hOBe2fyeLPBYMdvP5e7AJSxmH0G3xEX-MD5oDs1iSpCM2dOCo1lPdde6WLnX6oLxLQOeeFRT5jiomTcD8vlt8JUvvobC5uzB51Pk_hWR4fvHhC6wiZ4zLFJAtAn-8GF3nDLg3MaMQAiaQs39ZBFGQ3YczXPEaMSV6aUbbLr8ck6z9cNhjxFjXABwatZpHiOX5LAQPXzrS_oogxbQg3v17gDcsK-8P5Csu9biRtCABFfcfxWbxCVIcVBgzbs6rmGKwSxReZG-dChdB2-CdFynKtLUe22I8I_bdy4Ly_UyXsrbx2eTmMEzVpceSiBREoLavvrJaG4O6P-DfClYqrv8gDGVi9CIaar9hJ8jPWZvcjggWWGCjOg95cs5OKw0kCmgMmamVkA_PFH3JnGE1xHxd-W5ilrLjq0d02kwL9QTYquJ5mQD9VuHnOwKv4JME3GtEHdjZvn3YpaMuu-8k5-UXi0thJHajXM-h2NBmS-lWJv47Kex4uHXH-bYiUgPgsX5X3daFbSzOCG3JtJP3yjQ9IG8ZABx2Px4efPIGh9yrXNPhaIN7xFcDvtvGmbzrHY0x3SXIJj2dAsNzX4rzfA91Vwu8R-PTA68xSQ-APXnft4AJRNx8-Au-8MKE_Ht_PXDQI1eSWzA25r839ViDB7RriudBimAAaKdm8sw_nw4GAG-QzD2WiLMpZj-sFaYIX_hB9XojZgAbauZ4Zo7gqIZedIQ-FhMh48O2yjosH0QpAYJCf9IWm88TnFMfkWlAyzypumSsenubb4cNVflDgBG299PWWLzoCCrx7nxekDOT-fiUSKmqTxOAmjagy0cM0EZDWSzxTfeqlg2kNGRn1Rw-KfVItg77b_yNtXzBYyW69DbyMeGsrZxHkRSqvayRymGvBuKHeV5uHtWqi0HWwDCh57RRJAvHa9OhskEUTwIWgO4pY1nb4spOgQzjZe7J1QiMVniQU5N1rhJYvmngCc_NPgaZmcdVT58tkhFBpXsGcVLB3nGJxJkpa-z9YuDc173a1PF3PBLX3AW57lYlJm6rqelKPCMo5u8dsHKxrl_tq13l8ym65WQZ_weMVEGUFCwaVHBn83A8c3KZYw3QZCqfzaR1Z1CNkIYPwN5KQirhqNmaez45wnDJOq2jiCv2_adRoYVQmptOVc29rSDBezsQjtsl3rgGlEIBBJLAMgJpo3dtp8xBuWxsEi_zU0e58MpCT7MLoLqTI0vr4lLfHVMZ4_C5fWSpcKWYqCltcJkGDucVZETii460d6XfYBB0_K0xnjESKmFGAFgAQ&bundleId=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
108.177.15.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f155.1e100.net
Software
cafe /
Resource Hash
2d48f1d5bc99bb7cf5cadfaac50a6e330f02e4d13bed527853eb320fd6e20d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25078
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:28 GMT
server
nginx
x-server-name
app26.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWxn_NXSrgvSrEZsSV2yBhcEkfyTocwmEbvrd9uPNkQjMeaSkc&d=CokBAKAmf-Bu9iQyFnzHliJ05vOpiRj7Z6cZejxafkt4qIxLzLqK7jf2c5VVZ2n2-F2dBQACyX-4ZKAfUWrAE-9HGu77ZbN3loDX_Om59amnsZud7S1OWJpXI2MzKi_frwxLxK_AqczEIq2JuLlD4TBO9lNnlcCgGbQxjZ1kRtbpZRCgduYsIwqRj3cSuRQAoCZ_4CWwFi1eYuMjLbk1j-8Gv1FGxH5D19cHsFFPcQ3pv5MVCRUX6i_sUWSck2JfVLzNxslsce9E4YgFdOmV3uVsNpdEUV2j66bhoH9Gjue3jIgim2vc1mYCqj_jbweR8tncjmigGtyiH0FtOjstVf3IPvGqLQbjtNULgxIdbjLmoD6bTfBCmzEkGnYtocNLckJx1h9PVtpUOlsh3ZmXyF1iGBnvOTw28c2NJvk0JO03lX32fA0q2eNhi5ENSHo1Do2QLTqwH6NrE3tO2bHfP6Mz_PMxKh-ONOPPc0U7LFbtR1Pb-w-tQLCNOL4ZIQuMP4HTWOvoTUtp3SH1lIUldNIIxf0Hl6JtwyG9zuaNSUA8n_y9IAWeEVR9B8swjV7wvugvEPE2yMG9Fk-w5mtAjC1zC_AccxHp46G-F7uEjVr-TfkXvpQzCOafCg-sQeBvW1w6SvDRsxlO1eiZ6YCc80gy7uR-zGq6yWGv1JkPS-Hp52pmDAxf3hEVXiV9hy2RkvkHHvBWLHOifi74f1zNNYRiqeGJfh9_Umm17Xnsh8mrLPhjjuNsZvvgr5CkPMPGUFlOZV0cVyJ-AmBLk7QQaZb6nQ3wwBYLd_tILoruNnLjKl8bvAW08yVAuyP4qenFbY38LwsmszeLd2kBCkJH4lv5SzbdI_C2bsE901HQaXWEMiz-15X5aeRTtkx1dU6VUNH_MmrJiRoVT5VQAtUwQ9ER6RVpnFXkKu9T38-JgU_awpHRAJ2bpywodK41HpYw7FKkx5AjloXYhUiNGFllQ7BpRZWWVAnmr3HlPTPI_B68VPwnmZxrnqjIrdsucgl2q0T5xvrSWqBnSNRdkz2uwhxi0f7ZyuCFzJj5JxkGT-sKiCGrksUFOUq0X7z_bpMeo1ENX4SV2hz8tFqcfGwltudysE_6057YGbSge7TEBtGarhVFPKcDl2RVtPNNcUTYV0U2xfNxme_dmjg8TGXGNJ4JK3Y09DpEDudmO5nQasATGPJkiBQ8GEIJHfxPB3aCk5thhFsobXTfUJAZTUJLKP8P2XzGZ8Yik35HWRTSenEqlqMLd6Tq-Llwmg81lOYyAOTwzwx0Q3Ye-eQ8sePR9HLiBjBSd3vXw_ktCucxLDX9EzZ-zyT1fEGDe3yheo9QyM4a0bA15NJz4sFBr8sVX1M1TL3OwTLktyFpentDY78ekGmD6nP9VK6qPZ8JIxtIqGUay3Mliv40VlHTPpgFtuJj3LIp8yWUg-5YRuiOIUQJmCdkFHpcwBB9aJPiw0RDyorNmBON4GmYMu04c2qYkJzS9YfDqKzNxyktXrC97oBFTQsl9ieToQPr329F8zBhl3_VduhVM9VXO2WSeL1CThWiH_1pg5qbLRbmJXjvtWZzyub5ofgRlwWnIPHvudTIsSwu6i9PKFdvsAZovn01QT4yJErgVdzASt2QRtbLjShArhKNhBH9bzC5laIawnySHy_MabjHEfqsW-WDrZ9MrCHSsQYT9yCo1RcuC5nEGSM6mW_Fph_LaAKy--nWH-i80529mdCEMB1G24gEkXhcNH4L6k-H8hlEa4LSnTxXlanR43G5rvYuMeyOIdGLHruysg5RgEN3w4YAL2r1T6wX-kkvtZKNoGSs4ObKgPbSGAvrjfoF2IjeczAnA3LtQ5rS8cjVFvyd1hngshXj5WmAb4SIcFp1SXvOJb7wOOEUwsCz9a2Dru9wkoBLSXrgDBWjm3_EFaTWIl_kSHRwh5ckFhOh80c--bZuhSldT4YvqEaR-lOaQjS1Yw20FFokBR9wL4vmE9AWY8PcWNU36AR4egQOs20OIMThH6JBlMHqS2pWtI3PtXTypiDPJ18X98N_fTslmjpoWBGU9u291vzv0y1JRGRNF2dnqL-BKmwTMv7Wh4icPiHPoUiEzffKvankzRxP6jpPohREeZWyz9xW8SyBFdowKOiMD3v7EHr4VQfPO5gfvUEqnGhOJUNUXGm31Be6vJu6T6MpMRhohAY75BiIohMhC7nOI8AxcIgLYixC9CdaG7mNfNoC2_hnMD4W4BmvyN3-24V53QrNpJymAZrO0l83tlWyuGO7x5Cz853O3V1Penek3wPmOZe721vGR_0OA4zSXIOlLqXXqCYc99e6UFwZIElp8G3PvD6gYT8x33h5IaPNthdbAVyWf0dufEvIr7V6GcKVLDhYQK6eVe-iVfoE1W7IRVwM4QWk80HTjE24LsR4KEcuMXJEDvMCN8Fyh3I1nDy4Ch78dlbW8e3MqnaCuMDjS2ZW3nWe8kELCtxZQPliXE55Tp2vD3m2C7P_hOBe2fyeLPBYMdvP5e7AJSxmH0G3xEX-MD5oDs1iSpCM2dOCo1lPdde6WLnX6oLxLQOeeFRT5jiomTcD8vlt8JUvvobC5uzB51Pk_hWR4fvHhC6wiZ4zLFJAtAn-8GF3nDLg3MaMQAiaQs39ZBFGQ3YczXPEaMSV6aUbbLr8ck6z9cNhjxFjXABwatZpHiOX5LAQPXzrS_oogxbQg3v17gDcsK-8P5Csu9biRtCABFfcfxWbxCVIcVBgzbs6rmGKwSxReZG-dChdB2-CdFynKtLUe22I8I_bdy4Ly_UyXsrbx2eTmMEzVpceSiBREoLavvrJaG4O6P-DfClYqrv8gDGVi9CIaar9hJ8jPWZvcjggWWGCjOg95cs5OKw0kCmgMmamVkA_PFH3JnGE1xHxd-W5ilrLjq0d02kwL9QTYquJ5mQD9VuHnOwKv4JME3GtEHdjZvn3YpaMuu-8k5-UXi0thJHajXM-h2NBmS-lWJv47Kex4uHXH-bYiUgPgsX5X3daFbSzOCG3JtJP3yjQ9IG8ZABx2Px4efPIGh9yrXNPhaIN7xFcDvtvGmbzrHY0x3SXIJj2dAsNzX4rzfA91Vwu8R-PTA68xSQ-APXnft4AJRNx8-Au-8MKE_Ht_PXDQI1eSWzA25r839ViDB7RriudBimAAaKdm8sw_nw4GAG-QzD2WiLMpZj-sFaYIX_hB9XojZgAbauZ4Zo7gqIZedIQ-FhMh48O2yjosH0QpAYJCf9IWm88TnFMfkWlAyzypumSsenubb4cNVflDgBG299PWWLzoCCrx7nxekDOT-fiUSKmqTxOAmjagy0cM0EZDWSzxTfeqlg2kNGRn1Rw-KfVItg77b_yNtXzBYyW69DbyMeGsrZxHkRSqvayRymGvBuKHeV5uHtWqi0HWwDCh57RRJAvHa9OhskEUTwIWgO4pY1nb4spOgQzjZe7J1QiMVniQU5N1rhJYvmngCc_NPgaZmcdVT58tkhFBpXsGcVLB3nGJxJkpa-z9YuDc173a1PF3PBLX3AW57lYlJm6rqelKPCMo5u8dsHKxrl_tq13l8ym65WQZ_weMVEGUFCwaVHBn83A8c3KZYw3QZCqfzaR1Z1CNkIYPwN5KQirhqNmaez45wnDJOq2jiCv2_adRoYVQmptOVc29rSDBezsQjtsl3rgGlEIBBJLAMgJpo3dtp8xBuWxsEi_zU0e58MpCT7MLoLqTI0vr4lLfHVMZ4_C5fWSpcKWYqCltcJkGDucVZETii460d6XfYBB0_K0xnjESKmFGAFgAQ&bundleId=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame B8B5 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:5200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2144778
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
cfeLT45wyDCIFFxQCCK69SByUYuPOkafQMU0zHhK34NkvtDwrORaHQ==
dt
dt.adsafeprotected.com/ Frame FE46 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=a75ebdc1-c26c-620c-dd72-244c4461b915&tv=%7Bc:r9eUKr,pingTime:-3,time:50,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:50,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B43~0%5D,as:%5B43~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSMQhcx+11%7C12%7C13%7C141*.1474271-71242846%7C1411,idMap:141*,rmeas:1,rend:0,renddet:IMG.us,siq:21%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:c98b:653f:bcad:438a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:28 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame FE46 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=a75ebdc1-c26c-620c-dd72-244c4461b915&tv=%7Bc:r9eUKs,pingTime:-6,time:51,type:i,es:1,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:51,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSMQhcx+11%7C12%7C13%7C141*.1474271-71242846%7C1411,idMap:141*,rmeas:1,rend:0,renddet:IMG.us,siq:21%7D&tpiLookup=ao:c.r74n.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:c98b:653f:bcad:438a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:28 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame FE46 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=a75ebdc1-c26c-620c-dd72-244c4461b915&tv=%7Bc:r9eUKx,pingTime:-2,time:56,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:231,beZ:232,mfA:234,cmA:236,inA:236,inZ:240,prA:240,prZ:245,si:251,poA:252,poZ:277,cmZ:277,mfZ:277,loA:281,loZ:284,ltA:286,ltZ:286%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:56,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B49~0%5D,as:%5B49~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tSMQhcx+11%7C12%7C13%7C141*.1474271-71242846%7C1411,idMap:141*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:21,sinceFw:33,readyFired:false%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:c98b:653f:bcad:438a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:28 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 83D6 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
233309
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 03:06:59 GMT
expires
Sat, 12 Oct 2024 03:06:59 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
p04HFUVHB2kdNiXzU6p470k3by9Z9P4MzDHJjw8x7-0.js
pagead2.googlesyndication.com/bg/ Frame 83D6 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/p04HFUVHB2kdNiXzU6p470k3by9Z9P4MzDHJjw8x7-0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a74e0715454707691d3625f353aa78ef49376f2f59f4fe0ccc31c98f0f31efed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 22:08:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
