icookandpaint.com Open in urlscan Pro
162.241.216.197 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://icookandpaint.com/
Effective URL:
https://icookandpaint.com/
Submission: On November 27 via api (November 27th 2023, 12:45:04 pm UTC) from US — Scanned from DE

Summary HTTP 286 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 39 IPs in 8 countries across 39 domains to perform 286 HTTP transactions. The main IP is 162.241.216.197, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is icookandpaint.com.
TLS certificate: Issued by R3 on November 20th 2023. Valid for: 3 months.

This is the only time icookandpaint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 43	162.241.216.197 162.241.216.197	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
12	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
6	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
8	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
8	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:8e::84 2a04:4e42:8e::84	54113 (FASTLY) (FASTLY)
3 26	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
1 38	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
4 10	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
38	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
2	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3 6	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	2a05:d018:d29... 2a05:d018:d29:3601:ed3e:d5aa:dca8:d92e	16509 (AMAZON-02) (AMAZON-02)
1 26	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
4	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
3	2600:1901:0:7... 2600:1901:0:76b9::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.186.193.173 35.186.193.173	() ()
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
3 3	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1 2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	52.29.13.21 52.29.13.21	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
2	3.69.41.2 3.69.41.2	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
2	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
4	23.56.205.163 23.56.205.163	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.42.155.83 13.42.155.83	16509 (AMAZON-02) (AMAZON-02)
1	46.4.101.241 46.4.101.241	24940 (HETZNER-AS) (HETZNER-AS)
1	18.66.147.52 18.66.147.52	16509 (AMAZON-02) (AMAZON-02)
1	18.239.50.47 18.239.50.47	16509 (AMAZON-02) (AMAZON-02)
2	18.132.19.32 18.132.19.32	16509 (AMAZON-02) (AMAZON-02)
286	39

43 162.241.216.197 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5427.bluehost.com

icookandpaint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:8e::84 (United States)

ASN54113 (FASTLY, US)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:18ad (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.105.8 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3601:ed3e:d5aa:dca8:d92e (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.254 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:76b9:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.74.118 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (None, ) 1 redirects

ASN- ()

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.251 (London, United Kingdom) 3 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.13.21 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-13-21.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.69.41.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-41-2.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.56.205.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.42.155.83 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-155-83.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.101.241 (Rostock, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.241.101.4.46.clients.your-server.de

tm.simptrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-52.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.50.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-47.ams58.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.132.19.32 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-19-32.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	703 KB
52	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	273 KB
43	icookandpaint.com 1 redirects icookandpaint.com	996 KB
38	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 33424 ad4m.at — Cisco Umbrella Rank: 12394 assets.ad4m.at — Cisco Umbrella Rank: 45800	348 KB
22	wp.com c0.wp.com — Cisco Umbrella Rank: 8386 stats.wp.com — Cisco Umbrella Rank: 2855 i0.wp.com — Cisco Umbrella Rank: 3823 pixel.wp.com — Cisco Umbrella Rank: 2799	353 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com	374 KB
10	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 2	899 B
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	573 KB
6	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 150954 static-de.ad4mat.net — Cisco Umbrella Rank: 188473	2 KB
6	tribalfusion.com 3 redirects a.tribalfusion.com — Cisco Umbrella Rank: 860 s.tribalfusion.com — Cisco Umbrella Rank: 2311	3 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	5 KB
4	awin1.com www.awin1.com — Cisco Umbrella Rank: 18131	3 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 599	3 KB
4	criteo.com dis.criteo.com — Cisco Umbrella Rank: 597	1 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 30616 api.webgains.io — Cisco Umbrella Rank: 91573	19 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 912	3 KB
3	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 746	1 KB
3	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	2 KB
3	blismedia.com 2 redirects tr.blismedia.com — Cisco Umbrella Rank: 1824	585 B
2	media01.eu pb.media01.eu — Cisco Umbrella Rank: 74479	830 B
2	medialead.de 2 redirects pv.medialead.de — Cisco Umbrella Rank: 44040	2 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	291 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2101	1 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1403	450 B
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5683	933 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 795	1 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3451	207 B
2	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 3321 log.pinterest.com — Cisco Umbrella Rank: 4488	19 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 107304	56 KB
1	simptrack.com tm.simptrack.com — Cisco Umbrella Rank: 240035	983 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 62639	2 KB
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533	588 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	541 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 728	98 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com	612 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	463 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	255 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	84 KB
286	39

	Domain	Requested by
43	icookandpaint.com	1 redirects icookandpaint.com
38	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
26	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net icookandpaint.com
26	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
20	pagead2.googlesyndication.com	icookandpaint.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
14	assets.ad4m.at	as.ad4m.at
12	ad4m.at	as.ad4m.at ad4m.at
12	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
12	c0.wp.com	icookandpaint.com
10	www.google.com	4 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
9	www.googletagservices.com	googleads.g.doubleclick.net
8	i0.wp.com	icookandpaint.com
8	fonts.gstatic.com	fonts.googleapis.com
6	www.googleadservices.com	icookandpaint.com
6	fonts.googleapis.com	icookandpaint.com googleads.g.doubleclick.net
4	www.awin1.com	as.ad4m.at
4	c1.adform.net	4 redirects
4	dis.criteo.com	googleads.g.doubleclick.net
3	static-de.ad4mat.net	as.ad4m.at
3	pm.w55c.net	3 redirects
3	onetag-sys.com	3 redirects
3	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
3	pr-bh.ybp.yahoo.com	3 redirects
3	tr.blismedia.com	2 redirects googleads.g.doubleclick.net
3	s.tribalfusion.com	googleads.g.doubleclick.net icookandpaint.com
3	a.tribalfusion.com	3 redirects
3	www.gstatic.com	googleads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	pb.media01.eu	as.ad4m.at
2	pv.medialead.de	2 redirects
2	x.bidswitch.net	googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	ads.travelaudience.com	2 redirects
2	um.simpli.fi	2 redirects
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	tm.simptrack.com	as.ad4m.at
1	track.webgains.com	as.ad4m.at
1	dsp.adfarm1.adition.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	id.rlcdn.com	googleads.g.doubleclick.net
1	gcm.ctnsnet.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	log.pinterest.com	icookandpaint.com
1	assets.pinterest.com	icookandpaint.com
1	region1.google-analytics.com	www.googletagmanager.com
1	pixel.wp.com	icookandpaint.com
1	stats.wp.com	icookandpaint.com
1	www.googletagmanager.com	icookandpaint.com
286	53

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.pinterest.ca
www.youtube.com
www.lyrathemes.com

Subject Issuer	Validity	Valid
cpcontacts.icookandpaint.com R3	`2023-11-20` - `2024-02-18`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-11-21` - `2024-02-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
ad4mat.net GTS CA 1P5	`2023-11-18` - `2024-02-16`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
simptrack.com R3	`2023-10-16` - `2024-01-14`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh

This page contains 43 frames:

Primary Page: https://icookandpaint.com/
Frame ID: 20D9EDBE5469061E283A37927017001D
Requests: 87 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: 60B518ECF85B064F68962B96E9F290D6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=250&slotname=3883303458&adk=82414211&adf=283890332&pi=t.ma~as.3883303458&w=300&lmt=1701089099&format=300x250&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089098953&bpp=2&bdt=1009&idt=189&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=2337301729069&frm=20&pv=2&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=493&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=197
Frame ID: F207CF77E06BF992F6B67D4527AED3AD
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&adk=1812271804&adf=3025194257&lmt=1701089099&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089098963&bpp=2&bdt=1019&idt=193&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=202
Frame ID: 5334EAA03E1E03E17D2F4DD6DDFF3D1C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=280&adk=2960012911&adf=3562762558&pi=t.aa~a.2420967575~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x280&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2224&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0&nras=2&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1650&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Frame ID: 0DF9E4B74870E5823A1DEE2970F4A1BA
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=280&adk=2616919896&adf=68558358&pi=t.aa~a.562942491~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x280&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2224&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280&nras=3&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=1259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Frame ID: C4DDDD00CD3AABC85444A2D36361465D
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=280&adk=813402041&adf=3314903317&pi=t.aa~a.3512217783~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x280&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2223&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280&nras=4&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21
Frame ID: 9F12C21553E2FE3EC44CD9E21E33D02B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=90&adk=2046082024&adf=2479915878&pi=t.aa~a.193431884~rp.4&w=790&fwrn=1&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=790x90&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2224&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280%2C380x280&nras=5&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=24
Frame ID: D2C0DD12894CF815C76ADBC138F7BE0E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=100&adk=1105358892&adf=2076356532&pi=t.aa~a.914503911~rp.3&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x100&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2223&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280%2C380x280%2C790x90&nras=6&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=2259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=25
Frame ID: 5FC67A50A0239E194D28ADEAFB2382DA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=50&adk=3306574534&adf=750424724&pi=t.aa~a.315013902~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x50&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2223&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280%2C380x280%2C790x90%2C380x100&nras=7&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=2985&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=28
Frame ID: 81992DCCC261F7D38C8C3B91B0EA4BF0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 64D4105A00D873457D3211A8255AFAAF
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: 87B743310172FFB35F1BEAD95923D073
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Frame ID: CDF768FE28BBA2019315DDAB59CBFC48
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8155BF73F01749886AEFF14EAC5A50D5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: ECEFE8387B8FA0CDEB0776D3666ADE6D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 272140E5D1BF83B36253D3C2A56C93E9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: FF0CB76B954E50B81DA5E6E28327EC71
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: D460D39F68F4793CA7D994BC5C375926
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 99FD3CA425A034F609FB842D1E3AF2AF
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gjpyy5ppk5fvzhvwreraxw43bjr7rv88e6hgqxv74ns3vkhyr35566sf4wpg036y0nwhm5v1wv7vjtz783fqasc8p0m8mcvccf4g1j1qf4s91h4e7ev5zwek2e5071y2kwsm1tnaj9pea9kvs09xmc5dfhj1g4vn350vkqnhdznge3d1rhvmnm26x3zng828at4xf9vxgd1e1a5dkdpsmhvj1pb6vtszaff1phsfey04hcsa9444pw8zgr5z6zpyb0zea3wv3nd7s68tfpjernp1bb70412akdf92kw7fkwd6xn9yyks715x3y0fj9z557g8ghqvkjp5ffqknasrdj23t25s6s6r0nqg49pjaw5e2seh3e71v2vckntnzv5kk73y79k6dxmkd3jexm2dpe4k4dh40wdsz6fp8zw6atks1esvs2b36b9p2dtb91ct4eq03zz44&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCckvDTI9kZZabDrGaiM0PuZyqiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQITD9A53FuyPqgDAcgDAqoE5wFP0H7u4BHzb-14igiIqEqH7ATlmrFNHmP7kRt3m0sW1bhB8pPrDxsRdOLWgzi-URrRAkOUi2wIyPC8wJVb4iZBGBD2EZfkRdOxj2JVlt_sMeIvHdDo-W-hRRSzkkPn8zYBPCRxTPlWLrelF03g9V2mBhOlDcXwJK4he8NsvIli1yQcRlmrYgXHDLR3TXC3CCdyM0jTMmVn0dbourktOKouUnMPc_-eyltTyh2Q1Tehi4DVCMkRspUcKAC6yBvKqgSHG_j0ZwNs4vEZDejEu3ZsNRcP-is3uBMBKxprF7_lfEXLiCBa0i2ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0_4nN4jhzknIrud0z0n962-0DwAQ%26client%3Dca-pub-5152365778116488%26adurl%3D
Frame ID: 6D05CBF7DF312A7D9D437AA2EFDB5B86
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Frame ID: 6CDCCBABE338420700982F7CFE9D3CDC
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 12D63CB5EE6A72BF2F9BD0EFA7B07DE5
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h88963htt441p53x65p43xfhx0cnpxd9fxcsgayr0j8w17cc5tr35yn11p0vtn0vnyn0a5fj1dr958xfaxgk6k9mpn7dvs0n3y1bwyqkw6kqe2wh63q8603xta54xzvce0nf23s86v7yccv76dn764wf1v7w8b9ajhk9371qyqd1njjjtrn5kvvgvsqd8564dkpx3nfnkrqfz2b020x3j65jkxbyjjvt6nqhmgastcbh7ardbq3shkt2x39spsdgjsm9xegbyqk7qx2ytefqy8jhnp092cszw8tgq7ac6p4najh2wjbtnxcfpysk15d7adj1n4yar7z25gck3zbrdys6bqh8hchg4qkp12qzfe3nmbv2a8wv32fahrpbzd1419c6pcax018m18fx99krh0x5wq3hsfsma3vvqh7fwjw50x3b434prf649fem4r25f8bhj3v&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjRuVTI9kZaDCDcirjuwP8Kub-AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ6XmZ6uF-yPqgDAcgDAqoE5gFP0H7VfwwEGwcmNl7RvJu6TYmanaMCQbx6T54HLqT-Q5yKwCPIkXiKDYfSGgiHBjxhG7iDke2_hrDTTJBQpTZsumuzSPhyfCaN8Q0xGQaqc25vJ8_viVQaOZO8DkHmQTL9HikvDJnagSd4W3CHcA86-6UF7_E3-dycK6RfaQZhNhGPAmi3UWlvbQagUy60WMKIKe8ULwIHqNSeEi3WM0LFauZeOJk_fUhOljIvaLMic5c3xtQWLvKJK14YOz51eTeP58oKa5ctDSIr2Ice8RvqCrVmJHb1_tf6127B36fX1pAnPqfoU4AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-t2CIAPTeufXN-W8gHU9B44eWmQ%26client%3Dca-pub-5152365778116488%26adurl%3D
Frame ID: A5E1FEBD6A01E135D990B236F3A805A8
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Frame ID: 6F0256F08B1CAF838E649486BFED5538
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A4F04E8955B8A94B5016ADAB63A1118B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5DAB22F2ED3AA36F831461FADA57ED36
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3C01194809F4BA9AFBF969195800EC1D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 563C5C045E8D197E779B04B88C66F364
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 36B2B2BB82404964AB1FB03A43A6FE0A
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 3BAC94A9C3AC7A9C3838CEA79DFC5808
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: A56FC73AC21FD1D9CF677D06E9F5C9EB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 6EB2FCE66AFE886494A1226752FCCB2C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 5E87B7A4D1A8984A383BDB950FBB4E48
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gffg43gkfxypmqn6zzbs6z85cpa07ta1hvd8ed604qfqa7gbr4yh7sn8gnyge7fgnrzg669gc5detfz7gwha982rhwnpn0ehcs9x4cb42r310aed1katqnsfpcq1q8qz7z485ebhgkzxeam2p18hxq2bvpt3r8b31vhrcbq5y3gs90qyrx7zwrd5ecwkj3mk9zy110dxbxp7zxqaand1zz2za5b7shr8rmdavq7kvz256xm3c0xxqj6cm6gf8pnggw90mxqvpfewk1hhrsmtxx9t5rb62gtcfyb7pgn19vt06y8n2bp58cq0xbkmjzx4vjjtnc4x48rgvm5jjeyqqamgggyb7nzhk3hk4e9zjwsv78881cszc6da00rgc0bqzakyndzs999apb0j98ry8kq0b7qqhwfgazn4qkwe8xxbb44es7wvhwxpwp2630s0x513a7w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeIOgTI9kZcveDbGpjuwPh-Ca4ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ-8f9UZ12yPqgDAcgDAqoE5gFP0Nf0jUaZ7fYpGCa_-DJGxyjEH4GYavx-E8MNNTAaqy6vrXS67KOO1uv8wNFiskQx3-w5NkzdYEJfdfBARg2siBbn3JFII0cRORTA5t4mMrlyXyljlxgw7NrVmU_4cAh3FAjYqmi37zFufL8rMB3G_zns8FFTsVysk1XArPN5G9kweKKwh1vD0lJhw-szjD3ckZ4tzrhtV5OwgqdbkGLNadEzJqDR57zWIQwXpEFlgAHw0aett6fr-xJlYNFenk-98uAZt4zfCPup7jAQB2_XCEHDdvkeuQoPdePd5XbYmLPyfUJM9IAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3AnTO8_oN7HXo2qnRclaWSuoGzDQ%26client%3Dca-pub-5152365778116488%26adurl%3D
Frame ID: 185F97E1702BF3F6EC6612C8A07C51EE
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Frame ID: C2E7FC0C96BFF9A7E68FCE5E8C685163
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 283429A87C27AF0F613B4B02B213D7E8
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=3c0f5156b9aafecd8340941463cbc3ff%2F10510125924960658205&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101052&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkdajv4ekmhsm4hmgam67nq7e4hg0d8rd21dm4f2k65z5wvbfcvh9c2n7p93n5v3pz4bnpm1b9me1za08mrqg2c6ss5rs1sbmae7y42bsbwz1t96g84xc6kfdjdac0znz7c3wmmttg1w80xpvc9gb0zernjagkz9ffbgxc4xveysx46zafrw0k6xscnptncbz2ktes6hwbd931hkhyweqnjwasgavbs5qyvkyb3fp1heyrmpc77wzpq55nt4328zt327cz56hqd1x57ftaj35nb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckvDTI9kZZabDrGaiM0PuZyqiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQITD9A53FuyPqgDAcgDAqoE5wFP0H7u4BHzb-14igiIqEqH7ATlmrFNHmP7kRt3m0sW1bhB8pPrDxsRdOLWgzi-URrRAkOUi2wIyPC8wJVb4iZBGBD2EZfkRdOxj2JVlt_sMeIvHdDo-W-hRRSzkkPn8zYBPCRxTPlWLrelF03g9V2mBhOlDcXwJK4he8NsvIli1yQcRlmrYgXHDLR3TXC3CCdyM0jTMmVn0dbourktOKouUnMPc_-eyltTyh2Q1Tehi4DVCMkRspUcKAC6yBvKqgSHG_j0ZwNs4vEZDejEu3ZsNRcP-is3uBMBKxprF7_lfEXLiCBa0i2ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0_4nN4jhzknIrud0z0n962-0DwAQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Frame ID: B305A9C7C09829B1381B6EC3EE80D172
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6ccf069a5d0c35b960738c5355618f99%2F15605883553576715545&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7nb8b8rj8m9nwvq559mvf01btpgxj1rcxj68t55a2szggzsfvfbk2dz91gdnajje8epbwt8a6mw4f24bc9xwtxadcjpk8fpybvmetcefd408jwagpeegwyxk4kg44m28ry7qth4yd3tss9yj3d7cpafzgnw9rbm2509mh5trzn9saxrfs88905wj5qy5ngvgayyg9sna2d91am0348g0h6f8j3qqn6rqf0g09m9w7eccdpfy3nvn2tcz3a5wp3rg6serhmwz6js8ggv2xceptf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjRuVTI9kZaDCDcirjuwP8Kub-AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ6XmZ6uF-yPqgDAcgDAqoE5gFP0H7VfwwEGwcmNl7RvJu6TYmanaMCQbx6T54HLqT-Q5yKwCPIkXiKDYfSGgiHBjxhG7iDke2_hrDTTJBQpTZsumuzSPhyfCaN8Q0xGQaqc25vJ8_viVQaOZO8DkHmQTL9HikvDJnagSd4W3CHcA86-6UF7_E3-dycK6RfaQZhNhGPAmi3UWlvbQagUy60WMKIKe8ULwIHqNSeEi3WM0LFauZeOJk_fUhOljIvaLMic5c3xtQWLvKJK14YOz51eTeP58oKa5ctDSIr2Ice8RvqCrVmJHb1_tf6127B36fX1pAnPqfoU4AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-t2CIAPTeufXN-W8gHU9B44eWmQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Frame ID: 9C5253CEB3F1E301BF00FE8B3DCB6C0E
Requests: 11 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 2F944067E234BEE831EE846650C42A20
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=182475&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw&c=320&d=50&e=&g=f5ef0e893b5af7fbc3ab747a59cbbc67%2F11448062692916609987&i=65760&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101234&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jgbxb2k5ab8kgb1x1f5kvbna9y7jghnj8d2btsmca9m7ppytybqh9fxgghj4rgcy874wdg0m0qfkw388ap3ky2aa909fp4v3318sav1j2ymqbpqqqfv6412ekhdkey3084mpmhaee675z32qk75dpzb72bxp6fvn4qbjktxded62brv3nhrvbtbzf59c7exz5wbs8z6vz11qjbpya0vhdg0capj0294rq5rj024m9w0c4p8q9qeh4jdj4sy8a2hqp37npfx37rjvs23bq9d4pe5%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeIOgTI9kZcveDbGpjuwPh-Ca4ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ-8f9UZ12yPqgDAcgDAqoE5gFP0Nf0jUaZ7fYpGCa_-DJGxyjEH4GYavx-E8MNNTAaqy6vrXS67KOO1uv8wNFiskQx3-w5NkzdYEJfdfBARg2siBbn3JFII0cRORTA5t4mMrlyXyljlxgw7NrVmU_4cAh3FAjYqmi37zFufL8rMB3G_zns8FFTsVysk1XArPN5G9kweKKwh1vD0lJhw-szjD3ckZ4tzrhtV5OwgqdbkGLNadEzJqDR57zWIQwXpEFlgAHw0aett6fr-xJlYNFenk-98uAZt4zfCPup7jAQB2_XCEHDdvkeuQoPdePd5XbYmLPyfUJM9IAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3AnTO8_oN7HXo2qnRclaWSuoGzDQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Frame ID: FF26A9F47515369B79E1D5D2D79C70C3
Requests: 8 HTTP requests in this frame