337597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14689
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Oct 2024 22:08:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 83D6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B48_asEMsZYeVBdLngQePxKqICAAAAAA4AeAEAg&bg=!s7ClsP_NAAZy-tsgUvo7ADQBe5WfOHQN3edaNlytU5AxVXZPkzeosA1Dv1CZ-AmDSqGcU_s1Xv5cfjJd1i97EE0KIF8dAgAAAEFSAAAAB2gBB5kDIvCVOXNy1_mEBt1DsLPPG0_wUGHruVdvbgrCzqkO1eR3CRLpQVbOsyeHQN9YWFZCorBOoe7G8WVB1EY6cXYRcaQYvxSntqwshuct75A5LZM272xJWg37ocSQ54ASMBEO0xV2eRCM40H0Qjt9Y4ob59bYWkIpk1Z8ob8Q62a7yuWPa4G2j-BleUF3ojgw1zY5-36Nku0G3Sc00_ZMUv1gEUCDhpNvQ9YZ9aBCgLvWpsBvBScXw5cvda37xWfICAOWRaRkmQ_OfDRIFi6pAMyOAT0EoUbZC1OX_EGwXDG1EnCJ5V9B2PyURbCiemS4KL9hdBAR2BQ9UkPnOS_hxgsGfKOCrPzscIZa5NOtfqW1FMBUIO7P9i3i156Z2HBy0GTGT5Aw9KCZ8W0nEYQayK4dIe6NIc9vUBo_fsbZR1ujVj9EWoRavN-xAzRF7cTNn4jybdXAxYLZ8cO6d4ehcR0xe5WB4fgw5Ghw-q9jSR1Tqqnxp7b5g3lEZLoSRgUx60gmJ3GvGPEICxKkTNom7X-G428o2VBfnQkBYJJn8ODsgKB7fCUOr4YWUgBhJVHKS5H2DIi85RFb-DtPzqpf4736H6Pt1IGIByV7-6Sol59QJnkwcZuxEVGF-O_F07KcAQ9T_O73hiRPJ__EKchIAu_JIOOFmyVGaaCaXufCIlFOP2KhhL9121t7Jcq9yJLlEctIxUahuhdfjNiCMtq9VNmXbyQq3jX6kLExEZ75Irneo517iv438hrMiTGCfg0KkuUKVcilyw-UlNHvbFvxpoZMkAUx2QJbyxQ0Ci6Q9spt55ukX3c_S7JuaXGYbi34Y4kB1Z1YC2Ku6vthQya-lqZKtl4aX_ngth6FKHLJibcQ5Gt5HWtaZJLvsjHXWTl0X7veqd2jfJ6Lr_CrRFRLaedCqBVMjrdeLhzE4qevRYRt03zBneo2lfP7AJXCKDXjFfJRdHrtUM-MHg2HaidV6jKLBxeQY-KwmNB9QHh-Octm97xs7n_0bZ-U6c9xV84HHOnf23eGbQSrgmXjB2RyiLANzZwqrr8-uwCQwVfaWIXmTpDjp4w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame FE46 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: c.r74n.com
URL: https://c.r74n.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 07:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46324
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 16 Oct 2023 07:03:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame FE46 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1474271/71242846/xbbe/creative/adj?p=APEucNWxn_NXSrgvSrEZsSV2yBhcEkfyTocwmEbvrd9uPNkQjMeaSkc&d=CokBAKAmf-Bu9iQyFnzHliJ05vOpiRj7Z6cZejxafkt4qIxLzLqK7jf2c5VVZ2n2-F2dBQACyX-4ZKAfUWrAE-9HGu77ZbN3loDX_Om59amnsZud7S1OWJpXI2MzKi_frwxLxK_AqczEIq2JuLlD4TBO9lNnlcCgGbQxjZ1kRtbpZRCgduYsIwqRj3cSuRQAoCZ_4CWwFi1eYuMjLbk1j-8Gv1FGxH5D19cHsFFPcQ3pv5MVCRUX6i_sUWSck2JfVLzNxslsce9E4YgFdOmV3uVsNpdEUV2j66bhoH9Gjue3jIgim2vc1mYCqj_jbweR8tncjmigGtyiH0FtOjstVf3IPvGqLQbjtNULgxIdbjLmoD6bTfBCmzEkGnYtocNLckJx1h9PVtpUOlsh3ZmXyF1iGBnvOTw28c2NJvk0JO03lX32fA0q2eNhi5ENSHo1Do2QLTqwH6NrE3tO2bHfP6Mz_PMxKh-ONOPPc0U7LFbtR1Pb-w-tQLCNOL4ZIQuMP4HTWOvoTUtp3SH1lIUldNIIxf0Hl6JtwyG9zuaNSUA8n_y9IAWeEVR9B8swjV7wvugvEPE2yMG9Fk-w5mtAjC1zC_AccxHp46G-F7uEjVr-TfkXvpQzCOafCg-sQeBvW1w6SvDRsxlO1eiZ6YCc80gy7uR-zGq6yWGv1JkPS-Hp52pmDAxf3hEVXiV9hy2RkvkHHvBWLHOifi74f1zNNYRiqeGJfh9_Umm17Xnsh8mrLPhjjuNsZvvgr5CkPMPGUFlOZV0cVyJ-AmBLk7QQaZb6nQ3wwBYLd_tILoruNnLjKl8bvAW08yVAuyP4qenFbY38LwsmszeLd2kBCkJH4lv5SzbdI_C2bsE901HQaXWEMiz-15X5aeRTtkx1dU6VUNH_MmrJiRoVT5VQAtUwQ9ER6RVpnFXkKu9T38-JgU_awpHRAJ2bpywodK41HpYw7FKkx5AjloXYhUiNGFllQ7BpRZWWVAnmr3HlPTPI_B68VPwnmZxrnqjIrdsucgl2q0T5xvrSWqBnSNRdkz2uwhxi0f7ZyuCFzJj5JxkGT-sKiCGrksUFOUq0X7z_bpMeo1ENX4SV2hz8tFqcfGwltudysE_6057YGbSge7TEBtGarhVFPKcDl2RVtPNNcUTYV0U2xfNxme_dmjg8TGXGNJ4JK3Y09DpEDudmO5nQasATGPJkiBQ8GEIJHfxPB3aCk5thhFsobXTfUJAZTUJLKP8P2XzGZ8Yik35HWRTSenEqlqMLd6Tq-Llwmg81lOYyAOTwzwx0Q3Ye-eQ8sePR9HLiBjBSd3vXw_ktCucxLDX9EzZ-zyT1fEGDe3yheo9QyM4a0bA15NJz4sFBr8sVX1M1TL3OwTLktyFpentDY78ekGmD6nP9VK6qPZ8JIxtIqGUay3Mliv40VlHTPpgFtuJj3LIp8yWUg-5YRuiOIUQJmCdkFHpcwBB9aJPiw0RDyorNmBON4GmYMu04c2qYkJzS9YfDqKzNxyktXrC97oBFTQsl9ieToQPr329F8zBhl3_VduhVM9VXO2WSeL1CThWiH_1pg5qbLRbmJXjvtWZzyub5ofgRlwWnIPHvudTIsSwu6i9PKFdvsAZovn01QT4yJErgVdzASt2QRtbLjShArhKNhBH9bzC5laIawnySHy_MabjHEfqsW-WDrZ9MrCHSsQYT9yCo1RcuC5nEGSM6mW_Fph_LaAKy--nWH-i80529mdCEMB1G24gEkXhcNH4L6k-H8hlEa4LSnTxXlanR43G5rvYuMeyOIdGLHruysg5RgEN3w4YAL2r1T6wX-kkvtZKNoGSs4ObKgPbSGAvrjfoF2IjeczAnA3LtQ5rS8cjVFvyd1hngshXj5WmAb4SIcFp1SXvOJb7wOOEUwsCz9a2Dru9wkoBLSXrgDBWjm3_EFaTWIl_kSHRwh5ckFhOh80c--bZuhSldT4YvqEaR-lOaQjS1Yw20FFokBR9wL4vmE9AWY8PcWNU36AR4egQOs20OIMThH6JBlMHqS2pWtI3PtXTypiDPJ18X98N_fTslmjpoWBGU9u291vzv0y1JRGRNF2dnqL-BKmwTMv7Wh4icPiHPoUiEzffKvankzRxP6jpPohREeZWyz9xW8SyBFdowKOiMD3v7EHr4VQfPO5gfvUEqnGhOJUNUXGm31Be6vJu6T6MpMRhohAY75BiIohMhC7nOI8AxcIgLYixC9CdaG7mNfNoC2_hnMD4W4BmvyN3-24V53QrNpJymAZrO0l83tlWyuGO7x5Cz853O3V1Penek3wPmOZe721vGR_0OA4zSXIOlLqXXqCYc99e6UFwZIElp8G3PvD6gYT8x33h5IaPNthdbAVyWf0dufEvIr7V6GcKVLDhYQK6eVe-iVfoE1W7IRVwM4QWk80HTjE24LsR4KEcuMXJEDvMCN8Fyh3I1nDy4Ch78dlbW8e3MqnaCuMDjS2ZW3nWe8kELCtxZQPliXE55Tp2vD3m2C7P_hOBe2fyeLPBYMdvP5e7AJSxmH0G3xEX-MD5oDs1iSpCM2dOCo1lPdde6WLnX6oLxLQOeeFRT5jiomTcD8vlt8JUvvobC5uzB51Pk_hWR4fvHhC6wiZ4zLFJAtAn-8GF3nDLg3MaMQAiaQs39ZBFGQ3YczXPEaMSV6aUbbLr8ck6z9cNhjxFjXABwatZpHiOX5LAQPXzrS_oogxbQg3v17gDcsK-8P5Csu9biRtCABFfcfxWbxCVIcVBgzbs6rmGKwSxReZG-dChdB2-CdFynKtLUe22I8I_bdy4Ly_UyXsrbx2eTmMEzVpceSiBREoLavvrJaG4O6P-DfClYqrv8gDGVi9CIaar9hJ8jPWZvcjggWWGCjOg95cs5OKw0kCmgMmamVkA_PFH3JnGE1xHxd-W5ilrLjq0d02kwL9QTYquJ5mQD9VuHnOwKv4JME3GtEHdjZvn3YpaMuu-8k5-UXi0thJHajXM-h2NBmS-lWJv47Kex4uHXH-bYiUgPgsX5X3daFbSzOCG3JtJP3yjQ9IG8ZABx2Px4efPIGh9yrXNPhaIN7xFcDvtvGmbzrHY0x3SXIJj2dAsNzX4rzfA91Vwu8R-PTA68xSQ-APXnft4AJRNx8-Au-8MKE_Ht_PXDQI1eSWzA25r839ViDB7RriudBimAAaKdm8sw_nw4GAG-QzD2WiLMpZj-sFaYIX_hB9XojZgAbauZ4Zo7gqIZedIQ-FhMh48O2yjosH0QpAYJCf9IWm88TnFMfkWlAyzypumSsenubb4cNVflDgBG299PWWLzoCCrx7nxekDOT-fiUSKmqTxOAmjagy0cM0EZDWSzxTfeqlg2kNGRn1Rw-KfVItg77b_yNtXzBYyW69DbyMeGsrZxHkRSqvayRymGvBuKHeV5uHtWqi0HWwDCh57RRJAvHa9OhskEUTwIWgO4pY1nb4spOgQzjZe7J1QiMVniQU5N1rhJYvmngCc_NPgaZmcdVT58tkhFBpXsGcVLB3nGJxJkpa-z9YuDc173a1PF3PBLX3AW57lYlJm6rqelKPCMo5u8dsHKxrl_tq13l8ym65WQZ_weMVEGUFCwaVHBn83A8c3KZYw3QZCqfzaR1Z1CNkIYPwN5KQirhqNmaez45wnDJOq2jiCv2_adRoYVQmptOVc29rSDBezsQjtsl3rgGlEIBBJLAMgJpo3dtp8xBuWxsEi_zU0e58MpCT7MLoLqTI0vr4lLfHVMZ4_C5fWSpcKWYqCltcJkGDucVZETii460d6XfYBB0_K0xnjESKmFGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1012200182&ias_pubId=pub-8485284630785740&ias_chanId=1&ias_placementId=20118583893&bidurl=https://c.r74n.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jiD8J8nlo3bDxpWGOfvBZJ&adsafe_url=https%3A%2F%2Fc.r74n.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fc.r74n.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231011%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231011%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-0-%26adk%3D1812271801%26client%3Dca-pub-8485284630785740%26fa%3D1%26ifi%3D3%26uci%3Da!3%26btvi%3D2%26xpc%3Dpna5HyYmTY%26p%3Dhttps%253A%2F%2Fc.r74n.com&adsafe_type=be&adsafe_jsinfo=,id:a75ebdc1-c26c-620c-dd72-244c4461b915,c:r9eUJX,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-z72dc,rg:ie,pt:1-2-3-4-5-6-7-8-9-10-11-12-13-14-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tSMQhcx+11%7C12%7C13%7C141*.1474271-71242846%7C1411,idMap:141*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:1,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:21,oid:c9d70dfa-6b94-11ee-90c4-c682f1dd9ee1,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 13:43:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
22297
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Oct 2023 13:43:51 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame FE46 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1474271/71242846/xbbe/creative/adj?p=APEucNWxn_NXSrgvSrEZsSV2yBhcEkfyTocwmEbvrd9uPNkQjMeaSkc&d=CokBAKAmf-Bu9iQyFnzHliJ05vOpiRj7Z6cZejxafkt4qIxLzLqK7jf2c5VVZ2n2-F2dBQACyX-4ZKAfUWrAE-9HGu77ZbN3loDX_Om59amnsZud7S1OWJpXI2MzKi_frwxLxK_AqczEIq2JuLlD4TBO9lNnlcCgGbQxjZ1kRtbpZRCgduYsIwqRj3cSuRQAoCZ_4CWwFi1eYuMjLbk1j-8Gv1FGxH5D19cHsFFPcQ3pv5MVCRUX6i_sUWSck2JfVLzNxslsce9E4YgFdOmV3uVsNpdEUV2j66bhoH9Gjue3jIgim2vc1mYCqj_jbweR8tncjmigGtyiH0FtOjstVf3IPvGqLQbjtNULgxIdbjLmoD6bTfBCmzEkGnYtocNLckJx1h9PVtpUOlsh3ZmXyF1iGBnvOTw28c2NJvk0JO03lX32fA0q2eNhi5ENSHo1Do2QLTqwH6NrE3tO2bHfP6Mz_PMxKh-ONOPPc0U7LFbtR1Pb-w-tQLCNOL4ZIQuMP4HTWOvoTUtp3SH1lIUldNIIxf0Hl6JtwyG9zuaNSUA8n_y9IAWeEVR9B8swjV7wvugvEPE2yMG9Fk-w5mtAjC1zC_AccxHp46G-F7uEjVr-TfkXvpQzCOafCg-sQeBvW1w6SvDRsxlO1eiZ6YCc80gy7uR-zGq6yWGv1JkPS-Hp52pmDAxf3hEVXiV9hy2RkvkHHvBWLHOifi74f1zNNYRiqeGJfh9_Umm17Xnsh8mrLPhjjuNsZvvgr5CkPMPGUFlOZV0cVyJ-AmBLk7QQaZb6nQ3wwBYLd_tILoruNnLjKl8bvAW08yVAuyP4qenFbY38LwsmszeLd2kBCkJH4lv5SzbdI_C2bsE901HQaXWEMiz-15X5aeRTtkx1dU6VUNH_MmrJiRoVT5VQAtUwQ9ER6RVpnFXkKu9T38-JgU_awpHRAJ2bpywodK41HpYw7FKkx5AjloXYhUiNGFllQ7BpRZWWVAnmr3HlPTPI_B68VPwnmZxrnqjIrdsucgl2q0T5xvrSWqBnSNRdkz2uwhxi0f7ZyuCFzJj5JxkGT-sKiCGrksUFOUq0X7z_bpMeo1ENX4SV2hz8tFqcfGwltudysE_6057YGbSge7TEBtGarhVFPKcDl2RVtPNNcUTYV0U2xfNxme_dmjg8TGXGNJ4JK3Y09DpEDudmO5nQasATGPJkiBQ8GEIJHfxPB3aCk5thhFsobXTfUJAZTUJLKP8P2XzGZ8Yik35HWRTSenEqlqMLd6Tq-Llwmg81lOYyAOTwzwx0Q3Ye-eQ8sePR9HLiBjBSd3vXw_ktCucxLDX9EzZ-zyT1fEGDe3yheo9QyM4a0bA15NJz4sFBr8sVX1M1TL3OwTLktyFpentDY78ekGmD6nP9VK6qPZ8JIxtIqGUay3Mliv40VlHTPpgFtuJj3LIp8yWUg-5YRuiOIUQJmCdkFHpcwBB9aJPiw0RDyorNmBON4GmYMu04c2qYkJzS9YfDqKzNxyktXrC97oBFTQsl9ieToQPr329F8zBhl3_VduhVM9VXO2WSeL1CThWiH_1pg5qbLRbmJXjvtWZzyub5ofgRlwWnIPHvudTIsSwu6i9PKFdvsAZovn01QT4yJErgVdzASt2QRtbLjShArhKNhBH9bzC5laIawnySHy_MabjHEfqsW-WDrZ9MrCHSsQYT9yCo1RcuC5nEGSM6mW_Fph_LaAKy--nWH-i80529mdCEMB1G24gEkXhcNH4L6k-H8hlEa4LSnTxXlanR43G5rvYuMeyOIdGLHruysg5RgEN3w4YAL2r1T6wX-kkvtZKNoGSs4ObKgPbSGAvrjfoF2IjeczAnA3LtQ5rS8cjVFvyd1hngshXj5WmAb4SIcFp1SXvOJb7wOOEUwsCz9a2Dru9wkoBLSXrgDBWjm3_EFaTWIl_kSHRwh5ckFhOh80c--bZuhSldT4YvqEaR-lOaQjS1Yw20FFokBR9wL4vmE9AWY8PcWNU36AR4egQOs20OIMThH6JBlMHqS2pWtI3PtXTypiDPJ18X98N_fTslmjpoWBGU9u291vzv0y1JRGRNF2dnqL-BKmwTMv7Wh4icPiHPoUiEzffKvankzRxP6jpPohREeZWyz9xW8SyBFdowKOiMD3v7EHr4VQfPO5gfvUEqnGhOJUNUXGm31Be6vJu6T6MpMRhohAY75BiIohMhC7nOI8AxcIgLYixC9CdaG7mNfNoC2_hnMD4W4BmvyN3-24V53QrNpJymAZrO0l83tlWyuGO7x5Cz853O3V1Penek3wPmOZe721vGR_0OA4zSXIOlLqXXqCYc99e6UFwZIElp8G3PvD6gYT8x33h5IaPNthdbAVyWf0dufEvIr7V6GcKVLDhYQK6eVe-iVfoE1W7IRVwM4QWk80HTjE24LsR4KEcuMXJEDvMCN8Fyh3I1nDy4Ch78dlbW8e3MqnaCuMDjS2ZW3nWe8kELCtxZQPliXE55Tp2vD3m2C7P_hOBe2fyeLPBYMdvP5e7AJSxmH0G3xEX-MD5oDs1iSpCM2dOCo1lPdde6WLnX6oLxLQOeeFRT5jiomTcD8vlt8JUvvobC5uzB51Pk_hWR4fvHhC6wiZ4zLFJAtAn-8GF3nDLg3MaMQAiaQs39ZBFGQ3YczXPEaMSV6aUbbLr8ck6z9cNhjxFjXABwatZpHiOX5LAQPXzrS_oogxbQg3v17gDcsK-8P5Csu9biRtCABFfcfxWbxCVIcVBgzbs6rmGKwSxReZG-dChdB2-CdFynKtLUe22I8I_bdy4Ly_UyXsrbx2eTmMEzVpceSiBREoLavvrJaG4O6P-DfClYqrv8gDGVi9CIaar9hJ8jPWZvcjggWWGCjOg95cs5OKw0kCmgMmamVkA_PFH3JnGE1xHxd-W5ilrLjq0d02kwL9QTYquJ5mQD9VuHnOwKv4JME3GtEHdjZvn3YpaMuu-8k5-UXi0thJHajXM-h2NBmS-lWJv47Kex4uHXH-bYiUgPgsX5X3daFbSzOCG3JtJP3yjQ9IG8ZABx2Px4efPIGh9yrXNPhaIN7xFcDvtvGmbzrHY0x3SXIJj2dAsNzX4rzfA91Vwu8R-PTA68xSQ-APXnft4AJRNx8-Au-8MKE_Ht_PXDQI1eSWzA25r839ViDB7RriudBimAAaKdm8sw_nw4GAG-QzD2WiLMpZj-sFaYIX_hB9XojZgAbauZ4Zo7gqIZedIQ-FhMh48O2yjosH0QpAYJCf9IWm88TnFMfkWlAyzypumSsenubb4cNVflDgBG299PWWLzoCCrx7nxekDOT-fiUSKmqTxOAmjagy0cM0EZDWSzxTfeqlg2kNGRn1Rw-KfVItg77b_yNtXzBYyW69DbyMeGsrZxHkRSqvayRymGvBuKHeV5uHtWqi0HWwDCh57RRJAvHa9OhskEUTwIWgO4pY1nb4spOgQzjZe7J1QiMVniQU5N1rhJYvmngCc_NPgaZmcdVT58tkhFBpXsGcVLB3nGJxJkpa-z9YuDc173a1PF3PBLX3AW57lYlJm6rqelKPCMo5u8dsHKxrl_tq13l8ym65WQZ_weMVEGUFCwaVHBn83A8c3KZYw3QZCqfzaR1Z1CNkIYPwN5KQirhqNmaez45wnDJOq2jiCv2_adRoYVQmptOVc29rSDBezsQjtsl3rgGlEIBBJLAMgJpo3dtp8xBuWxsEi_zU0e58MpCT7MLoLqTI0vr4lLfHVMZ4_C5fWSpcKWYqCltcJkGDucVZETii460d6XfYBB0_K0xnjESKmFGAFgAQ&bundleId=&ias_dspID=3&ias_campId=1012200182&ias_pubId=pub-8485284630785740&ias_chanId=1&ias_placementId=20118583893&bidurl=https://c.r74n.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jiD8J8nlo3bDxpWGOfvBZJ&adsafe_url=https%3A%2F%2Fc.r74n.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fc.r74n.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231011%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231011%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-0-%26adk%3D1812271801%26client%3Dca-pub-8485284630785740%26fa%3D1%26ifi%3D3%26uci%3Da!3%26btvi%3D2%26xpc%3Dpna5HyYmTY%26p%3Dhttps%253A%2F%2Fc.r74n.com&adsafe_type=be&adsafe_jsinfo=,id:a75ebdc1-c26c-620c-dd72-244c4461b915,c:r9eUJX,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-z72dc,rg:ie,pt:1-2-3-4-5-6-7-8-9-10-11-12-13-14-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tSMQhcx+11%7C12%7C13%7C141*.1474271-71242846%7C1411,idMap:141*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:1,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:21,oid:c9d70dfa-6b94-11ee-90c4-c682f1dd9ee1,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 13:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
21488
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11602
x-xss-protection
0
server
cafe
etag
2362517075893974484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 29 Oct 2023 13:57:20 GMT
truncated
/ Frame FE46 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3c5f89e4e820a1dff848e021c2ea632ae7283de72bc8d3ed95e7a421d84415a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/ Frame CA51 		253 KB