Frame: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Frame ID: 24E7C1166F6BE906E8A23055DDD6FBB8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C6D63AC76A0D9864D2E85752541E70DF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3019AC7E49AA4A7B499EF8ED1FB8C317
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

I Cook And Paint - Everyday Recipes For Busy MakersFacebookInstagramPinterestYouTube

Page URL History Show full URLs

http://icookandpaint.com/ HTTP 301
https://icookandpaint.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

286
Requests

89 %
HTTPS

41 %
IPv6

39
Domains

53
Subdomains

39
IPs

8
Countries

3816 kB
Transfer

8809 kB
Size

42
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/icookandpaint
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/icookandpaint/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.pinterest.ca/icookandpaint/_created/
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCWqPh98w5VKBB8zssqesOZg
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.lyrathemes.com/kale/
Title: Kale

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://icookandpaint.com/ HTTP 301
https://icookandpaint.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCat6zDHxCwCRiwCTIIZ7MB4_P2Swc HTTP 301
https://tpc.googlesyndication.com/simgad/3995853839924061625

Request Chain 130

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 131

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 132

https://googleads.g.doubleclick.net/pagead/adview?ai=CkTx7S49kZa-PDM2OiM0PxcuDyArqjsy7dKflx8O2EYzAtauuARABINyijShglfrwgYwHoAGhwJjxKMgBCagDAcgDywSqBO4BT9CT5nrWtg4hRYtNDH08r-BJYhdFsI-N2-IH-zsHKl7ddVSkOWKfIPmMEcTBoLUQgNdctpItFdVCreqiEsVgu7PlFOyXhMtbbt8fj3V3WyoMyV_NKQftF75CJSGrB69szwL0LgrFeTx2XrSaLO-CBxFb5YREsrk0vYOifQKxWPv_uPvJQw3h5V44Re06R8APfgTIQGfU5Aakc32LaKPqLo5NyAni5N6OcAx7gbkwd2KI_rWgepRiQXb4Ayg_NAZCxYj8oTorVTTzwwNTsD__5_TXnTK_CDSiu9EAwQgzk2da7YAEjEo7f8M2tjh2nsAElLLRl8wEiAWQj6GUS5IFBAgEGAGSBQQIBRgEoAYugAed_KSjBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBD0kQ3SCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WP6089ua5IIDmgmAAmh0dHBzOi8vd3d3LnRlbXUuY29tL2RlL2t1aXBlci91bjEuaHRtbD9zdWJqPWZlZWQtdW4mX2JnX2ZzPTEmX3BfbWF0MV90eXBlPTEmX3BfanVtcF9pZD03MjUmX3hfdnN0X3NjZW5lPWFkZyZsb2NhbGVfb3ZlcnJpZGU9NzZ-ZGV-RVVSJmdvb2RzX2lkPTYwMTA5OTUxNDQ3MzM5MSZfcF9yZnM9MSZfeF9hZHNfc3ViX2NoYW5uZWw9b3RoZXImX3hfYWRzX2NoYW5uZWw9Z29vZ2xlJl94X2JnX2FkaWQ9Z2QyMzk1MjYtMSZ0b3BpY19jbGFzc2lmeT0xMTOACgHICwGiDBAqDgoM5LSxAu61sQK1uLEC2BMM0BUBgBcBshccChoIABIUcHViLTUxNTIzNjU3NzgxMTY0ODgYAA&sigh=pzmWfYikQHw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNh7Ptv6dIMBB58l-bNhGWXC7Hz0-6kZhu6XGb3INNIH9IGgcyDiybiiPwaC71gE5975jIb3ZxmJZbl0gwR6y0ujrH_lGfhxYOzwoYAQ&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223838699396904125893%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2211-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212883308044856124401%22}&andc=true

Request Chain 147

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFRlWS2kf555FAuL5rh6MMU&google_cver=1&google_push=AXcoOmSimVi9Qhs-A6-Z4FAvsF43d8f4OZGB9nMqApDJ-y2WIblpJ8jmT1A_8d_cMtIJJnwVvBCM0kuFShOFLdoZ1tjCi9exxwiLXeg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSimVi9Qhs-A6-Z4FAvsF43d8f4OZGB9nMqApDJ-y2WIblpJ8jmT1A_8d_cMtIJJnwVvBCM0kuFShOFLdoZ1tjCi9exxwiLXeg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFRlWS2kf555FAuL5rh6MMU&google_cver=1&google_push=AXcoOmSimVi9Qhs-A6-Z4FAvsF43d8f4OZGB9nMqApDJ-y2WIblpJ8jmT1A_8d_cMtIJJnwVvBCM0kuFShOFLdoZ1tjCi9exxwiLXeg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSimVi9Qhs-A6-Z4FAvsF43d8f4OZGB9nMqApDJ-y2WIblpJ8jmT1A_8d_cMtIJJnwVvBCM0kuFShOFLdoZ1tjCi9exxwiLXeg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 149

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGCyp1ZP9-49j1z7AP8prJc&google_cver=1&google_push=AXcoOmQQT1v5PoyHnHL48y2h-Te2mxOzHYlOvWkeqiEZR95GfKkABR6Z6w5LQ8P9z57TIbaqCaSDoMfcbY8HYvJ2bUYdx7FHwfmwPQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQQT1v5PoyHnHL48y2h-Te2mxOzHYlOvWkeqiEZR95GfKkABR6Z6w5LQ8P9z57TIbaqCaSDoMfcbY8HYvJ2bUYdx7FHwfmwPQ&google_hm=eS1VSlFWN2k5RTJwR2hhNm5BckZsNGwxWUU0eldkMHAyMX5B

Request Chain 151

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPn9DOVyV3rMd7VQvdCAG_k&google_cver=1&google_push=AXcoOmSy_3Gk6c0GSflpyZPxm2Y3puWQKco1U843gjCPdHWWaJnBI6m9-7RZIefjnU4AkVc_DeI2HqbJqKCr4AQrczhPxKqIiXGDo3o HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPn9DOVyV3rMd7VQvdCAG_k&google_cver=1&google_push=AXcoOmSy_3Gk6c0GSflpyZPxm2Y3puWQKco1U843gjCPdHWWaJnBI6m9-7RZIefjnU4AkVc_DeI2HqbJqKCr4AQrczhPxKqIiXGDo3o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcxNjk0MDUxMjk2NDM3ODc2Mw&google_push=AXcoOmSy_3Gk6c0GSflpyZPxm2Y3puWQKco1U843gjCPdHWWaJnBI6m9-7RZIefjnU4AkVc_DeI2HqbJqKCr4AQrczhPxKqIiXGDo3o

Request Chain 183

https://um.simpli.fi/gp_match?google_gid=CAESEPJViB6ebef3AhsMKNExOhU&google_cver=1&google_push=AXcoOmSNaQS9Qu47OXmatugim5BKtvX4V3CkdM24DsaJWInbNgzvxwMbV9L7Pl-nDE2u7Gy8dmSu21NtUxs22oJl59SvbjW21SlUAJA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2D24F4BB0E854F259DA8FD4D3C394C8C&google_push=AXcoOmSNaQS9Qu47OXmatugim5BKtvX4V3CkdM24DsaJWInbNgzvxwMbV9L7Pl-nDE2u7Gy8dmSu21NtUxs22oJl59SvbjW21SlUAJA

Request Chain 184

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFGtTu-kzmpwG46pHeFE-dU&google_cver=1&google_push=AXcoOmStdI9fDD7PUB_ot7e-tsAKDrMILZF2uwzOruaQ-nBV8a1CDH0DhjvKWykfSGdmZX5x7VjOtg7szlA8t84Nnn1jTzZNy9WaChA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmStdI9fDD7PUB_ot7e-tsAKDrMILZF2uwzOruaQ-nBV8a1CDH0DhjvKWykfSGdmZX5x7VjOtg7szlA8t84Nnn1jTzZNy9WaChA&google_hm=iZuJztKJSfOol9umnmRKMhY

Request Chain 185

https://ads.travelaudience.com/google_pixel?google_gid=CAESELy0fyolTICchpOa4uJBE04&google_cver=1&google_push=AXcoOmR7BFhaF3uSuAOszLrXdI9zByYcCLg_7nUBrD7UnkHwQff-ms8VnfW_HT2qz2ayrwlTgMFSJHRS4Bi4xCMBsZqy0Xv9Yxz9h3M HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5S_eeYvJTF0lEwaPvjCfug&google_push=AXcoOmR7BFhaF3uSuAOszLrXdI9zByYcCLg_7nUBrD7UnkHwQff-ms8VnfW_HT2qz2ayrwlTgMFSJHRS4Bi4xCMBsZqy0Xv9Yxz9h3M

Request Chain 187

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPGs6wnRLUkY5HHpsK17r9E&google_cver=1&google_push=AXcoOmQBMePcSjqKPIgXSlBJLIedMtTXQxSEij-JH6wU2-4w8g1gvmhTLfmSupfh2H73T8vpMpK_J6QA4pqx8jP_yJTqko03d1xyUg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQBMePcSjqKPIgXSlBJLIedMtTXQxSEij-JH6wU2-4w8g1gvmhTLfmSupfh2H73T8vpMpK_J6QA4pqx8jP_yJTqko03d1xyUg

Request Chain 188

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGdctx2SxgMJNRSfhIV-nHI&google_cver=1&google_push=AXcoOmQY5pBRrdBxvT0s076WAoPkIv2Xg82GVdXFIa9upKUtU9dI6C1sA4hEJQjNrMZvIRSwog_PAWdvdm7vdo7Df8A3vCZ5m0RNiL8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQY5pBRrdBxvT0s076WAoPkIv2Xg82GVdXFIa9upKUtU9dI6C1sA4hEJQjNrMZvIRSwog_PAWdvdm7vdo7Df8A3vCZ5m0RNiL8 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 193

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBrbwfS5UhDR0pghiWhHLrQ&google_cver=1&google_push=AXcoOmTrsxpC1KHEjIslMdmvtEv0DskwGt2oHzHhpr8MoB4O-reFXer5UisZvTxFB-hYnuAzkDSUtrYGyaVzF0qHPNZdOCN5IWgkug HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBrbwfS5UhDR0pghiWhHLrQ&google_cver=1&google_push=AXcoOmTrsxpC1KHEjIslMdmvtEv0DskwGt2oHzHhpr8MoB4O-reFXer5UisZvTxFB-hYnuAzkDSUtrYGyaVzF0qHPNZdOCN5IWgkug HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TDI1eUZvVngxUjdBWVk1&google_gid=CAESEBrbwfS5UhDR0pghiWhHLrQ&google_cver=1&google_push=AXcoOmTrsxpC1KHEjIslMdmvtEv0DskwGt2oHzHhpr8MoB4O-reFXer5UisZvTxFB-hYnuAzkDSUtrYGyaVzF0qHPNZdOCN5IWgkug

Request Chain 194

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIS_OXAP-CqE9mSf_0s5WcQ&google_cver=1&google_push=AXcoOmSszHfTNDRek5iDs89BWXImvlpd1WD9OqU9h-NFLZKs9tNYZK75gqSxqprrGq7ZQZDE3RmyKCN-CX6_zTpqifMBxJsjksz-UZs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSszHfTNDRek5iDs89BWXImvlpd1WD9OqU9h-NFLZKs9tNYZK75gqSxqprrGq7ZQZDE3RmyKCN-CX6_zTpqifMBxJsjksz-UZs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIS_OXAP-CqE9mSf_0s5WcQ&google_cver=1&google_push=AXcoOmSszHfTNDRek5iDs89BWXImvlpd1WD9OqU9h-NFLZKs9tNYZK75gqSxqprrGq7ZQZDE3RmyKCN-CX6_zTpqifMBxJsjksz-UZs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSszHfTNDRek5iDs89BWXImvlpd1WD9OqU9h-NFLZKs9tNYZK75gqSxqprrGq7ZQZDE3RmyKCN-CX6_zTpqifMBxJsjksz-UZs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 196

https://ads.travelaudience.com/google_pixel?google_gid=CAESEN0W-KZRF3IkETDkwiVV2R4&google_cver=1&google_push=AXcoOmTR1nWMPPvr03_5scxy_ZC7-yQ7T1HCasLdG3YkUMqFxMC44XWBQfyLc2QQ1vnJ0jzpQzT2WXh2PkVe_sbtESjy9SKdS0DIy3E HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=lnZ7NU86TD0ZfrHS8KC4Xg&google_push=AXcoOmTR1nWMPPvr03_5scxy_ZC7-yQ7T1HCasLdG3YkUMqFxMC44XWBQfyLc2QQ1vnJ0jzpQzT2WXh2PkVe_sbtESjy9SKdS0DIy3E