163 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d76d4eb560f3f07393988e9f8f8425791f26d0438483c222ff53c73b9900be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
569206
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
166451
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 05:48:42 GMT
expires
Tue, 08 Oct 2024 05:48:42 GMT
last-modified
Fri, 05 May 2023 12:38:54 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame FE46 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssHZ3UAWK1ljwKPiVTO74PrCJBZQyYppmmmSCW_Sjj7SqWRfn7osNE5sMP5Gg8FfmfENvjIPp-LPeWxx6WAHOeGcpIqo3bueUCp2HRFW4_-lbHq05k2tWOafZZvxEuzjy5hWM_CPmPs3H8f0-C1x_OlN_wRTVTJ4coj4AnMXIiTWM-uDe648SGnYJ5-YSzRvPKxSAEnubwmOHkx4A&sai=AMfl-YRQR-mnhB3mCkhBKk9zPSJCFANMPXBbGrMQtwQRPpFqCoBHdDJj7vCATgomtLko6UPh2tmblST0lEslYaPr9zbB8ms2OQ6M_Oj5u5bPkD63T-BFPonSoti06HsrX6Vj_JLKoEVMgCgzy3h9kQRuz7euEA&sig=Cg0ArKJSzD5s8hc_2kZHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=74&cbvp=1&cstd=72&cisv=r20231004.16438&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: c.r74n.com
URL: https://c.r74n.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 19:55:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame FE46 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=a75ebdc1-c26c-620c-dd72-244c4461b915&tv=%7Bc:r9eUPT,pingTime:-10,time:388,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My43MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1697399728561%7C%7Cae209624e04f6e938b20db80ea0087e5%7C%7Cf85ea0352d5e0551a31a58bbfec67123%7C%7C64c48041bc8c0978b3ffad7d0077ccc3%7C%7Cdbfb432e22a2bec095d3ff6fe7c5a0fa%7C%7C14c19853e6c9ba7c4ccd2ce9140d7a85%7C%7C7020305f52e48cf3f9e6560dc096c220%7C%7C54c81d2c5256be740197205d9f23a4b9%7C%7C1663701684%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:c98b:653f:bcad:438a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:28 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
truncated
/ Frame CA51 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
truncated
/ Frame CA51 		71 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0dfe1f9ce8410e9cd1eb921153319aa98dd53d12a6e4fb0efca81ab345bda814

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
view
googleads4.g.doubleclick.net/pcs/ Frame FE46 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssHZ3UAWK1ljwKPiVTO74PrCJBZQyYppmmmSCW_Sjj7SqWRfn7osNE5sMP5Gg8FfmfENvjIPp-LPeWxx6WAHOeGcpIqo3bueUCp2HRFW4_-lbHq05k2tWOafZZvxEuzjy5hWM_CPmPs3H8f0-C1x_OlN_wRTVTJ4coj4AnMXIiTWM-uDe648SGnYJ5-YSzRvPKxSAEnubwmOHkx4A&sai=AMfl-YRQR-mnhB3mCkhBKk9zPSJCFANMPXBbGrMQtwQRPpFqCoBHdDJj7vCATgomtLko6UPh2tmblST0lEslYaPr9zbB8ms2OQ6M_Oj5u5bPkD63T-BFPonSoti06HsrX6Vj_JLKoEVMgCgzy3h9kQRuz7euEA&sig=Cg0ArKJSzD5s8hc_2kZHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=164&vt=11&dtpt=90&dett=3&cstd=72&cisv=r20231004.16438&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: c.r74n.com
URL: https://c.r74n.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 19:55:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
LogoLockup_Vert_RGB_white.png
s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/ Frame CA51 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/LogoLockup_Vert_RGB_white.png?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
320c83a2ecf5473795e1137deb93090208180cdb0cf8e7f6dad1a1f1aef35770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 05:48:42 GMT
x-content-type-options
nosniff
age
569206
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1502
x-xss-protection
0
last-modified
Fri, 05 May 2023 12:38:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 05:48:42 GMT
iStock-1086808322.jpg
s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/ Frame CA51 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/iStock-1086808322.jpg?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f92f0adaf2370f83fcdb0a2001f2d1fd3192982ddade3c9e7853735c78accd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 04:00:43 GMT
x-content-type-options
nosniff
age
316485
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24431
x-xss-protection
0
last-modified
Fri, 05 May 2023 12:38:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Oct 2024 04:00:43 GMT
LogoLockup_Vert_RGB_white.png
s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/ Frame CA51 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/LogoLockup_Vert_RGB_white.png?
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
320c83a2ecf5473795e1137deb93090208180cdb0cf8e7f6dad1a1f1aef35770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 05:48:42 GMT
x-content-type-options
nosniff
age
569206
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1502
x-xss-protection
0
last-modified
Fri, 05 May 2023 12:38:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Oct 2024 05:48:42 GMT
iStock-1086808322.jpg
s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/ Frame CA51 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/iStock-1086808322.jpg?
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f92f0adaf2370f83fcdb0a2001f2d1fd3192982ddade3c9e7853735c78accd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/699028630855374914/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-GenericUnifiedExperiencesPromov1_0_105/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 04:00:43 GMT
x-content-type-options
nosniff
age
316485
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24431
x-xss-protection
0
last-modified
Fri, 05 May 2023 12:38:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Oct 2024 04:00:43 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8485284630785740&plah=c.r74n.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cbf70067699e2d6f589848f76d4df76f7a197ebcb1b43e9c0d704620641f8325
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.r74n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 19:55:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12150
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame FE46 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=a75ebdc1-c26c-620c-dd72-244c4461b915&tv=%7Bc:r9eUTp,time:606,type:e,im:%7Bpci:%7Btdr:560%7D%7D,es:1,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:606,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B599~0%5D,as:%5B599~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:185,fm:tSMQhcx+11%7C12%7C13%7C141*.1474271-71242846%7C1411,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:21,sis:270%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:c98b:653f:bcad:438a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:28 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8485284630785740&plah=c.r74n.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.r74n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 19:55:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 15 Oct 2023 19:55:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2C74 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c.r74n.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
192406
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 14:28:42 GMT
expires
Sat, 12 Oct 2024 14:28:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4927 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ad87fb33a332d523982bdb8d1fc0b885c030d2ed0a448ecb519336627fb9b797
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--P064VE53mqk6Tol8_CA-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.r74n.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce--P064VE53mqk6Tol8_CA-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 15 Oct 2023 19:55:28 GMT
expires
Sun, 15 Oct 2023 19:55:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
pagead2.googlesyndication.com/bg/ Frame 2C74 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 09:56:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
35943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14648
x-xss-protection
0
last-modified
Tue, 10 Oct 2023 07:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 14 Oct 2024 09:56:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4927 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=1862137639710744&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 2C74 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Aj1-Ug
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 19:55:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame FE46 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJzdhsenCmTLDAfYm5tquIRFq1zOu__nqNHf_reb8OqoKQERdzCwHGU8qRuR1a4m_AEjtGfNwDtrknf5udHrXtIIhW3n_L8C3WoS93s-T5if1jtaoWg5r-g9OTDMov3EobsOPeUySCzyrG&sai=AMfl-YRHfB2o5QeiD2vfUv3yI2JLhC9Ci0EudrPmml942ZR3jCjMkp3ma_Z3MFwkFWULrXEQZ39czWRMADeLkJWdc9NVF-EyOQF6HorUqDwap0Z80JZHg8JyOpd1KMNDvfkNmTLvs8BJn17wmYqE&sig=Cg0ArKJSzJb2p-X-CfRVEAE&cid=CAQSSwDICaaN3bafMQblsbBIv81NHufDKQk-zC6C6kyNL6-JS3x1TGePwuX1kqXClmKgpbXCZBg7nFWRE4ouOtHel32AQdPytMZ4xEiphRgB&id=lidar2&mcvt=1005&p=0,0,90,728&mtos=558,1005,1005,1005,1005&tos=558,447,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697399727943&rpt=528&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=1862137639710744&bg=!Pj2lPXLNAAbFpEfJ5aQ7ADQBe5WfOGPbp1h_gM5Z3_jdMt8ZQtX6ATMNscCsZhjUUX27NRgup_FbCH-cehf4KcsKr6UQAgAAAEVSAAAABWgBB5kC82Ozdla73CqW3RUQoWN5aA91XmxfEFhUjGKhqmip8ApTul9xoZXzJY9ctu_g_shF462STG3PlGGchE5MrQe-c8FVezlWk8zZYjCn1nuk1oSa8mPjFqydfd8ttpm152znTJN4efCob9P-iTvsb_XJdRIFPEKElQz2GOPpKop11at_eMSUgvkt67nnExoHYRtwnmMcmz4Y9VdP8cfDAIuT3FyH3QcpiVs7PZrx-WKFUOfmuQfH1xQJcIYVgos7F8awfWtBy7EPQIF6b7YFNhM-4GUdHUN6ws5nmlme_XnDzMQdoGymaNZ85c2fOwUNO5hZ-4VRqTA8JytbgqI-9t7cRAXN1Lyb9EO5dTlxhC7k6T4VRbf6eo4xa7c7mQbgb79or8acOVWeqHLMJ7-YF26PJwsYoiZcUGwBFxkN0zSGFOLeQBZshBabBbjPyVjdltJRl_rlfEydN0IVnsLNxNdy_ZXeJsEadLv8wlD2RqudpdmxCoILimJyLPTq864Mx7FKVOBMg6KIv2l3s9WiVexSCdTBsAEGZ6mx_lYUf3RdMEGQS2HK4JrUze3sfZfWASPMhFoRorWTt1EnXNZiFU1klG1gfXmhT64QVZ1VZ1ItmrApODmagEOoDl2RzcRV0WXEIbSIVBhy107MdRTP52bcIQtyyOl9zqI-FE5x2kXUDPWGW4fPpcLaOpwrsNm0kRB3ogemQ_ZdEZQN_3uPsFwFFMfxJDhQ2f-AxpYpMdB7IYSqa0nbefSN2FHF1JZWJwLfrdoC44GIPSz0LSTveJ8tuOrUf9F79vA5-xKNtbpXWhxdG9BLrBxEs248ehlQy4OHaSiyARiyWHjIlc1o8WXP7K53sUX1r4lmJb97eIMqR2kYsF8LEZBRaLmd6pokjkm0OHaLhftTXkWlbrmNGQ4hUN_J4i3xRNNtql05Z0xSAlzCbffZyIxRea-sZKx6H1Ptq0f9BdA1hVZwb1R99kTtdrzl6P27hmm-H8oWKRU7UvEZKxGF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.r74n.