Request Chain 197

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmR-ZTw5XGTY0Cg8Eh5Ip-WuYtuML8N6-0KVD3qd0ZyHYHMVG4HzMiBbWwuL0X4fDxH5wcrb8sGm0yepQ6F-lwMSJ95hmjuc3WM&google_gid=CAESEMl7E02qlJ4YpYU-DcX82w4&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmR-ZTw5XGTY0Cg8Eh5Ip-WuYtuML8N6-0KVD3qd0ZyHYHMVG4HzMiBbWwuL0X4fDxH5wcrb8sGm0yepQ6F-lwMSJ95hmjuc3WM&google_gid=CAESEMl7E02qlJ4YpYU-DcX82w4&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzExMjcxMjQ1MDEwMDAxMzg3MzY4ODE1NQ%3D%3D&google_push=AXcoOmR-ZTw5XGTY0Cg8Eh5Ip-WuYtuML8N6-0KVD3qd0ZyHYHMVG4HzMiBbWwuL0X4fDxH5wcrb8sGm0yepQ6F-lwMSJ95hmjuc3WM

Request Chain 199

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMs9Q7kIcIXjOhcG8fAiR4E&google_cver=1&google_push=AXcoOmSO3vwNaqsV2Kaf6Yj3sRpNPzfr5XOlnw3JVL6CXVJGSRtnH79EtgHcy3p6_BaOrPRcrC-6nfeuYGCq6_ljynINQrsXnm22hg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMs9Q7kIcIXjOhcG8fAiR4E&google_cver=1&google_push=AXcoOmSO3vwNaqsV2Kaf6Yj3sRpNPzfr5XOlnw3JVL6CXVJGSRtnH79EtgHcy3p6_BaOrPRcrC-6nfeuYGCq6_ljynINQrsXnm22hg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzEzNDUxNDAyNzc4MzA3MjYw&google_push=AXcoOmSO3vwNaqsV2Kaf6Yj3sRpNPzfr5XOlnw3JVL6CXVJGSRtnH79EtgHcy3p6_BaOrPRcrC-6nfeuYGCq6_ljynINQrsXnm22hg

Request Chain 201

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 202

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 204

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJzc9an4xGoNge8E0N126To&google_cver=1&google_push=AXcoOmTvaa3mZ12oiR5l53BPYc6ZxOzntO-26F6F7LxZh2eGpCHMLaPyqgQ9ldkfH7FVeKCKghxYc5B2ndbf-0EicgVDhFZA2HG8UA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTvaa3mZ12oiR5l53BPYc6ZxOzntO-26F6F7LxZh2eGpCHMLaPyqgQ9ldkfH7FVeKCKghxYc5B2ndbf-0EicgVDhFZA2HG8UA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJzc9an4xGoNge8E0N126To&google_cver=1&google_push=AXcoOmTvaa3mZ12oiR5l53BPYc6ZxOzntO-26F6F7LxZh2eGpCHMLaPyqgQ9ldkfH7FVeKCKghxYc5B2ndbf-0EicgVDhFZA2HG8UA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTvaa3mZ12oiR5l53BPYc6ZxOzntO-26F6F7LxZh2eGpCHMLaPyqgQ9ldkfH7FVeKCKghxYc5B2ndbf-0EicgVDhFZA2HG8UA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 205

https://um.simpli.fi/gp_match?google_gid=CAESEEYAIEmtIGQRepGBGpZD8gE&google_cver=1&google_push=AXcoOmRbEjG637CBSDBZArSMKfcNKCp0m6wYZQVJAtOAFYAtJPmzQuYRmE0_sE-RtxB-UPXU2LAcJo9Jjoosfpm5781uh9gFakvAwBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1839467EDBE849378F2AD9D6AF3608CC&google_push=AXcoOmRbEjG637CBSDBZArSMKfcNKCp0m6wYZQVJAtOAFYAtJPmzQuYRmE0_sE-RtxB-UPXU2LAcJo9Jjoosfpm5781uh9gFakvAwBQ

Request Chain 206

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMPfWg38WQjOARRVxgrAnRE&google_cver=1&google_push=AXcoOmTnWFdm-Cu-fDzMUlw8yRMnQIrH3KOGSGOK6wEOLuGg-vVDb2H0NCNJyv11OmOMaJ7HdrscT3B6vTSeE7LR2AGJ_9-j0dY6wWU HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmTnWFdm-Cu-fDzMUlw8yRMnQIrH3KOGSGOK6wEOLuGg-vVDb2H0NCNJyv11OmOMaJ7HdrscT3B6vTSeE7LR2AGJ_9-j0dY6wWU&google_hm=hmVkj0wLS5YmQa3_9Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65648F4C0B4B962641ADFFF5BLIS

Request Chain 208

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEyQGItewJfv8LuC8EB93sc&google_cver=1&google_push=AXcoOmSbVUb_2gZ6DfqYVFkgs7L-OTgkUS-ZzMS0blJI4VdGUrY74y9vcXBgi2f2V7ShTxpSIVpb-6urmYVeEICPgPRCv1y8oJXJ95c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSbVUb_2gZ6DfqYVFkgs7L-OTgkUS-ZzMS0blJI4VdGUrY74y9vcXBgi2f2V7ShTxpSIVpb-6urmYVeEICPgPRCv1y8oJXJ95c&google_hm=eS1JYlRMT1dORTJwR2VYUFhCQmI0Q0VPd1BsZHZ3WUZIcX5B

Request Chain 210

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEELhjf1f58C4K5AYKm0qkDk&google_cver=1&google_push=AXcoOmS2HXOxLO7exQg5Fxv6gPQE-Zu2fDxSZa9q8t3UlSxAhfVPepNFyWrRRJRhJCzqhhBu5fbfHAdp15-R-OHB9rHiuArBHhQMiKU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS2HXOxLO7exQg5Fxv6gPQE-Zu2fDxSZa9q8t3UlSxAhfVPepNFyWrRRJRhJCzqhhBu5fbfHAdp15-R-OHB9rHiuArBHhQMiKU

Request Chain 212

https://googleads.g.doubleclick.net/pagead/adview?ai=CluA0TI9kZeuADtKfiM0PraWfkATMj86zdMjeidmkELCQHxABINyijShglfrwgYwHoAH34pu0KMgBAqgDAcgDyQSqBO4BT9BWMcVlcPJVa3qXY-PIBBt1i0-bnOC-72AuorIo6m8EkMSOEv6KqcVmG1jnr6B7uMxf4O-Rc8rfDolw2sSyoGdeweIARHg8Sqh5qt2Y2BSB-jhEaTgfG6ovg8IGDeQbyl403GgqU5aHHP5FBUH0svLU-F0fGnaNB303C6mp25zkJ7nDTQiKy-_uWH3N_hUviQrTXSXwSWFwahADhIn2F7xp_6ZlK12TtTMAwBGigVYvqnvWzn0OVNMYFStJy3gaqE0GJKjFth4twQMicdBobQF_wIZemqJhYgOTsI0eiiYPQr4L7B58JReKHThrFsAE8KLeqaIEiAWdzYCORJIFBAgEGAGSBQQIBRgEoAYCgAf3muyTA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEMXIAtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCT1odHRwczovL2ZyZWUud2ViY29tcGFuaW9uLmNvbS9taW5pbWUvZGUvP2NhbXBhaWduPTE4MjgyOTgxMDIxgAoByAsBogwQKg4KDOS0sQLutbECtbixAtgTDdAVAYAXAbIXHAoaCAASFHB1Yi01MTUyMzY1Nzc4MTE2NDg4GAA&sigh=PH0_W7Krzvk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNb_l1QI__uPToAytK88ZReWHiGagYFCXwmcZsKkUNd4QWPZF7V5HA0EVqjU7GawtDQwc76wCvpxgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228971816263549577870%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%224%22:[%2211-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215062821226572734481%22}&andc=true

Request Chain 215

https://googleads.g.doubleclick.net/pagead/adview?ai=Ce2WDTI9kZfzXDdqsiM0PvPu0-ArUiLusdJ68t_PgEb_hHhABINyijShglfrwgYwHoAGs1ZL-A8gBA6kCfvH_VGddsj6oAwHIA8kEqgTqAU_Qm75OJUWnlTevYSD56zz8uj-39T7cG_Mmagt0qrcTyxCk_5XK3MC1LvSqgTRsUwJXfP4tJYb-8viDGc4OiTo8Kx6vJeucA9bLvOJR6Tg-Uyuc4rxJD5MSBsyUn3MsDbCf5OnU3L6pdOktyMFZQRAO6fUqxGxFFc_lVuIE22Wq8k9w0B2Uvt0ZMX0CcY5-N0NvmXTbLQGZ8ByhDZ0XfS0Cfk4bZ-BiAwajpmSCFD_VgK9WryZvciLPSJpMxjRUVABGe_rxOr2fpcdDuENHGZIDvFcJa0I4caOM571crnT72u4Ui3o8K2Pp5MAEiLfxiMgEiAX_ho7tSaAGA4AH-8GwygKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDa5AnSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIL5sdya5IIDmgkcaHR0cHM6Ly93YWVybWVwdW1wZS53b2xmLmV1L4AKAcgLAaIMECoOCgzktLEC7rWxArW4sQLYEwPQFQGAFwGyFxwKGggAEhRwdWItNTE1MjM2NTc3ODExNjQ4OBgA&sigh=Mt2Krh0QD5U&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNyxspr92j0NyhCV2JX0bPx6-Y_n8Pr6VnRqoQAkA6oslDbhbSwmdA5n9IzzqkLlQMIrzb3QCM9RgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210103872721546105382%22,%22debug_reporting%22:true,%22destination%22:%22https://wolf.eu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221069853356%22],%224%22:[%2211-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226108342603848112129%22}&andc=true

Request Chain 235

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEINplSyBAJpckAMLvGjd_vU&google_cver=1&google_push=AXcoOmSJUoKBh8NEUQ949GMMoAg8jTVL9w1MqsRropmOkKor5kOhnFvEb71md4Js2TJlV-jyNTo_azmRaxUflzM027yux0l83lwDXbGD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TDI1eUZvVngxUjdBWVk1&google_gid=CAESEINplSyBAJpckAMLvGjd_vU&google_cver=1&google_push=AXcoOmSJUoKBh8NEUQ949GMMoAg8jTVL9w1MqsRropmOkKor5kOhnFvEb71md4Js2TJlV-jyNTo_azmRaxUflzM027yux0l83lwDXbGD

Request Chain 236

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECbKWJtoWdR1o2qvZrypFDY&google_cver=1&google_push=AXcoOmQJ6CwsebhbNU5jX7iVbQYQ3wY_WcNbYUs1CfYsZLYzD12iPnaxXrvrnOTSTYDeS3q2Y2Iz-JsQ9bBow0eAACoEo2GNirlgOb2b HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECbKWJtoWdR1o2qvZrypFDY&google_push=AXcoOmQJ6CwsebhbNU5jX7iVbQYQ3wY_WcNbYUs1CfYsZLYzD12iPnaxXrvrnOTSTYDeS3q2Y2Iz-JsQ9bBow0eAACoEo2GNirlgOb2b

Request Chain 237

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECHPsbBuQAbOKxcQbbvyOAA&google_cver=1&google_push=AXcoOmQG_syimiWNPfwXuSDpaZaMZ5aWWJJqEn1VuUMi-jZ7sB5gsGOLlAfNblBa_5q8nb359nXkR5UfeoCrwV84I1vaOdvY2Iehrxvf HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQG_syimiWNPfwXuSDpaZaMZ5aWWJJqEn1VuUMi-jZ7sB5gsGOLlAfNblBa_5q8nb359nXkR5UfeoCrwV84I1vaOdvY2Iehrxvf&google_hm=hmVkj0wLS5YmQa3_9Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65648F4C0B4B962641ADFFF5BLIS

Request Chain 238

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFn_9xn470Jf9iHuytC4Q_I&google_cver=1&google_push=AXcoOmSFGx0LK4qbX29OAE7DK6aPho9ttzY4ANP-gZNinkfCjbuXDv-LaTgyadMIw8fPFZujE0lofhBcZ1H7tSnIevmT2bEGIC-8_gwr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNjEyMjA1NjM4MTg4ODY2NQ%3D%3D&google_push=AXcoOmSFGx0LK4qbX29OAE7DK6aPho9ttzY4ANP-gZNinkfCjbuXDv-LaTgyadMIw8fPFZujE0lofhBcZ1H7tSnIevmT2bEGIC-8_gwr

Request Chain 240

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEtK-0cQ03eiTcpjkT1qHw8&google_cver=1&google_push=AXcoOmRSq4putlmEv9t3u0twSlQ2JVBJtSES5TL12u3emDXFVf1HDL--Qv_eB04G9_jh5DMrNs1xiiQqadLj5vfLe7ZcE0fwhRQ7sNKF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRSq4putlmEv9t3u0twSlQ2JVBJtSES5TL12u3emDXFVf1HDL--Qv_eB04G9_jh5DMrNs1xiiQqadLj5vfLe7ZcE0fwhRQ7sNKF&google_hm=eS1JYlRMT1dORTJwR2VYUFhCQmI0Q0VPd1BsZHZ3WUZIcX5B

Request Chain 241

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJukwDpZxSiuyuknhQEfYBs&google_cver=1&google_push=AXcoOmQQCAS8OWf3x-niFLr_lYaUCLOnbJzxdtenedxzI5NNTHfwayhvb587Uu7qsOHehqLMO6jxjM0j9gCHeYTAyp3x8iRKt37Qi1An HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQQCAS8OWf3x-niFLr_lYaUCLOnbJzxdtenedxzI5NNTHfwayhvb587Uu7qsOHehqLMO6jxjM0j9gCHeYTAyp3x8iRKt37Qi1An

Request Chain 252

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 268

https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=981741&produktid=&dt_url=

286 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
icookandpaint.com/
Redirect Chain

http://icookandpaint.com/
https://icookandpaint.com/

99 KB
30 KB

1198ms
810ms

Document
text/html

162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

nginx/1.21.6 /

Resource Hash

a0df1d7c18d1fc6fe0fc9e06d0f275906507f86fbeaba2c9c9419a847fbfe60f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=7200
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 27 Nov 2023 12:44:39 GMT
expires: Mon, 27 Nov 2023 14:44:57 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
link: <https://icookandpaint.com/wp-json/>; rel="https://api.w.org/"
server: nginx/1.21.6
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: false

Redirect headers

Connection: Keep-Alive
Content-Length: 234
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 27 Nov 2023 12:44:56 GMT
Keep-Alive: timeout=5, max=75
Location: https://icookandpaint.com/
Server: Apache

GET
H2 200 style.min.css
c0.wp.com/c/6.4.1/wp-includes/css/dist/block-library/ 107 KB
13 KB 88ms
40ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.1/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 27 Nov 2023 12:44:58 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Sun, 05 Nov 2023 19:40:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 26 Nov 2024 12:44:58 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/6.4.1/wp-includes/js/mediaelement/ 11 KB
3 KB 69ms
21ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 27 Nov 2023 12:44:58 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 26 Nov 2024 12:44:58 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/6.4.1/wp-includes/js/mediaelement/ 4 KB
1 KB 68ms
20ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.1/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 27 Nov 2023 12:44:58 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 26 Nov 2024 12:44:58 GMT

GET
H2 200 utilities.css
icookandpaint.com/wp-content/plugins/bluehost-wordpress-plugin/vendor/newfold-labs/wp-module-patterns/assets/build/ 21 KB
4 KB 567ms
563ms Stylesheet
text/css 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/plugins/bluehost-wordpress-plugin/vendor/newfold-labs/wp-module-patterns/assets/build/utilities.css

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

183c2c786c2d47494bd732f76495817dac9c6b70c5d8f7b3dfb00672b21bf8cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 08 Nov 2023 01:15:26 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4532
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 cookie-law-info-public.css
icookandpaint.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 3 KB
1 KB 199ms
196ms Stylesheet
text/css 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 16 Nov 2023 13:38:16 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 986
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 cookie-law-info-gdpr.css
icookandpaint.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 27 KB
8 KB 382ms
378ms Stylesheet
text/css 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 16 Nov 2023 13:38:16 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 8481
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 wpurp-public-forced.css
icookandpaint.com/wp-content/plugins/wp-ultimate-recipe/assets/ 60 KB
16 KB 380ms
377ms Stylesheet
text/css 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/plugins/wp-ultimate-recipe/assets/wpurp-public-forced.css