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame FE46 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2177772814054&version=m202309260101&ct=76&x=1&cor=7772492457612648000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame FE46 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=a75ebdc1-c26c-620c-dd72-244c4461b915&tv=%7Bc:r9eVc2,pingTime:1,time:1761,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D,%7Bpiv:100,vs:i,r:,t:760%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:760,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B753~0%5D,as:%5B753~728.90%5D%7D%7D,%7Bsl:i,t:760,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:175,fm:tSMQhcx+11%7C12%7C13%7C141*.1474271-71242846%7C1411,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:21,sis:270%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:c98b:653f:bcad:438a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:30 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame FE46 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=a75ebdc1-c26c-620c-dd72-244c4461b915&tv=%7Bc:r9eVc3,pingTime:1,time:1762,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D,%7Bpiv:100,vs:i,r:,t:760%7D%5D,es:1,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:760,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B753~0%5D,as:%5B753~728.90%5D%7D%7D,%7Bsl:i,t:760,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:175,fm:tSMQhcx+11%7C12%7C13%7C141*.1474271-71242846%7C1411,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:21,sis:270%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:c98b:653f:bcad:438a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 15 Oct 2023 19:55:30 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| copy function| openTab function| closeTabs function| toggleTab function| reversed function| copyText string| currentEvent object| adsbygoogle function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| googletag function| onYouTubeIframeAPIReady object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| GoogleGcLKhOms object| google_image_requests

13 Cookies

Domain/Path Name / Value
.r74n.com/ Name: _gid
Value: GA1.2.1539764749.1697399727
.r74n.com/ Name: _gat_gtag_UA_93720349_8
Value: 1
.r74n.com/ Name: _ga
Value: GA1.1.27131134.1697399727
.doubleclick.net/ Name: IDE
Value: AHWqTUnZBZHRQ91zRu__NN7Uqqe7CkMLhfikuD5oZdRvXG4ecao3tzX-pLutGlqp
.casalemedia.com/ Name: CMPS
Value: 1149
.casalemedia.com/ Name: CMID
Value: ZSxDsPtpmOaMa257QcPs1QAA
.casalemedia.com/ Name: CMPRO
Value: 3214
.doubleclick.net/ Name: APC
Value: AfxxVi7kPz_2I8Ws8QC2c5swAskEggg35h8L9xdsfPt0x2NNcBm1zQ
.adnxs.com/ Name: uuid2
Value: 1980854727324938508
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2ImGs)RJ(!@wnfH8K6pQK`!5=E<*L5?%K7a`74Mf$5M+0jyFI4.^7CfC?(bAGAQsel*CU%nugO%v4VB%nofx*DH2(
.r74n.com/ Name: __gads
Value: ID=4cf609c9d3365848:T=1697399726:RT=1697399726:S=ALNI_MZLS2_I4lTYBtN7tZ1KmRnkWysb2Q
.r74n.com/ Name: __gpi
Value: UID=00000c98dc2bb66d:T=1697399726:RT=1697399726:S=ALNI_MYrewk8_MQVeusSOQ89ba7vIBZTTA
.r74n.com/ Name: _ga_G4E4Q8F375
Value: GS1.1.1697399726.1.0.1697399728.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bid.g.doubleclick.net
c.r74n.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
r74n.com
region1.google-analytics.com
s0.2mdn.net
static.adsafeprotected.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.18.27.193
108.177.15.155
142.250.185.194
142.250.186.162
185.199.109.153
185.89.210.122
2001:4860:4802:34::36
2600:1f13:800:7781:c98b:653f:bcad:438a
2600:9000:223f:5200:8:48e:53c0:93a1
2606:50c0:8002::153
2606:50c0:8003::153
2a00:1450:4001:801::2004
2a00:1450:4001:806::2002
2a00:1450:4001:808::200e
2a00:1450:4001:809::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2006
2a00:1450:4001:829::2002
2a00:1450:4001:830::2008
34.246.213.214
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dfe1f9ce8410e9cd1eb921153319aa98dd53d12a6e4fb0efca81ab345bda814
100c39b497208c6fd87755492545d873da333d4556f6d7177b2ea8c9bcae2c66
15af2af4b79e0a55d6c15b7d7db7c2724885237310d7dee1ec4ddb149a1b01af
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16bdcb36957103b8bfc2c7c529081278ad0aa36cdb1e6d2cd9b2533cf55d8742
24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956
2d48f1d5bc99bb7cf5cadfaac50a6e330f02e4d13bed527853eb320fd6e20d48
2d76d4eb560f3f07393988e9f8f8425791f26d0438483c222ff53c73b9900be4
2f92f0adaf2370f83fcdb0a2001f2d1fd3192982ddade3c9e7853735c78accd3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
320c83a2ecf5473795e1137deb93090208180cdb0cf8e7f6dad1a1f1aef35770
41b96cc29a7d2f670852799b5aceeb1a348dd6d545559f6719059e8df162e3ec
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c541693595bb34420337e46d51f6558ffc9504dba45d8731fad10a6bd26b787
4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
5384d274c9207173284f1bbbee4b0a370a29c639636feb4cf8e93f70d525c364
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
576a62af94cefeacf653bc38a6dd2798201ddd285c1d34a24819de32b61ac9ba
5dd266123df3cd8891779d83af9a4f32dbbe5b22e27605a25d89b62d216f673b
5f309934f54f89542291af2f89521b95044413c0ada623a8f669126404ca2122
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
637fd845c5425b43c20aff280a2f2b6cc71094292442a4b3b6357aa693b80f13
676625bb3eba6bc41f414c1bb987eb6d2b0f0cb6230bd98d2a104fd4beaf678b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6d68af210ed13bd3f53d639a8068ca96515d132aa93dc61c2a5c5f213f8228df
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a74e0715454707691d3625f353aa78ef49376f2f59f4fe0ccc31c98f0f31efed
ad87fb33a332d523982bdb8d1fc0b885c030d2ed0a448ecb519336627fb9b797
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3c5f89e4e820a1dff848e021c2ea632ae7283de72bc8d3ed95e7a421d84415a
c33da50233a6df2428c1d9bf883b19307e2e879475d1dfe286cccdb948a1188e
c4db55f0678db783d012c675088fdb09d764ae160b9d009ec04f923fa8889cb8
c6f0cab761502ca7b1a5d3be10e05cff2eec9667139e751a6b206099c9cb5941
cbf70067699e2d6f589848f76d4df76f7a197ebcb1b43e9c0d704620641f8325
d1619b0f7772b0ff8c31a640685f9359d506e79f419e425622dd75dcc65d517d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9ed7de37bfe58b63fe3b443a8933dc99f63d13e69845f90cf5cc8b37bc51ede