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

279f25272d9abff4fe6094047bbbe8218b3a5e3211fa40df6ce7526c8e2e0ebf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 20 Nov 2020 13:12:59 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 15856
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 font-awesome.min.css
icookandpaint.com/wp-content/plugins/wp-ultimate-recipe/vendor/font-awesome/css/ 27 KB
6 KB 377ms
373ms Stylesheet
text/css 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/plugins/wp-ultimate-recipe/vendor/font-awesome/css/font-awesome.min.css

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 20 Nov 2020 13:12:59 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 6248
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 83ms
30ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Nov 2023 12:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 11:46:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Nov 2023 12:44:58 GMT

GET
H2 200 zrdn-grid.min.css
icookandpaint.com/wp-content/plugins/zip-recipes/styles/ 609 B
272 B 200ms
197ms Stylesheet
text/css 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/plugins/zip-recipes/styles/zrdn-grid.min.css

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

624778d8f54fef735c1e477018f640561ad0f36feffd481206e0965a614a37ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Tue, 31 Oct 2023 01:14:24 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 212
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 zlrecipe-std.min.css
icookandpaint.com/wp-content/plugins/zip-recipes/styles/ 9 KB
2 KB 382ms
379ms Stylesheet
text/css 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/plugins/zip-recipes/styles/zlrecipe-std.min.css

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

3048c7d47c809d811b73e5bc2b9c187062eb8466220f57ad261b113067990da4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Tue, 31 Oct 2023 01:14:24 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2001
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
999 B 104ms
51ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700%7CLato%3A400%2C700%2C300%2C300italic%2C400italic%2C700italic%7CRaleway%3A200%7CCaveat&subset=latin%2Clatin-ext

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c3b1a284dd6b56ff6334626f140a9c18ff4b28857648d37943baed47e7229c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Nov 2023 12:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 12:44:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Nov 2023 12:44:58 GMT

GET
H2 200 bootstrap.min.css
icookandpaint.com/wp-content/themes/kale/assets/css/ 119 KB
27 KB 393ms
390ms Stylesheet
text/css 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/themes/kale/assets/css/bootstrap.min.css

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Mon, 09 Oct 2023 01:13:46 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 bootstrap-select.min.css
icookandpaint.com/wp-content/themes/kale/assets/css/ 6 KB
2 KB 377ms
375ms Stylesheet
text/css 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/themes/kale/assets/css/bootstrap-select.min.css

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

97b66be7d96b63e66d883c7804f667f0ca57da49b538c0185223dbfd58f352b3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Mon, 09 Oct 2023 01:13:46 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1631
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 jquery.smartmenus.bootstrap.css
icookandpaint.com/wp-content/themes/kale/assets/css/ 4 KB
1 KB 378ms
376ms Stylesheet
text/css 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/themes/kale/assets/css/jquery.smartmenus.bootstrap.css

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

6d22af88c0f4aeddf80077218bd5926db794237cd5cae221a1f72810be08db45

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Mon, 09 Oct 2023 01:13:46 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1098
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 fontawesome.min.css
icookandpaint.com/wp-content/themes/kale/assets/css/ 79 KB
16 KB 570ms
568ms Stylesheet
text/css 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/themes/kale/assets/css/fontawesome.min.css

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

7d272de35b410fb165377550cdf9c4d3a80fbbcc961e111914e4d5c0eaf5729f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Mon, 09 Oct 2023 01:13:46 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 16762
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 all.min.css
icookandpaint.com/wp-content/themes/kale/assets/css/ 98 KB
21 KB 761ms
758ms Stylesheet
text/css 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/themes/kale/assets/css/all.min.css

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Mon, 09 Oct 2023 01:13:46 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 owl.carousel.css
icookandpaint.com/wp-content/themes/kale/assets/css/ 4 KB
1 KB 568ms
566ms Stylesheet
text/css 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/themes/kale/assets/css/owl.carousel.css

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

87b34f2c1c4c30f70478efc10c6c026f9311019f028157314717e6ddfa4c1f4b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Mon, 09 Oct 2023 01:13:46 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1247
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 style.css
icookandpaint.com/wp-content/themes/kale/ 58 KB
16 KB 579ms
577ms Stylesheet
text/css 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/themes/kale/style.css

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

680cdef4c4990dc64c02d6f31af06004e57d927037b295d6151ca694ecd120e3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Mon, 09 Oct 2023 01:13:46 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 16788
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 public.css
icookandpaint.com/wp-content/plugins/recent-posts-widget-with-thumbnails/ 1 KB
594 B 568ms
566ms Stylesheet
text/css 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

ce52d5b385569bcdc3f93a1a49e6cb7e71dfb246acdb5bbda64975ae14da7752

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Tue, 14 Dec 2021 15:40:34 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 533
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 style.css
icookandpaint.com/wp-content/plugins/simple-social-icons/css/ 1 KB
509 B 582ms
580ms Stylesheet
text/css 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/plugins/simple-social-icons/css/style.css

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

f230538018f9156f925bd667c6ac4f437ae4541b9d421424728592d359b499c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 16 Nov 2023 13:38:35 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 447
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/12.8.1/css/ 98 KB
17 KB 66ms
21ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/12.8.1/css/jetpack.css

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

277fb30e91af19162de1bd98e6364ee78f0677257c118fd46d0255b83eeadd55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 27 Nov 2023 12:44:58 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 13 Nov 2023 18:14:20 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 26 Nov 2024 12:44:58 GMT

GET
H2 200 utilities.js Show response
icookandpaint.com/wp-content/plugins/bluehost-wordpress-plugin/vendor/newfold-labs/wp-module-patterns/assets/build/ 2 KB
894 B 580ms
578ms Script
application/javascript 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/plugins/bluehost-wordpress-plugin/vendor/newfold-labs/wp-module-patterns/assets/build/utilities.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

8e6ec359e0fe2e216fed935dcf85a5a4917b8fb1f136109b375bca2f91c5a04a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 08 Nov 2023 01:15:26 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 839
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/6.4.1/wp-includes/js/jquery/ 86 KB
29 KB 86ms
41ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.1/wp-includes/js/jquery/jquery.min.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 27 Nov 2023 12:44:58 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 26 Nov 2024 12:44:58 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/6.4.1/wp-includes/js/jquery/ 13 KB
5 KB 85ms
41ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.1/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 27 Nov 2023 12:44:58 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 09 Jun 2023 05:49:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 26 Nov 2024 12:44:58 GMT

GET
H2 200 cookie-law-info-public.js Show response
icookandpaint.com/wp-content/plugins/cookie-law-info/legacy/public/js/ 33 KB
11 KB 581ms
579ms Script
application/javascript 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 16 Nov 2023 13:38:16 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 10776
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 cookie-law-info-ccpa.js Show response
icookandpaint.com/wp-content/plugins/cookie-law-info/legacy/admin/modules/ccpa/assets/js/ 7 KB
2 KB 583ms
582ms Script
application/javascript 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/plugins/cookie-law-info/legacy/admin/modules/ccpa/assets/js/cookie-law-info-ccpa.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

08a25c504f8eff948a2911d660c1b12ef89c3fb8f3d57216facebebd6303b75e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 16 Nov 2023 13:38:15 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1989
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
705 B 82ms
31ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?display=swap&family=Roboto&family=Arapey

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f3b05a27ae27239778d00e7cd1c47d039a207fe5a09133e60202d010653fbfa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Nov 2023 12:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 12:44:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Nov 2023 12:44:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
84 KB 91ms
38ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8C31C3J8M5

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c8dd1d8591a9a1270c35f0814983ad7c8766aac366bf96192dbcaf8b4f4ed83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:44:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85310
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 27 Nov 2023 12:44:58 GMT

GET
H2 200 pinit.js Show response
icookandpaint.com/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/ 875 B
421 B 203ms
203ms Script
application/javascript 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/pinit.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

1f1fffdcfccb2ca03296d8e054da2d690323fe46c66e00d9419604c830d21215

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Sat, 04 Nov 2023 13:13:00 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 383
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
BLOB 200
OK cc024dbe-c061-4f07-a404-5bbd69d5fd02
https://icookandpaint.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://icookandpaint.com/cc024dbe-c061-4f07-a404-5bbd69d5fd02
Requested by: Host: icookandpaint.com
URL: https://icookandpaint.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 158 KB
53 KB 180ms
126ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19fd08e7b122eb516934df835542abacb366c7d2fde2ce1a95c6cab11018a486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53679
x-xss-protection: 0
server: cafe
etag: 7353151827736359197
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 12:44:58 GMT

GET
H2 200 cookie-law-info-table.css
icookandpaint.com/wp-content/plugins/cookie-law-info/legacy/public/css/ 6 KB
2 KB 563ms
561ms Stylesheet
text/css 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-table.css

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 16 Nov 2023 13:38:16 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2063
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 image-cdn.js Show response
icookandpaint.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/ 701 B
444 B 387ms
385ms Script
application/javascript 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-image-cdn/dist/image-cdn.js?minify=false

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Tue, 14 Nov 2023 01:12:59 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 383
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 main.js Show response
icookandpaint.com/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/ 0
58 B 388ms
386ms Script
application/javascript 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/main.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
date: Mon, 27 Nov 2023 12:44:58 GMT
x-nginx-cache: WordPress
last-modified: Sat, 04 Nov 2023 13:13:00 GMT
server: Apache
vary: User-Agent
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 0
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 ta.js Show response
icookandpaint.com/wp-content/plugins/thirstyaffiliates/js/app/ 11 KB
3 KB 386ms
383ms Script
application/javascript 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/plugins/thirstyaffiliates/js/app/ta.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

b79430a9de38710c84acfff45b12451f47393d89bb5acf8bc6f291ca16bc8839

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 16 Nov 2023 01:13:58 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3323
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 core.min.js Show response
c0.wp.com/c/6.4.1/wp-includes/js/jquery/ui/ 21 KB
7 KB 23ms
21ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.1/wp-includes/js/jquery/ui/core.min.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 27 Nov 2023 12:44:58 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Thu, 02 Feb 2023 16:36:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 26 Nov 2024 12:44:58 GMT

GET
H2 200 mouse.min.js Show response
c0.wp.com/c/6.4.1/wp-includes/js/jquery/ui/ 3 KB
1 KB 23ms
21ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.1/wp-includes/js/jquery/ui/mouse.min.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

809ec973a018b6bf8ac18e74bfffc3d25182e6f44df00128d531cf3e07570ee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 27 Nov 2023 12:44:58 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 26 Nov 2024 12:44:58 GMT

GET
H2 200 sortable.min.js Show response
c0.wp.com/c/6.4.1/wp-includes/js/jquery/ui/ 25 KB
7 KB 23ms
22ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.1/wp-includes/js/jquery/ui/sortable.min.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

275bace21e01961de13dd85b2454bf719249ee3b33559f7b468c92e3cf01a93a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 27 Nov 2023 12:44:58 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Thu, 02 Feb 2023 16:36:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 26 Nov 2024 12:44:58 GMT

GET
H2 200 draggable.min.js Show response
c0.wp.com/c/6.4.1/wp-includes/js/jquery/ui/ 18 KB
5 KB 26ms
24ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.1/wp-includes/js/jquery/ui/draggable.min.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6d5db554f7ae65713d70fd359a046d051dada869941279557a39d0749beded33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 27 Nov 2023 12:44:58 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Thu, 02 Feb 2023 16:36:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 26 Nov 2024 12:44:58 GMT

GET
H2 200 droppable.min.js Show response
c0.wp.com/c/6.4.1/wp-includes/js/jquery/ui/ 6 KB
2 KB 26ms
25ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.1/wp-includes/js/jquery/ui/droppable.min.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e35972d3a166fd4e0b780a4bedd9294664c0861c3630e031fc4bc777cb2459db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 27 Nov 2023 12:44:58 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Thu, 02 Feb 2023 16:36:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 26 Nov 2024 12:44:58 GMT

GET
H2 200 suggest.min.js Show response
c0.wp.com/c/6.4.1/wp-includes/js/jquery/ 3 KB
2 KB 26ms
25ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/6.4.1/wp-includes/js/jquery/suggest.min.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

9b7e574146adb2e34f5d1210cea786679805a648a73ac03ddab6fefaec903de3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Mon, 27 Nov 2023 12:44:58 GMT
content-encoding: br
strict-transport-security: max-age=15552000
last-modified: Wed, 13 Jan 2016 17:22:27 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=86400
expires: Tue, 26 Nov 2024 12:44:58 GMT

GET
H2 200 wpurp-public.js Show response
icookandpaint.com/wp-content/plugins/wp-ultimate-recipe/assets/ 194 KB
69 KB 559ms
558ms Script
application/javascript 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/plugins/wp-ultimate-recipe/assets/wpurp-public.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

1bd2efed6537bb3f1abb41c0be1990140a6e415382766f06111e9d20c9ec0a40

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 20 Nov 2020 13:12:59 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 zlrecipe_print.min.js Show response
icookandpaint.com/wp-content/plugins/zip-recipes/scripts/ 1007 B
421 B 388ms
387ms Script
application/javascript 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/plugins/zip-recipes/scripts/zlrecipe_print.min.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

8f7beff324d5af165c3d5cec2f5d7c286d156e9e835745fefc81223b882261a0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Tue, 31 Oct 2023 01:14:24 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 383
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 bootstrap.min.js Show response
icookandpaint.com/wp-content/themes/kale/assets/js/ 39 KB
15 KB 563ms
562ms Script
application/javascript 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/themes/kale/assets/js/bootstrap.min.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Mon, 09 Oct 2023 01:13:46 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 15342
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 bootstrap-select.min.js Show response
icookandpaint.com/wp-content/themes/kale/assets/js/ 20 KB
7 KB 562ms
561ms Script
application/javascript 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/themes/kale/assets/js/bootstrap-select.min.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

8a86b8b4534c51b5970d803dcc18a494c86da2ce13df90dc193e790cbef7f396

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Mon, 09 Oct 2023 01:13:46 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 7597
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 jquery.smartmenus.js Show response
icookandpaint.com/wp-content/themes/kale/assets/js/ 44 KB
15 KB 389ms
388ms Script
application/javascript 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/themes/kale/assets/js/jquery.smartmenus.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

909cc5d431192654cae6765c05dce941015e632a56ccd7afe5aff278c9d2642d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Mon, 09 Oct 2023 01:13:46 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 15429
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 jquery.smartmenus.bootstrap.js Show response
icookandpaint.com/wp-content/themes/kale/assets/js/ 6 KB
2 KB 561ms
560ms Script
application/javascript 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/themes/kale/assets/js/jquery.smartmenus.bootstrap.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

19981b841576b614751aee95a7963cc871a40311535b5a9cfada8438c3323be3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Mon, 09 Oct 2023 01:13:46 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2129
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 owl.carousel.min.js Show response
icookandpaint.com/wp-content/themes/kale/assets/js/ 42 KB
15 KB 562ms
562ms Script
application/javascript 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/themes/kale/assets/js/owl.carousel.min.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Mon, 09 Oct 2023 01:13:46 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 15325
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 kale.js Show response
icookandpaint.com/wp-content/themes/kale/assets/js/ 4 KB
2 KB 562ms
561ms Script
application/javascript 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/themes/kale/assets/js/kale.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

f4b2f5a5f8825ffa47251f4420a753b27b03479ef0cff621d1abaf97ee4348ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Mon, 09 Oct 2023 01:13:46 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1535
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 smush-lazy-load.min.js Show response
icookandpaint.com/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 559ms
559ms Script
application/javascript 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 16 Nov 2023 01:13:56 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3989
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 e-202348.js Show response
stats.wp.com/ 7 KB
3 KB 74ms
22ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202348.js
Requested by: Host: icookandpaint.com
URL: https://icookandpaint.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Mon, 27 Nov 2023 12:44:58 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1684464982353.1523
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 25 Nov 2024 07:07:17 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 99ms
45ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700%7CLato%3A400%2C700%2C300%2C300italic%2C400italic%2C700italic%7CRaleway%3A200%7CCaveat&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://icookandpaint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 09:53:46 GMT
x-content-type-options: nosniff
age: 183072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 09:53:46 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 symbol-defs.svg
icookandpaint.com/wp-content/plugins/simple-social-icons/ 38 KB
15 KB 202ms
202ms Other
image/svg+xml 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/plugins/simple-social-icons/symbol-defs.svg

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

1df2576fa35c97ba2c708e47f7ec45ed84caa45d4cc35a72700ba5684a652451

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 16 Nov 2023 13:38:35 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:58 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: image/svg+xml
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 15638
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 17 KB
17 KB 130ms
91ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI9w2_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://icookandpaint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 23:17:03 GMT
x-content-type-options: nosniff
age: 307675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17728
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 23:17:03 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 100ms
63ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://icookandpaint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 07:18:49 GMT
x-content-type-options: nosniff
age: 192369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 07:18:49 GMT

GET
H2 200 fa-brands-400.woff2
icookandpaint.com/wp-content/themes/kale/assets/webfonts/ 103 KB
103 KB 197ms
196ms Font
font/woff2 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/themes/kale/assets/webfonts/fa-brands-400.woff2

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/wp-content/themes/kale/assets/css/all.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

404c746c8f7e3f9b7611a8f23d908c1a32a5c972236b9d89bb68b05d9bf4b905

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://icookandpaint.com/wp-content/themes/kale/assets/css/all.min.css
Origin: https://icookandpaint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
date: Mon, 27 Nov 2023 12:44:58 GMT
x-nginx-cache: WordPress
last-modified: Mon, 09 Oct 2023 01:13:46 GMT
server: Apache
vary: User-Agent
x-endurance-cache-level: 2
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 105536
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 24 KB
24 KB 111ms
75ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://icookandpaint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 00:19:52 GMT
x-content-type-options: nosniff
age: 217506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:14:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 00:19:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 92ms
56ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?display=swap&family=Roboto&family=Arapey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://icookandpaint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 169669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 13:37:09 GMT

GET
H2 200 fa-v4compatibility.woff2
icookandpaint.com/wp-content/themes/kale/assets/webfonts/ 5 KB
5 KB 207ms
206ms Font
font/woff2 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/themes/kale/assets/webfonts/fa-v4compatibility.woff2

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/wp-content/themes/kale/assets/css/all.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

0db31befb4837c56bf176e879a715b5cdf457553fc7e8877f974b4c6ef75b1b1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://icookandpaint.com/wp-content/themes/kale/assets/css/all.min.css
Origin: https://icookandpaint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
date: Mon, 27 Nov 2023 12:44:58 GMT
x-nginx-cache: WordPress
last-modified: Mon, 09 Oct 2023 01:13:46 GMT
server: Apache
vary: User-Agent
x-endurance-cache-level: 2
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4960
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 60ms
24ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://icookandpaint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 22:04:32 GMT
x-content-type-options: nosniff
age: 225626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 22:04:32 GMT

GET
H2 200 fa-solid-900.woff2
icookandpaint.com/wp-content/themes/kale/assets/webfonts/ 151 KB
151 KB 199ms
198ms Font
font/woff2 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-content/themes/kale/assets/webfonts/fa-solid-900.woff2

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/wp-content/themes/kale/assets/css/all.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://icookandpaint.com/wp-content/themes/kale/assets/css/all.min.css
Origin: https://icookandpaint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
date: Mon, 27 Nov 2023 12:44:58 GMT
x-nginx-cache: WordPress
last-modified: Mon, 09 Oct 2023 01:13:46 GMT
server: Apache
vary: User-Agent
x-endurance-cache-level: 2
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 154228
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 WnznHAc5bAfYB2QRah7pcpNvOx-pjfJ9eIWpYQ.woff2
fonts.gstatic.com/s/caveat/v18/ 48 KB
48 KB 118ms
82ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/caveat/v18/WnznHAc5bAfYB2QRah7pcpNvOx-pjfJ9eIWpYQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe59064f59041198e862abc740bf8bd187056ebeff024a554cfdcc1a08888b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://icookandpaint.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:11:29 GMT
x-content-type-options: nosniff
age: 228809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48876
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:55:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 21:11:29 GMT

GET
H2 200 1146FFC1-6D6D-4458-B36F-683C06CB93DB.png
i0.wp.com/icookandpaint.com/wp-content/uploads/2021/11/ 19 KB
19 KB 76ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/icookandpaint.com/wp-content/uploads/2021/11/1146FFC1-6D6D-4458-B36F-683C06CB93DB.png?w=600&ssl=1

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

a7cb6475b6f5847bf00c81d6be0e3b20abf11664161ba4dc0ee17c208b65d49b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:44:58 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 19324
x-nc: HIT hhn 1
last-modified: Wed, 22 Dec 2021 13:02:55 GMT
server: nginx
etag: "e434dda3ce73cbe8"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://icookandpaint.com/wp-content/uploads/2021/11/1146FFC1-6D6D-4458-B36F-683C06CB93DB.png>; rel="canonical"
expires: Sat, 23 Dec 2023 01:02:55 GMT

GET
H2 200 cropped-cropped-paul-abeleira_reg03_peppers-with-silver-pot_oil_12inx12in_2021.jpg.jpg
icookandpaint.com/wp-content/uploads/2021/11/ 329 KB
329 KB 372ms
372ms Image
image/jpeg 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icookandpaint.com/wp-content/uploads/2021/11/cropped-cropped-paul-abeleira_reg03_peppers-with-silver-pot_oil_12inx12in_2021.jpg.jpg

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

d8802526aa9c937090fb4084afb46e55f3fab01ef9877bbbab630359957e5cf3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
date: Mon, 27 Nov 2023 12:44:58 GMT
x-nginx-cache: WordPress
last-modified: Mon, 01 Aug 2022 19:07:24 GMT
server: Apache
vary: User-Agent
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 337014
expires: Tue, 28 Nov 2023 12:44:58 GMT

GET
H2 200 caulicheeseweb4.jpg
i0.wp.com/icookandpaint.com/wp-content/uploads/2023/11/ 27 KB
27 KB 258ms
202ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/icookandpaint.com/wp-content/uploads/2023/11/caulicheeseweb4.jpg?resize=760%2C400&ssl=1

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

79f87e41c6cb9752362bea57c4845a04d86b5fbdb3d2873509bfda37cf0df253

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:44:58 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 27708
x-nc: MISS hhn 2
last-modified: Mon, 27 Nov 2023 12:44:58 GMT
server: nginx
etag: "304fec242d950877"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://icookandpaint.com/wp-content/uploads/2023/11/caulicheeseweb4.jpg>; rel="canonical"
expires: Thu, 27 Nov 2025 00:44:58 GMT

GET
H2 200 7E66DE0A-2AE3-4E1D-BD8A-D85D7F6354A0-scaled.jpeg
i0.wp.com/icookandpaint.com/wp-content/uploads/2022/09/ 55 KB
56 KB 97ms
41ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/icookandpaint.com/wp-content/uploads/2022/09/7E66DE0A-2AE3-4E1D-BD8A-D85D7F6354A0-scaled.jpeg?resize=760%2C400&ssl=1

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

9262c9c88bc5cd458d8f31eec7b9815200df866073f01947894bfd45a6f6b0b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:44:58 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 56804
x-nc: HIT hhn 1
last-modified: Fri, 17 Nov 2023 10:33:18 GMT
server: nginx
etag: "290c13210b19d204"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://icookandpaint.com/wp-content/uploads/2022/09/7E66DE0A-2AE3-4E1D-BD8A-D85D7F6354A0-scaled.jpeg>; rel="canonical"
expires: Sun, 16 Nov 2025 22:33:18 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
153 B 27ms
21ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=99041216&post=0&tz=-5&srv=icookandpaint.com&j=1%3A12.8.1&host=icookandpaint.com&ref=&fcp=0&rand=0.7404384571242197
Requested by: Host: icookandpaint.com
URL: https://icookandpaint.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 27 Nov 2023 12:44:58 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 wp-emoji-release.min.js Show response
icookandpaint.com/wp-includes/js/ 18 KB
5 KB 340ms
340ms Script
application/javascript 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/wp-includes/js/wp-emoji-release.min.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

Apache /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 04 Aug 2023 23:33:58 GMT
server: Apache
date: Mon, 27 Nov 2023 12:44:59 GMT
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 5344
expires: Tue, 28 Nov 2023 12:44:59 GMT

GET
H2 200 / Show response
icookandpaint.com/ 7 KB
2 KB 484ms
484ms Script
application/javascript 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://icookandpaint.com/?gdbc-client=3.1.43-1701089098802

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

nginx/1.21.6 /

Resource Hash

974acb9e99ac0467663ad37af1bf0ddada4ca5c4d52e67e259a231b5db90ca3e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:44:40 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-nginx-cache: WordPress
server: nginx/1.21.6
x-server-cache: false
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 2
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2340
expires: Wed, 11 Jan 1984 05:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 87ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8C31C3J8M5&gtm=45je3b81v871244732&_p=1701089098724&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1812790518.1701089099&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701089098&sct=1&seg=0&dl=https%3A%2F%2Ficookandpaint.com%2F&dt=I%20Cook%20And%20Paint%20-%20Everyday%20Recipes%20For%20Busy%20Makers&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2563
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8C31C3J8M5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:44:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://icookandpaint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
18 KB 66ms
22ms Script
application/javascript 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js
Requested by: Host: icookandpaint.com
URL: https://icookandpaint.com/wp-content/plugins/pinterest-pin-it-button-on-image-hover-and-post/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:44:58 GMT
content-encoding: br
x-cdn: fastly
etag: "3725764cf05d1a0938de73d398772331"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
alt-svc: h3=":443";ma=600
content-length: 18679

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
135 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5152365778116488&plah=icookandpaint.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f299742ffaef4db8adc3ac29ff5ed716db355920a87d541e91cdf5d7aa0767d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138524
x-xss-protection: 0
server: cafe
etag: 5590050723785841892
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 12:44:58 GMT

GET
H2 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 60B5 9 KB
4 KB 73ms
21ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_inhead_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a06aa84f08b4d57747e5eba867aa061deaadb4e657ca532d10e73b5a36fd73c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://icookandpaint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11281
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 09:36:58 GMT
etag: 13268084621564590274
expires: Mon, 11 Dec 2023 09:36:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fasoladaweb2.jpg
i0.wp.com/icookandpaint.com/wp-content/uploads/2023/08/ 45 KB
46 KB 22ms
21ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/icookandpaint.com/wp-content/uploads/2023/08/fasoladaweb2.jpg?resize=760%2C400&ssl=1

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

38ca8698835bdbebc9015ec6c84bde483b2ec88f8409caf70fb81a4674319729

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:44:58 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 46362
x-nc: HIT hhn 4
last-modified: Fri, 17 Nov 2023 21:18:58 GMT
server: nginx
etag: "bb18f17acff122c2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://icookandpaint.com/wp-content/uploads/2023/08/fasoladaweb2.jpg>; rel="canonical"
expires: Mon, 17 Nov 2025 09:18:58 GMT

GET
H2 200 zucchinipieweb3.jpg
i0.wp.com/icookandpaint.com/wp-content/uploads/2023/08/ 48 KB
49 KB 22ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/icookandpaint.com/wp-content/uploads/2023/08/zucchinipieweb3.jpg?resize=760%2C400&ssl=1

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

63031665008978dfa8a699fc68a3a0b60b82a176d727a871c9008b12faa9e5f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:44:58 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 49342
x-nc: HIT hhn 3
last-modified: Fri, 17 Nov 2023 21:19:00 GMT
server: nginx
etag: "d524611aac16552a"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://icookandpaint.com/wp-content/uploads/2023/08/zucchinipieweb3.jpg>; rel="canonical"
expires: Mon, 17 Nov 2025 09:19:00 GMT

GET
H2 200 cropped-FE41F21A-E003-407C-AD71-EA4AB08E139F.jpeg
icookandpaint.com/wp-content/uploads/2018/04/ 82 KB
82 KB 280ms
280ms Image
image/jpeg 162.241.216.197
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://icookandpaint.com/wp-content/uploads/2018/04/cropped-FE41F21A-E003-407C-AD71-EA4AB08E139F.jpeg

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.241.216.197 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

box5427.bluehost.com

Software

nginx/1.21.6 /

Resource Hash

a41f4da68b201f5efd2c38a69dae444d2239e2ac84da38df66329386a1184bf6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:44:40 GMT
content-security-policy: upgrade-insecure-requests
x-nginx-cache: WordPress
last-modified: Thu, 23 May 2019 12:11:26 GMT
server: nginx/1.21.6
x-server-cache: false
vary: User-Agent
x-endurance-cache-level: 2
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 83598
expires: Tue, 28 Nov 2023 12:44:59 GMT

GET
H2 200 Paul.png
i0.wp.com/icookandpaint.com/wp-content/uploads/2021/12/ 2 KB
2 KB 21ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/icookandpaint.com/wp-content/uploads/2021/12/Paul.png?resize=300%2C100&ssl=1

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

e372009b3d431ced13e472e5e55316067f6bd64dee91e8521009b8aea1cf00ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:44:58 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 2050
x-nc: HIT hhn 4
last-modified: Wed, 25 Oct 2023 18:32:37 GMT
server: nginx
etag: "5b1d4e46498a3f26"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://icookandpaint.com/wp-content/uploads/2021/12/Paul.png>; rel="canonical"
expires: Sat, 25 Oct 2025 06:32:37 GMT

GET
H3 200 strawberryicecreamweb4.jpg
i0.wp.com/icookandpaint.com/wp-content/uploads/2023/08/ 30 KB
30 KB 22ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/icookandpaint.com/wp-content/uploads/2023/08/strawberryicecreamweb4.jpg?resize=760%2C400&ssl=1

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

0d8b88bbd6f12971a2a8cee8a2592df03089803ee592a0102bc22fc6f3abfb14

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:44:59 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 30406
x-nc: HIT hhn 3
last-modified: Fri, 17 Nov 2023 21:19:00 GMT
server: nginx
etag: "3bbff47d838d2d59"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://icookandpaint.com/wp-content/uploads/2023/08/strawberryicecreamweb4.jpg>; rel="canonical"
expires: Mon, 17 Nov 2025 09:19:00 GMT

GET
H3 200 creamcheeseweb7.jpg
i0.wp.com/icookandpaint.com/wp-content/uploads/2023/07/ 27 KB
28 KB 192ms
192ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/icookandpaint.com/wp-content/uploads/2023/07/creamcheeseweb7.jpg?resize=760%2C400&ssl=1

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

bbff6da21e93893b72b875d8bda265790be4d2c5f87d0e878a8c03062e6e29fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:44:59 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 28152
x-nc: MISS hhn 3
last-modified: Mon, 27 Nov 2023 12:44:59 GMT
server: nginx
etag: "230438f1c194a4ed"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://icookandpaint.com/wp-content/uploads/2023/07/creamcheeseweb7.jpg>; rel="canonical"
expires: Thu, 27 Nov 2025 00:44:59 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F207 136 KB
41 KB 951ms
950ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=250&slotname=3883303458&adk=82414211&adf=283890332&pi=t.ma~as.3883303458&w=300&lmt=1701089099&format=300x250&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089098953&bpp=2&bdt=1009&idt=189&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=2337301729069&frm=20&pv=2&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=493&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=197

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5152365778116488&plah=icookandpaint.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

204e0baa67fea88fe84eabd07d5fe9a30edc09eecdbedac0ca7cdbfd74b94c21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://icookandpaint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:00 GMT
expires: Mon, 27 Nov 2023 12:45:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5334 496 KB
79 KB 896ms
895ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&adk=1812271804&adf=3025194257&lmt=1701089099&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089098963&bpp=2&bdt=1019&idt=193&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&nras=1&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=202

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfcecf36215e5680f1efebc9390980b80342ba2a0dffbaec24a629fb3ea55a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://icookandpaint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 80708
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:00 GMT
expires: Mon, 27 Nov 2023 12:45:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie-law-info-bar&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:44:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
log.pinterest.com/ 0
334 B 166ms
72ms Image
text/plain 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=4DGD1hpBfdC0&tv=2021110201&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&button_hover=1&profile_count=0&board_count=0&section_count=0&xload=1&lang=en&nvl=en-US&via=https%3A%2F%2Ficookandpaint.com%2F&viaSrc=canonical
Requested by: Host: icookandpaint.com
URL: https://icookandpaint.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 27 Nov 2023 12:45:00 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 1
x-pinterest-rid: 7336796375539146
content-length: 0
x-served-by: cache-cph2320055-CPH
pragma: no-cache
server: envoy
x-timer: S1701089100.131943,VS0,VE27
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F207 2 KB
662 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=250&slotname=3883303458&adk=82414211&adf=283890332&pi=t.ma~as.3883303458&w=300&lmt=1701089099&format=300x250&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089098953&bpp=2&bdt=1009&idt=189&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&correlator=2337301729069&frm=20&pv=2&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1046&ady=493&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=197

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Nov 2023 12:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 11:46:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Nov 2023 12:45:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F207 2 KB
875 B 106ms
41ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 10:09:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame F207 23 KB
9 KB 69ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 10:09:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F207 3 KB
1 KB 73ms
28ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:52:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 09:52:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F207 20 KB
9 KB 86ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:17:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F207 202 KB
64 KB 97ms
44ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 12:45:00 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame F207 37 KB
16 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 10:09:15 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 160 KB
55 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c419e3ada62ac8a308cf7a6967d866775a2aa78e89dd4c4698db8a429f8f85a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55800
x-xss-protection: 0
server: cafe
etag: 15907131197518248745
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Nov 2023 12:45:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0DF9 107 KB
41 KB 556ms
556ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=280&adk=2960012911&adf=3562762558&pi=t.aa~a.2420967575~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x280&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2224&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0&nras=2&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1650&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce53e2a66a6cf2068ff683a4443ff5a04622e2f93db67a09b76d2ce35ff6f44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://icookandpaint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41841
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:00 GMT
expires: Mon, 27 Nov 2023 12:45:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C4DD 104 KB
39 KB 566ms
566ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=280&adk=2616919896&adf=68558358&pi=t.aa~a.562942491~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x280&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2224&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280&nras=3&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=1259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21a1d248be6d47078460380c2a43ece109fa2bab2252ce09ea6c992fd3b1fde5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://icookandpaint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39880
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:00 GMT
expires: Mon, 27 Nov 2023 12:45:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9F12 48 KB
17 KB 473ms
473ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=280&adk=813402041&adf=3314903317&pi=t.aa~a.3512217783~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x280&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2223&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280&nras=4&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db9d792c9e988ead03aa9131a6a51ba7f728c8f54e590ba314a6695fa1b32fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://icookandpaint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17559
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:00 GMT
expires: Mon, 27 Nov 2023 12:45:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D2C0 48 KB
17 KB 539ms
539ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=90&adk=2046082024&adf=2479915878&pi=t.aa~a.193431884~rp.4&w=790&fwrn=1&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=790x90&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2224&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280%2C380x280&nras=5&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=24

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b41d81bb6a0341922e7df58aa1e35e46fb5bf977487be5ca5b6a1c93798f5b13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://icookandpaint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17423
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:00 GMT
expires: Mon, 27 Nov 2023 12:45:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5FC6 730 B
388 B 486ms
485ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=100&adk=1105358892&adf=2076356532&pi=t.aa~a.914503911~rp.3&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x100&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2223&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280%2C380x280%2C790x90&nras=6&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=2259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=25

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c134294eed5ed182bc80abcb7a34e4d707d75066f551976144c4d7d6e8696da5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://icookandpaint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 363
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:00 GMT
expires: Mon, 27 Nov 2023 12:45:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8199 48 KB
17 KB 779ms
779ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=50&adk=3306574534&adf=750424724&pi=t.aa~a.315013902~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x50&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2223&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280%2C380x280%2C790x90%2C380x100&nras=7&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=2985&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=28

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bab444449313087158cc4309707b35772c63bf8cd271e254e768a68ab5e0cc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://icookandpaint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17379
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:00 GMT
expires: Mon, 27 Nov 2023 12:45:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame F207 59 KB
59 KB 123ms
45ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTrzWslDbx8YYNdrElEnWNCyMlbdmJTheAxOtPcGKr0x6qQFWdSWMI0Q9w6Nw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839076fdd0c62b6021ebf8c22c257d181d34a0b1ce0e7405844cc745a81c5db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 21:14:16 GMT
x-content-type-options: nosniff
age: 401444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59915
x-xss-protection: 0
last-modified: Sat, 03 Dec 2022 01:56:02 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 21 Nov 2024 21:14:16 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame F207 30 KB
31 KB 99ms
22ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSVt01CbZHR8m0GlaILmTkAJGbKZhYUk30Dp7kr8o5lRDhG9rT-iMCqMZBthg&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5dcb054ae51bdf507ef8d80501c831b02c308acdd9420b1af4b84c0d55f0f46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 07:39:17 GMT
x-content-type-options: nosniff
age: 191143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30938
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 04:45:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 24 Nov 2024 07:39:17 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame F207 34 KB
35 KB 100ms
22ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQvC7DAkFdODxIxI5Mv8GywtAlITFhF5dZoIFYqxTRwB4uzCXlD0EHteEBl3w0&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89e18d5004946dad96f4d0ac0aa12d088284af8e2b6fb7e67368336feaf9cc96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 08:10:21 GMT
x-content-type-options: nosniff
age: 189279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35161
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 03:57:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 24 Nov 2024 08:10:21 GMT

GET
H2

200

3995853839924061625
tpc.googlesyndication.com/simgad/ Frame F207
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCat6zDHxCwCRiwCTIIZ7MB4_P2Swc
https://tpc.googlesyndication.com/simgad/3995853839924061625

77 KB
78 KB

21ms
21ms

Image
image/png

2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3995853839924061625

Requested by

Protocol

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 07:44:21 GMT
x-content-type-options: nosniff
age: 190839
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79088
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 17:15:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 24 Nov 2024 07:44:21 GMT

Redirect headers

date: Sun, 26 Nov 2023 20:25:22 GMT
x-content-type-options: nosniff
server: cafe
age: 58778
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/3995853839924061625
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 26 Dec 2023 20:25:22 GMT

GET
DATA 200
OK truncated
/ Frame F207 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e662e37209d4ec1b6219635ce80ee5a60c3629f70a7ef3a1ac9fed423cc8c0d6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 64D4 9 KB
4 KB 24ms
23ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a06aa84f08b4d57747e5eba867aa061deaadb4e657ca532d10e73b5a36fd73c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://icookandpaint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 09:37:03 GMT
etag: 13268084621564590274
expires: Mon, 11 Dec 2023 09:37:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 87B7 9 KB
4 KB 23ms
22ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a06aa84f08b4d57747e5eba867aa061deaadb4e657ca532d10e73b5a36fd73c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://icookandpaint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 09:37:03 GMT
etag: 13268084621564590274
expires: Mon, 11 Dec 2023 09:37:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame CDF7 9 KB
4 KB 23ms
23ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a06aa84f08b4d57747e5eba867aa061deaadb4e657ca532d10e73b5a36fd73c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://icookandpaint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 09:37:03 GMT
etag: 13268084621564590274
expires: Mon, 11 Dec 2023 09:37:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 64D4 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 10:09:15 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8155 143 B
166 B 24ms
23ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1423
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 64D4 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:52:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 09:52:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 64D4 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:17:19 GMT

GET
H3 200 3338526360605598226
tpc.googlesyndication.com/simgad/ Frame 64D4 12 KB
12 KB 34ms
33ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3338526360605598226?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnDJWPGcQUvxIgk7Uz8MlB1yKi4uQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e26d9dee4c255cf0f83d2af9ed15f932345b4825496804b77a6dbed4f612c128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 21:15:58 GMT
x-content-type-options: nosniff
age: 574142
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12505
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 11:30:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Nov 2024 21:15:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 64D4 202 KB
64 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 12:45:00 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 64D4 36 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71390
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
server: cafe
etag: 12205605038930952422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:55:10 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame F207 20 KB
20 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 09:20:48 GMT
x-content-type-options: nosniff
age: 185052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 09:20:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 87B7 14 KB
1 KB 32ms
32ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Nov 2023 12:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 11:59:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Nov 2023 12:45:00 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 87B7 2 KB
822 B 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 10:09:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 87B7 23 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 10:09:15 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ECEF 143 B
166 B 24ms
24ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1423
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 87B7 3 KB
1 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:52:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 09:52:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 87B7 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:17:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 87B7 202 KB
64 KB 69ms
67ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 12:45:00 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 87B7 37 KB
15 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 10:09:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CDF7 2 KB
566 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Nov 2023 12:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 11:48:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Nov 2023 12:45:00 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame CDF7 2 KB
822 B 22ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 10:09:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame CDF7 23 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 10:09:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame CDF7 3 KB
1 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:52:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 09:52:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame CDF7 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:17:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CDF7 202 KB
64 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 12:45:00 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame CDF7 37 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 10:09:15 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8155
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

34ms
34ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:00 GMT
expires: Mon, 27 Nov 2023 12:45:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ECEF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
37ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:00 GMT
expires: Mon, 27 Nov 2023 12:45:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F207
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CkTx7S49kZa-PDM2OiM0PxcuDyArqjsy7dKflx8O2EYzAtauuARABINyijShglfrwgYwHoAGhwJjxKMgBCagDAcgDywSqBO4BT9CT5nrWtg4hRYtNDH08r-BJYhdFsI-N2-IH-zsHKl7ddVS...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223838699396904125893%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%2225...

0
0

107ms
59ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223838699396904125893%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2211-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212883308044856124401%22}&andc=true

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3838699396904125893","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["11-27"],"6":["true"]},"priority":"500","source_event_id":"12883308044856124401"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Nov 2023 12:45:00 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Nov 2023 12:45:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3838699396904125893","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["11-27"],"6":["true"]},"priority":"500","source_event_id":"12883308044856124401"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 2721 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 302931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 00:36:09 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 120ms
56ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 27 Nov 2023 12:45:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame FF0C 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 302931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 00:36:09 GMT

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame D460 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_inhead_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 302931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 00:36:09 GMT

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 99FD 39 KB
15 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 302931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 00:36:09 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 6D05 2 KB
1 KB 123ms
53ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gjpyy5ppk5fvzhvwreraxw43bjr7rv88e6hgqxv74ns3vkhyr35566sf4wpg036y0nwhm5v1wv7vjtz783fqasc8p0m8mcvccf4g1j1qf4s91h4e7ev5zwek2e5071y2kwsm1tnaj9pea9kvs09xmc5dfhj1g4vn350vkqnhdznge3d1rhvmnm26x3zng828at4xf9vxgd1e1a5dkdpsmhvj1pb6vtszaff1phsfey04hcsa9444pw8zgr5z6zpyb0zea3wv3nd7s68tfpjernp1bb70412akdf92kw7fkwd6xn9yyks715x3y0fj9z557g8ghqvkjp5ffqknasrdj23t25s6s6r0nqg49pjaw5e2seh3e71v2vckntnzv5kk73y79k6dxmkd3jexm2dpe4k4dh40wdsz6fp8zw6atks1esvs2b36b9p2dtb91ct4eq03zz44&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCckvDTI9kZZabDrGaiM0PuZyqiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQITD9A53FuyPqgDAcgDAqoE5wFP0H7u4BHzb-14igiIqEqH7ATlmrFNHmP7kRt3m0sW1bhB8pPrDxsRdOLWgzi-URrRAkOUi2wIyPC8wJVb4iZBGBD2EZfkRdOxj2JVlt_sMeIvHdDo-W-hRRSzkkPn8zYBPCRxTPlWLrelF03g9V2mBhOlDcXwJK4he8NsvIli1yQcRlmrYgXHDLR3TXC3CCdyM0jTMmVn0dbourktOKouUnMPc_-eyltTyh2Q1Tehi4DVCMkRspUcKAC6yBvKqgSHG_j0ZwNs4vEZDejEu3ZsNRcP-is3uBMBKxprF7_lfEXLiCBa0i2ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0_4nN4jhzknIrud0z0n962-0DwAQ%26client%3Dca-pub-5152365778116488%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=280&adk=813402041&adf=3314903317&pi=t.aa~a.3512217783~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x280&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2223&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280&nras=4&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06cd0e1ac0c41db7acc48094a1043a62431bf0dc4f23aa318dbe1577f5fd0fc9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82ca773fb946994b-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:00 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6CDC 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:52:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 09:52:14 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 12D6 1 KB
643 B 25ms
23ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 16:18:10 GMT
etag: 48472445140208031
expires: Mon, 27 Nov 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6CDC 20 KB
8 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:17:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6CDC 0
0 34ms
30ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGnYx3EMkBg3HRRVtAeUDgAHqAnr5Qtr-45bBReNIE8Rfyerd_YxsZtur-779Bnbm9spxeI7u7SvSgN6w-pf7FdCbS3w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=280&adk=813402041&adf=3314903317&pi=t.aa~a.3512217783~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x280&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2223&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280&nras=4&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6CDC 202 KB
64 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 12:45:00 GMT

GET
DATA 200
OK truncated
/ Frame 6CDC 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a767dfc74136109b6563b3a105136ec6cb0e58f3a1d3765f1bf95799b50c6c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 12D6 35 B
463 B 183ms
51ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELKj_WJPEopM9mLqkRnSzFo&google_cver=1&google_push=AXcoOmQb4yhgrNm4n--jAmlj8HZqc4wpsuoJASffJPl7ZZBcDI_pde8PLh_tW5Y3vBzcIhunMkxCSW6VFjhYgKYnZ7GzJ0uGj_MfacY

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 12D6 0
104 B 239ms
113ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEEyRqAAoFW82Yypa_rMKO8&google_cver=1&google_push=AXcoOmQ4MABA_u5_8tWNpNraUaeiX-6YsjTAoM8yG6CrfpAiLv-ijQMlv3KXP6D-8-gjHh1J9JOfX6hEytM63bxDiLaHu1v5pGQoy-Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=280&adk=813402041&adf=3314903317&pi=t.aa~a.3512217783~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x280&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2223&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280&nras=4&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 12D6
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFRlWS2kf555FAuL5rh6MMU&google_cver=1&google_push=AXcoOmSimVi9Qhs-A6-Z4FAvsF43d8f4OZGB9nMqApDJ-y2WIblpJ8jmT1A_8d_cMtIJJnwVvBCM0kuFShOFLdoZ1tjCi9exxwiLX...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFRlWS2kf555FAuL5rh6MMU&google_cver=1&google_push=AXcoOmSimVi9Qhs-A6-Z4FAvsF43d8f4OZGB9nMqApDJ-y2WIblpJ8jmT1A_8d_cMtIJJnwVvBCM0kuFShOFLdoZ1tjCi9exxwi...

43 B
434 B

192ms
181ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFRlWS2kf555FAuL5rh6MMU&google_cver=1&google_push=AXcoOmSimVi9Qhs-A6-Z4FAvsF43d8f4OZGB9nMqApDJ-y2WIblpJ8jmT1A_8d_cMtIJJnwVvBCM0kuFShOFLdoZ1tjCi9exxwiLXeg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSimVi9Qhs-A6-Z4FAvsF43d8f4OZGB9nMqApDJ-y2WIblpJ8jmT1A_8d_cMtIJJnwVvBCM0kuFShOFLdoZ1tjCi9exxwiLXeg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=280&adk=813402041&adf=3314903317&pi=t.aa~a.3512217783~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x280&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2223&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280&nras=4&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:01 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82ca77413f5935e5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 175
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFRlWS2kf555FAuL5rh6MMU&google_cver=1&google_push=AXcoOmSimVi9Qhs-A6-Z4FAvsF43d8f4OZGB9nMqApDJ-y2WIblpJ8jmT1A_8d_cMtIJJnwVvBCM0kuFShOFLdoZ1tjCi9exxwiLXeg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSimVi9Qhs-A6-Z4FAvsF43d8f4OZGB9nMqApDJ-y2WIblpJ8jmT1A_8d_cMtIJJnwVvBCM0kuFShOFLdoZ1tjCi9exxwiLXeg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82ca773fdd8535e5-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 12D6 0
173 B 88ms
32ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIIULPowc6qv7Uazjv5RFvQ&google_cver=1&google_push=AXcoOmSmXJxNSwsXjFZ2cxkvgsIN9Yuj2mXtmzfTEVg0YwxDuVDS6Y9vtnFJSXrhneNDbrGCWoxiLJrc9zTKtoiWnLc2aNZheNuYlg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=280&adk=813402041&adf=3314903317&pi=t.aa~a.3512217783~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x280&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2223&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280&nras=4&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 12D6
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGCyp1ZP9-49j1z7AP8prJc&google_cver=1&google_push=AXcoOmQQT1v5PoyHnHL48y2h-Te2mxOzHYlOvWkeqiEZR95GfKkABR6Z6w5LQ8P9z57TIbaqCaSDoMfcbY8HYvJ2bUYdx7F...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQQT1v5PoyHnHL48y2h-Te2mxOzHYlOvWkeqiEZR95GfKkABR6Z6w5LQ8P9z57TIbaqCaSDoMfcbY8HYvJ2bUYdx7FHwfmwPQ&google_hm=eS1VSlFWN2k5RTJwR2hh...

170 B
188 B

39ms
38ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQQT1v5PoyHnHL48y2h-Te2mxOzHYlOvWkeqiEZR95GfKkABR6Z6w5LQ8P9z57TIbaqCaSDoMfcbY8HYvJ2bUYdx7FHwfmwPQ&google_hm=eS1VSlFWN2k5RTJwR2hhNm5BckZsNGwxWUU0eldkMHAyMX5B

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 27 Nov 2023 12:45:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQQT1v5PoyHnHL48y2h-Te2mxOzHYlOvWkeqiEZR95GfKkABR6Z6w5LQ8P9z57TIbaqCaSDoMfcbY8HYvJ2bUYdx7FHwfmwPQ&google_hm=eS1VSlFWN2k5RTJwR2hhNm5BckZsNGwxWUU0eldkMHAyMX5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 12D6 43 B
363 B 93ms
30ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSx1tMrtLsUOKpmJ0dT5Q4NEBrbMp270OxRTCc0BaN7JTz-Y60_SjE2niGkMCzlthFuh9DKMXc13gBzNpUGd_6892FYm_oS-g&google_gid=CAESEIH0P6cjZbgCM5Ov-VhWuco&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 224101
expires: Mon, 27 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 12D6
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPn9DOVyV3rMd7VQvdCAG_k&google_cver=1&google_push=AXcoOmSy_3Gk6c0GSflpyZPxm2Y3puWQKco1U843gjCPdHWWaJnBI6m9-7RZIefjnU4AkVc_DeI2HqbJ...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPn9DOVyV3rMd7VQvdCAG_k&google_cver=1&google_push=AXcoOmSy_3Gk6c0GSflpyZPxm2Y3puWQKco1U843gjCPdHWWaJnBI6m9-7RZIefjnU4AkVc_DeI...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcxNjk0MDUxMjk2NDM3ODc2Mw&google_push=AXcoOmSy_3Gk6c0GSflpyZPxm2Y3puWQKco1U843gjCPdHWWaJnBI6m9-7RZIefjnU4AkVc_DeI2Hq...

170 B
188 B

36ms
35ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcxNjk0MDUxMjk2NDM3ODc2Mw&google_push=AXcoOmSy_3Gk6c0GSflpyZPxm2Y3puWQKco1U843gjCPdHWWaJnBI6m9-7RZIefjnU4AkVc_DeI2HqbJqKCr4AQrczhPxKqIiXGDo3o

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODcxNjk0MDUxMjk2NDM3ODc2Mw&google_push=AXcoOmSy_3Gk6c0GSflpyZPxm2Y3puWQKco1U843gjCPdHWWaJnBI6m9-7RZIefjnU4AkVc_DeI2HqbJqKCr4AQrczhPxKqIiXGDo3o
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 12D6 0
130 B 108ms
32ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KMEqjyM8y-hQG_DXw4qVxIae1CBRHnd55yjVicpGE4utok_6pr2P1dFp4gY8qVXn6avYp4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame A5E1 2 KB
3 KB 54ms
51ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h88963htt441p53x65p43xfhx0cnpxd9fxcsgayr0j8w17cc5tr35yn11p0vtn0vnyn0a5fj1dr958xfaxgk6k9mpn7dvs0n3y1bwyqkw6kqe2wh63q8603xta54xzvce0nf23s86v7yccv76dn764wf1v7w8b9ajhk9371qyqd1njjjtrn5kvvgvsqd8564dkpx3nfnkrqfz2b020x3j65jkxbyjjvt6nqhmgastcbh7ardbq3shkt2x39spsdgjsm9xegbyqk7qx2ytefqy8jhnp092cszw8tgq7ac6p4najh2wjbtnxcfpysk15d7adj1n4yar7z25gck3zbrdys6bqh8hchg4qkp12qzfe3nmbv2a8wv32fahrpbzd1419c6pcax018m18fx99krh0x5wq3hsfsma3vvqh7fwjw50x3b434prf649fem4r25f8bhj3v&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjRuVTI9kZaDCDcirjuwP8Kub-AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ6XmZ6uF-yPqgDAcgDAqoE5gFP0H7VfwwEGwcmNl7RvJu6TYmanaMCQbx6T54HLqT-Q5yKwCPIkXiKDYfSGgiHBjxhG7iDke2_hrDTTJBQpTZsumuzSPhyfCaN8Q0xGQaqc25vJ8_viVQaOZO8DkHmQTL9HikvDJnagSd4W3CHcA86-6UF7_E3-dycK6RfaQZhNhGPAmi3UWlvbQagUy60WMKIKe8ULwIHqNSeEi3WM0LFauZeOJk_fUhOljIvaLMic5c3xtQWLvKJK14YOz51eTeP58oKa5ctDSIr2Ice8RvqCrVmJHb1_tf6127B36fX1pAnPqfoU4AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-t2CIAPTeufXN-W8gHU9B44eWmQ%26client%3Dca-pub-5152365778116488%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=90&adk=2046082024&adf=2479915878&pi=t.aa~a.193431884~rp.4&w=790&fwrn=1&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=790x90&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2224&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280%2C380x280&nras=5&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

477198e363400f3aed953063b0f0fabcedad9c6265bbeb0fd75e95d2737dce22

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82ca773fb949994b-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:00 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6F02 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:52:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 09:52:14 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A4F0 1 KB
643 B 24ms
23ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 16:18:10 GMT
etag: 48472445140208031
expires: Mon, 27 Nov 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6F02 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:17:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6F02 0
0 32ms
31ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTyWbmNGJjNdbPtUTYQUOZ9BSEKclFmvtWrniAdV9StX71AuKyJ4Mb8Ez4D4EJIW37BnkXNE7403Cb9OPreKUQo4sgSog
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=90&adk=2046082024&adf=2479915878&pi=t.aa~a.193431884~rp.4&w=790&fwrn=1&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=790x90&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2224&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280%2C380x280&nras=5&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F02 202 KB
64 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 12:45:00 GMT

GET
H3 200 11973419026817706303
tpc.googlesyndication.com/simgad/ Frame 0DF9 32 KB
32 KB 32ms
29ms Image
image/gif 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11973419026817706303

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=280&adk=2960012911&adf=3562762558&pi=t.aa~a.2420967575~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x280&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2224&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0&nras=2&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1650&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3077a87adee5789c5860a32a6dbaea69511f79ff5d0f5b963f18b23eaf184b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 04:00:26 GMT
x-content-type-options: nosniff
age: 31474
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32493
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 09:10:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 26 Nov 2024 04:00:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 0DF9 23 KB
9 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 10:09:15 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5DAB 143 B
166 B 26ms
24ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=280&adk=2960012911&adf=3562762558&pi=t.aa~a.2420967575~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x280&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2224&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0&nras=2&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1650&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1423
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0DF9 3 KB
1 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:52:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 09:52:14 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3C01 1 KB
643 B 27ms
26ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 16:18:10 GMT
etag: 48472445140208031
expires: Mon, 27 Nov 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0DF9 20 KB
8 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:17:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0DF9 0
0 33ms
31ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTK__Qyr6gtuj53we0uE7xAp2dj6X1B99a5UKdoASsWzb7hWcwMSmTNXubMXfSEaX_9mon-t2T9ARnSmDg8hDydQgq6w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=280&adk=2960012911&adf=3562762558&pi=t.aa~a.2420967575~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x280&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2224&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0&nras=2&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1650&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0DF9 202 KB
64 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 12:45:00 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0DF9 36 KB
14 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71390
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
server: cafe
etag: 12205605038930952422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:55:10 GMT

GET
H3 200 16218458306098038855
tpc.googlesyndication.com/simgad/ Frame C4DD 21 KB
21 KB 26ms
25ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16218458306098038855?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlDImMo3Rf_bFDvjh44KCqACM5AeA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=280&adk=2616919896&adf=68558358&pi=t.aa~a.562942491~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x280&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2224&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280&nras=3&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=1259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

959d0ee6c6e8ee63d2e85c80ec51dfebb0cca91edb58f728a4cac6863780883b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 08:05:11 GMT
x-content-type-options: nosniff
age: 103189
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21134
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 15:22:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 25 Nov 2024 08:05:11 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame C4DD 23 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9345
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 10:09:15 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 563C 143 B
166 B 28ms
26ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=280&adk=2616919896&adf=68558358&pi=t.aa~a.562942491~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x280&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2224&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280&nras=3&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=1259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1423
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:21:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C4DD 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:52:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 09:52:14 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6CDC 0
19 B 72ms
71ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CazUjTI9kZZabDrGaiM0PuZyqiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQITD9A53FuyPqgDAcgDAqoE5AFP0H7u4BHzb-14igiIqEqH7ATlmrFNHmP7kRt3m0sW1bhB8pPrDxsRdOLWgzi-URrRAkOUi2wIyPC8wJVb4iZBGBD2EZfkRdOxj2JVlt_sMeIvHdDo-W-hRRSzkkPn8zYBPCRxTPlWLrelF03g9V2mBhOlDcXwJK4he8NsvIli1yQcRlmrYgXHDLR3TXC3CCdyM0jTMmVn0dbourktOKouUnMPc_-eyltTyh2Q1Tehi4DVCMkRspUcKAC6yBvK6AamiS8N4EOkZbmP16FWSU94P7oF1DPqONFIueL_CZP9qZlUyOiABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTE1MjM2NTc3ODExNjQ4OBgA&sigh=YXn-pWk0-2w&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNuoApSliVdZ-VfnaWKEsMn4v4FR9wVMuAuqrovpGpxJy1_sROBmg-wLAAaA9zqzrajXOzTwcyGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=280&adk=813402041&adf=3314903317&pi=t.aa~a.3512217783~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x280&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2223&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280&nras=4&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Nov 2023 12:45:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 6CDC 0
103 B 117ms
33ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1gjej6yb43b7swn5nsqsm6j7pxjr66xmtx512ztnz4btqjkzyr5zk1nemc2jaqvx39nen7scwn9d4fr0cq9zqbjakq16hzc7m5agjqwbg16tv8vbapxptj517pbesp7v5gp47jeg2j2r18za3mg7krtcqjm3myp3rgsjznfrqxx4fmyc7agczfq08592d6zgp3kkpcgmxjq3bwt1yfh7xkhtvps7tj20f0js41mjhm9gqgyx6wvr2dj0a610861qq0cf7ye5n41vbnjp2qcr3e058d5frkcpm7978yaykbxx4skfqnzxnhpr1qzfqcytc6fdk9yawpc749p7djxj76z4nzb5hdds89z14g30v334sm4q8g13hgmjtb347frs052k5qqsa8j1e90&b=ZWSPTAADjZYDog0xAAqOORQKiejN72JiVCuloA&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=280&adk=813402041&adf=3314903317&pi=t.aa~a.3512217783~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x280&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2223&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280&nras=4&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 27 Nov 2023 12:45:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 36B2 1 KB
643 B 33ms
30ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 16:18:10 GMT
etag: 48472445140208031
expires: Mon, 27 Nov 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C4DD 20 KB
8 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:17:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C4DD 0
0 33ms
30ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRX2KpcG8JlTiUUR-yAiWn8msr8_7gWqio1UW5MVh9mRYrrrW9llfgvYhVMWlaAX5lSpe9ho7hDapjFTMzocOHPKi1h-Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=280&adk=2616919896&adf=68558358&pi=t.aa~a.562942491~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x280&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2224&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280&nras=3&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=1259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C4DD 202 KB
64 KB 57ms
54ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 12:45:00 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C4DD 36 KB
14 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71390
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
server: cafe
etag: 12205605038930952422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:55:10 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame A5E1 115 KB
14 KB 45ms
42ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h88963htt441p53x65p43xfhx0cnpxd9fxcsgayr0j8w17cc5tr35yn11p0vtn0vnyn0a5fj1dr958xfaxgk6k9mpn7dvs0n3y1bwyqkw6kqe2wh63q8603xta54xzvce0nf23s86v7yccv76dn764wf1v7w8b9ajhk9371qyqd1njjjtrn5kvvgvsqd8564dkpx3nfnkrqfz2b020x3j65jkxbyjjvt6nqhmgastcbh7ardbq3shkt2x39spsdgjsm9xegbyqk7qx2ytefqy8jhnp092cszw8tgq7ac6p4najh2wjbtnxcfpysk15d7adj1n4yar7z25gck3zbrdys6bqh8hchg4qkp12qzfe3nmbv2a8wv32fahrpbzd1419c6pcax018m18fx99krh0x5wq3hsfsma3vvqh7fwjw50x3b434prf649fem4r25f8bhj3v&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjRuVTI9kZaDCDcirjuwP8Kub-AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ6XmZ6uF-yPqgDAcgDAqoE5gFP0H7VfwwEGwcmNl7RvJu6TYmanaMCQbx6T54HLqT-Q5yKwCPIkXiKDYfSGgiHBjxhG7iDke2_hrDTTJBQpTZsumuzSPhyfCaN8Q0xGQaqc25vJ8_viVQaOZO8DkHmQTL9HikvDJnagSd4W3CHcA86-6UF7_E3-dycK6RfaQZhNhGPAmi3UWlvbQagUy60WMKIKe8ULwIHqNSeEi3WM0LFauZeOJk_fUhOljIvaLMic5c3xtQWLvKJK14YOz51eTeP58oKa5ctDSIr2Ice8RvqCrVmJHb1_tf6127B36fX1pAnPqfoU4AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-t2CIAPTeufXN-W8gHU9B44eWmQ%26client%3Dca-pub-5152365778116488%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h88963htt441p53x65p43xfhx0cnpxd9fxcsgayr0j8w17cc5tr35yn11p0vtn0vnyn0a5fj1dr958xfaxgk6k9mpn7dvs0n3y1bwyqkw6kqe2wh63q8603xta54xzvce0nf23s86v7yccv76dn764wf1v7w8b9ajhk9371qyqd1njjjtrn5kvvgvsqd8564dkpx3nfnkrqfz2b020x3j65jkxbyjjvt6nqhmgastcbh7ardbq3shkt2x39spsdgjsm9xegbyqk7qx2ytefqy8jhnp092cszw8tgq7ac6p4najh2wjbtnxcfpysk15d7adj1n4yar7z25gck3zbrdys6bqh8hchg4qkp12qzfe3nmbv2a8wv32fahrpbzd1419c6pcax018m18fx99krh0x5wq3hsfsma3vvqh7fwjw50x3b434prf649fem4r25f8bhj3v&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjRuVTI9kZaDCDcirjuwP8Kub-AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ6XmZ6uF-yPqgDAcgDAqoE5gFP0H7VfwwEGwcmNl7RvJu6TYmanaMCQbx6T54HLqT-Q5yKwCPIkXiKDYfSGgiHBjxhG7iDke2_hrDTTJBQpTZsumuzSPhyfCaN8Q0xGQaqc25vJ8_viVQaOZO8DkHmQTL9HikvDJnagSd4W3CHcA86-6UF7_E3-dycK6RfaQZhNhGPAmi3UWlvbQagUy60WMKIKe8ULwIHqNSeEi3WM0LFauZeOJk_fUhOljIvaLMic5c3xtQWLvKJK14YOz51eTeP58oKa5ctDSIr2Ice8RvqCrVmJHb1_tf6127B36fX1pAnPqfoU4AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-t2CIAPTeufXN-W8gHU9B44eWmQ%26client%3Dca-pub-5152365778116488%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1335320
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdPyBJnvP%2BCFu8J0zuDTLnoFCK7Qn7pcLPCKXBjmhfpWJyjtuSoeyIdJftAyTUZs7AV4Lgqf9nAVDAEgBGgQRIIi1bdjddf%2BTPwM4S1lx8074q2XiTlZhZPZTxwVwUewsI3MlQW8098%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 82ca774029b1994b-FRA
expires: Tue, 28 Nov 2023 12:45:00 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame A5E1 25 KB
10 KB 57ms
37ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h88963htt441p53x65p43xfhx0cnpxd9fxcsgayr0j8w17cc5tr35yn11p0vtn0vnyn0a5fj1dr958xfaxgk6k9mpn7dvs0n3y1bwyqkw6kqe2wh63q8603xta54xzvce0nf23s86v7yccv76dn764wf1v7w8b9ajhk9371qyqd1njjjtrn5kvvgvsqd8564dkpx3nfnkrqfz2b020x3j65jkxbyjjvt6nqhmgastcbh7ardbq3shkt2x39spsdgjsm9xegbyqk7qx2ytefqy8jhnp092cszw8tgq7ac6p4najh2wjbtnxcfpysk15d7adj1n4yar7z25gck3zbrdys6bqh8hchg4qkp12qzfe3nmbv2a8wv32fahrpbzd1419c6pcax018m18fx99krh0x5wq3hsfsma3vvqh7fwjw50x3b434prf649fem4r25f8bhj3v&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjRuVTI9kZaDCDcirjuwP8Kub-AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ6XmZ6uF-yPqgDAcgDAqoE5gFP0H7VfwwEGwcmNl7RvJu6TYmanaMCQbx6T54HLqT-Q5yKwCPIkXiKDYfSGgiHBjxhG7iDke2_hrDTTJBQpTZsumuzSPhyfCaN8Q0xGQaqc25vJ8_viVQaOZO8DkHmQTL9HikvDJnagSd4W3CHcA86-6UF7_E3-dycK6RfaQZhNhGPAmi3UWlvbQagUy60WMKIKe8ULwIHqNSeEi3WM0LFauZeOJk_fUhOljIvaLMic5c3xtQWLvKJK14YOz51eTeP58oKa5ctDSIr2Ice8RvqCrVmJHb1_tf6127B36fX1pAnPqfoU4AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-t2CIAPTeufXN-W8gHU9B44eWmQ%26client%3Dca-pub-5152365778116488%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 291327
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyQGet2ura%2BUQA9UXPFJKu0jOyxJ1uViBM81aprweOQGqO8Yu9BWl7fDYr%2FEhZ2oy3j7NGFiVd3qGnKx5aNWg0wq2g3TBZVJsuCQcSWVcZtUsXkfXLjQsuicK9QDdVRF0e%2BVHG4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 82ca774049c5994b-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 24 Nov 2023 03:49:33 GMT

GET
DATA 200
OK truncated
/ Frame 6F02 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84d36d7fd6433d1a8edde377548754ff10dd91316150b6c752ecc1485707b5d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame A4F0 0
103 B 137ms
114ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECEm0L0cFw5WG0YCTEsZK2M&google_cver=1&google_push=AXcoOmRVrSsdWbLMw1pRnPuA8SY94t1OJ2iuJovel7UWDw3K_8CO_e6BF_iIowjA4vomvCOnVEo_B0Wz8XqtDg9hpcZeXU3JQqxNJTI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=90&adk=2046082024&adf=2479915878&pi=t.aa~a.193431884~rp.4&w=790&fwrn=1&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=790x90&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2224&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280%2C380x280&nras=5&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=24
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4F0
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEPJViB6ebef3AhsMKNExOhU&google_cver=1&google_push=AXcoOmSNaQS9Qu47OXmatugim5BKtvX4V3CkdM24DsaJWInbNgzvxwMbV9L7Pl-nDE2u7Gy8dmSu21NtUxs22oJl59SvbjW21SlUAJA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2D24F4BB0E854F259DA8FD4D3C394C8C&google_push=AXcoOmSNaQS9Qu47OXmatugim5BKtvX4V3CkdM24DsaJWInbNgzvxwMbV9L7Pl-nDE2u7Gy8dmSu21NtUxs22oJ...

170 B
188 B

35ms
34ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2D24F4BB0E854F259DA8FD4D3C394C8C&google_push=AXcoOmSNaQS9Qu47OXmatugim5BKtvX4V3CkdM24DsaJWInbNgzvxwMbV9L7Pl-nDE2u7Gy8dmSu21NtUxs22oJl59SvbjW21SlUAJA

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 27 Nov 2023 12:45:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2D24F4BB0E854F259DA8FD4D3C394C8C&google_push=AXcoOmSNaQS9Qu47OXmatugim5BKtvX4V3CkdM24DsaJWInbNgzvxwMbV9L7Pl-nDE2u7Gy8dmSu21NtUxs22oJl59SvbjW21SlUAJA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 26 Nov 2023 12:45:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4F0
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEFGtTu-kzmpwG46pHeFE-dU&google_cver=1&google_push=AXcoOmStdI9fDD7PUB_ot7e-tsAKDrMILZF2uwzOruaQ-nBV8a1CDH0DhjvKWykfSGdmZX5x7VjOtg7szlA...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmStdI9fDD7PUB_ot7e-tsAKDrMILZF2uwzOruaQ-nBV8a1CDH0DhjvKWykfSGdmZX5x7VjOtg7szlA8t84Nnn1jTzZNy9WaChA&google_hm=iZuJztKJSfOol9umn...

170 B
188 B

33ms
33ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmStdI9fDD7PUB_ot7e-tsAKDrMILZF2uwzOruaQ-nBV8a1CDH0DhjvKWykfSGdmZX5x7VjOtg7szlA8t84Nnn1jTzZNy9WaChA&google_hm=iZuJztKJSfOol9umnmRKMhY

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:03 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmStdI9fDD7PUB_ot7e-tsAKDrMILZF2uwzOruaQ-nBV8a1CDH0DhjvKWykfSGdmZX5x7VjOtg7szlA8t84Nnn1jTzZNy9WaChA&google_hm=iZuJztKJSfOol9umnmRKMhY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4F0
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESELy0fyolTICchpOa4uJBE04&google_cver=1&google_push=AXcoOmR7BFhaF3uSuAOszLrXdI9zByYcCLg_7nUBrD7UnkHwQff-ms8VnfW_HT2qz2ayrwlTgMFSJHRS4Bi4xCMB...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5S_eeYvJTF0lEwaPvjCfug&google_push=AXcoOmR7BFhaF3uSuAOszLrXdI9zByYcCLg_7nUBrD7UnkHwQff-ms8VnfW_HT2qz2ayrwlTgMFSJHRS4Bi4xCMBsZqy0Xv9Yxz9h3M

170 B
188 B

34ms
34ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5S_eeYvJTF0lEwaPvjCfug&google_push=AXcoOmR7BFhaF3uSuAOszLrXdI9zByYcCLg_7nUBrD7UnkHwQff-ms8VnfW_HT2qz2ayrwlTgMFSJHRS4Bi4xCMBsZqy0Xv9Yxz9h3M

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 27 Nov 2023 12:45:00 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=5S_eeYvJTF0lEwaPvjCfug&google_push=AXcoOmR7BFhaF3uSuAOszLrXdI9zByYcCLg_7nUBrD7UnkHwQff-ms8VnfW_HT2qz2ayrwlTgMFSJHRS4Bi4xCMBsZqy0Xv9Yxz9h3M
x-host: tde-deliveryengine-production-bb588bf9-xtnh5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame A4F0 43 B
362 B 31ms
29ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTWuFnIODwu9it_bW8BtDIoCoc0RSqeIocOlnTGE36TVrzz83BbHu7gYWzJOZPsI_AqU7Zmzb2dS7yR7CbAz9Iq997J-OFoSMg&google_gid=CAESEDRNafOJOTEGihhvqMkNw8o&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 208201
expires: Mon, 27 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4F0
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPGs6wnRLUkY5HHpsK17r9E&google_cver=1&google_push=AXcoOmQBMePcSjqKPIgXSlBJLIedMtTXQxSEij-JH6wU2-4w8g1gvmhTLfmSupfh2H73T8vpMpK_J6QA4pqx...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQBMePcSjqKPIgXSlBJLIedMtTXQxSEij-JH6wU2-4w8g1gvmhTLfmSupfh2H73T8vpMpK_J6QA4pqx8jP_yJTqko03d1xyUg

170 B
188 B

34ms
34ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQBMePcSjqKPIgXSlBJLIedMtTXQxSEij-JH6wU2-4w8g1gvmhTLfmSupfh2H73T8vpMpK_J6QA4pqx8jP_yJTqko03d1xyUg

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQBMePcSjqKPIgXSlBJLIedMtTXQxSEij-JH6wU2-4w8g1gvmhTLfmSupfh2H73T8vpMpK_J6QA4pqx8jP_yJTqko03d1xyUg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame A4F0
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGdctx2SxgMJ...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQY5pBRrdBxvT0s076WAoPkIv2Xg82GVdXFIa9upKUtU9dI6C1sA4hEJQjNrMZvIRSwog_PAWdvdm7vdo7Df8A3vCZ5m0RNiL8
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

73ms
73ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=90&adk=2046082024&adf=2479915878&pi=t.aa~a.193431884~rp.4&w=790&fwrn=1&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=790x90&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2224&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280%2C380x280&nras=5&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=24
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Mon, 27 Nov 2023 12:45:01 GMT
pragma: no-cache
date: Mon, 27 Nov 2023 12:45:01 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A4F0 0
40 B 33ms
32ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IIGqUF5GtL6NJnIyEB1tzAHVMM5nRSS2lRSGIDoAHr-ZIKU9NFhmkZy5sMLq7JwpSmrieS9w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 6D05 115 KB
13 KB 42ms
36ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gjpyy5ppk5fvzhvwreraxw43bjr7rv88e6hgqxv74ns3vkhyr35566sf4wpg036y0nwhm5v1wv7vjtz783fqasc8p0m8mcvccf4g1j1qf4s91h4e7ev5zwek2e5071y2kwsm1tnaj9pea9kvs09xmc5dfhj1g4vn350vkqnhdznge3d1rhvmnm26x3zng828at4xf9vxgd1e1a5dkdpsmhvj1pb6vtszaff1phsfey04hcsa9444pw8zgr5z6zpyb0zea3wv3nd7s68tfpjernp1bb70412akdf92kw7fkwd6xn9yyks715x3y0fj9z557g8ghqvkjp5ffqknasrdj23t25s6s6r0nqg49pjaw5e2seh3e71v2vckntnzv5kk73y79k6dxmkd3jexm2dpe4k4dh40wdsz6fp8zw6atks1esvs2b36b9p2dtb91ct4eq03zz44&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCckvDTI9kZZabDrGaiM0PuZyqiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQITD9A53FuyPqgDAcgDAqoE5wFP0H7u4BHzb-14igiIqEqH7ATlmrFNHmP7kRt3m0sW1bhB8pPrDxsRdOLWgzi-URrRAkOUi2wIyPC8wJVb4iZBGBD2EZfkRdOxj2JVlt_sMeIvHdDo-W-hRRSzkkPn8zYBPCRxTPlWLrelF03g9V2mBhOlDcXwJK4he8NsvIli1yQcRlmrYgXHDLR3TXC3CCdyM0jTMmVn0dbourktOKouUnMPc_-eyltTyh2Q1Tehi4DVCMkRspUcKAC6yBvKqgSHG_j0ZwNs4vEZDejEu3ZsNRcP-is3uBMBKxprF7_lfEXLiCBa0i2ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0_4nN4jhzknIrud0z0n962-0DwAQ%26client%3Dca-pub-5152365778116488%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gjpyy5ppk5fvzhvwreraxw43bjr7rv88e6hgqxv74ns3vkhyr35566sf4wpg036y0nwhm5v1wv7vjtz783fqasc8p0m8mcvccf4g1j1qf4s91h4e7ev5zwek2e5071y2kwsm1tnaj9pea9kvs09xmc5dfhj1g4vn350vkqnhdznge3d1rhvmnm26x3zng828at4xf9vxgd1e1a5dkdpsmhvj1pb6vtszaff1phsfey04hcsa9444pw8zgr5z6zpyb0zea3wv3nd7s68tfpjernp1bb70412akdf92kw7fkwd6xn9yyks715x3y0fj9z557g8ghqvkjp5ffqknasrdj23t25s6s6r0nqg49pjaw5e2seh3e71v2vckntnzv5kk73y79k6dxmkd3jexm2dpe4k4dh40wdsz6fp8zw6atks1esvs2b36b9p2dtb91ct4eq03zz44&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCckvDTI9kZZabDrGaiM0PuZyqiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQITD9A53FuyPqgDAcgDAqoE5wFP0H7u4BHzb-14igiIqEqH7ATlmrFNHmP7kRt3m0sW1bhB8pPrDxsRdOLWgzi-URrRAkOUi2wIyPC8wJVb4iZBGBD2EZfkRdOxj2JVlt_sMeIvHdDo-W-hRRSzkkPn8zYBPCRxTPlWLrelF03g9V2mBhOlDcXwJK4he8NsvIli1yQcRlmrYgXHDLR3TXC3CCdyM0jTMmVn0dbourktOKouUnMPc_-eyltTyh2Q1Tehi4DVCMkRspUcKAC6yBvKqgSHG_j0ZwNs4vEZDejEu3ZsNRcP-is3uBMBKxprF7_lfEXLiCBa0i2ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0_4nN4jhzknIrud0z0n962-0DwAQ%26client%3Dca-pub-5152365778116488%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1335320
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4N5P5HlTcBwBW5uudxdx26DL0MPQinezedFSDW0tK%2FfzspwZCqhtG024E794Nf8jjPpYNwqPzvMz4%2Bt9voyNokkwOe1THTrcnsIaYOoe9urn3nna43wdpA%2BomZ5RP1uOnHTEs5oLns%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 82ca774029b8994b-FRA
expires: Tue, 28 Nov 2023 12:45:00 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 6D05 25 KB
10 KB 50ms
36ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gjpyy5ppk5fvzhvwreraxw43bjr7rv88e6hgqxv74ns3vkhyr35566sf4wpg036y0nwhm5v1wv7vjtz783fqasc8p0m8mcvccf4g1j1qf4s91h4e7ev5zwek2e5071y2kwsm1tnaj9pea9kvs09xmc5dfhj1g4vn350vkqnhdznge3d1rhvmnm26x3zng828at4xf9vxgd1e1a5dkdpsmhvj1pb6vtszaff1phsfey04hcsa9444pw8zgr5z6zpyb0zea3wv3nd7s68tfpjernp1bb70412akdf92kw7fkwd6xn9yyks715x3y0fj9z557g8ghqvkjp5ffqknasrdj23t25s6s6r0nqg49pjaw5e2seh3e71v2vckntnzv5kk73y79k6dxmkd3jexm2dpe4k4dh40wdsz6fp8zw6atks1esvs2b36b9p2dtb91ct4eq03zz44&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCckvDTI9kZZabDrGaiM0PuZyqiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQITD9A53FuyPqgDAcgDAqoE5wFP0H7u4BHzb-14igiIqEqH7ATlmrFNHmP7kRt3m0sW1bhB8pPrDxsRdOLWgzi-URrRAkOUi2wIyPC8wJVb4iZBGBD2EZfkRdOxj2JVlt_sMeIvHdDo-W-hRRSzkkPn8zYBPCRxTPlWLrelF03g9V2mBhOlDcXwJK4he8NsvIli1yQcRlmrYgXHDLR3TXC3CCdyM0jTMmVn0dbourktOKouUnMPc_-eyltTyh2Q1Tehi4DVCMkRspUcKAC6yBvKqgSHG_j0ZwNs4vEZDejEu3ZsNRcP-is3uBMBKxprF7_lfEXLiCBa0i2ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0_4nN4jhzknIrud0z0n962-0DwAQ%26client%3Dca-pub-5152365778116488%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 291327
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TNatUtsJRYuzuGoAjb7iJbjvAGKqugAO7gTokJEC%2BU%2BPX7z6%2F24pHFBmySb8fT%2BR991C%2BWPkkfLwkSYea4%2BXVHxRvAgTXd4tI%2FcMopt9c%2FVwn7F%2Fuj68AO9IQ9STJx%2Fu14hoNg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 82ca774049c6994b-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 24 Nov 2023 03:49:33 GMT

GET
DATA 200
OK truncated
/ Frame 0DF9 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 726ea279594695c9de64454bddef579d75edf22ebbb79f6654afd0b156b8310a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C01
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBrbwfS5UhDR0pghiWhHLrQ&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBrbwfS5UhDR0pghiWhHLrQ&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TDI1eUZvVngxUjdBWVk1&google_gid=CAESEBrbwfS5UhDR0pghiWhHLrQ&google_cver=1&google_push=AXcoOmTrsxpC1KHEjIslMdmvtEv0DskwGt2oHzHhpr8MoB4...

170 B
188 B

34ms
34ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TDI1eUZvVngxUjdBWVk1&google_gid=CAESEBrbwfS5UhDR0pghiWhHLrQ&google_cver=1&google_push=AXcoOmTrsxpC1KHEjIslMdmvtEv0DskwGt2oHzHhpr8MoB4O-reFXer5UisZvTxFB-hYnuAzkDSUtrYGyaVzF0qHPNZdOCN5IWgkug

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 27 Nov 2023 12:45:00 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TDI1eUZvVngxUjdBWVk1&google_gid=CAESEBrbwfS5UhDR0pghiWhHLrQ&google_cver=1&google_push=AXcoOmTrsxpC1KHEjIslMdmvtEv0DskwGt2oHzHhpr8MoB4O-reFXer5UisZvTxFB-hYnuAzkDSUtrYGyaVzF0qHPNZdOCN5IWgkug
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 3C01
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIS_OXAP-CqE9mSf_0s5WcQ&google_cver=1&google_push=AXcoOmSszHfTNDRek5iDs89BWXImvlpd1WD9OqU9h-NFLZKs9tNYZK75gqSxqprrGq7ZQZDE3RmyKCN-CX6_zTpqifMBxJsjksz-U...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIS_OXAP-CqE9mSf_0s5WcQ&google_cver=1&google_push=AXcoOmSszHfTNDRek5iDs89BWXImvlpd1WD9OqU9h-NFLZKs9tNYZK75gqSxqprrGq7ZQZDE3RmyKCN-CX6_zTpqifMBxJsjksz...

43 B
425 B

183ms
182ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIS_OXAP-CqE9mSf_0s5WcQ&google_cver=1&google_push=AXcoOmSszHfTNDRek5iDs89BWXImvlpd1WD9OqU9h-NFLZKs9tNYZK75gqSxqprrGq7ZQZDE3RmyKCN-CX6_zTpqifMBxJsjksz-UZs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSszHfTNDRek5iDs89BWXImvlpd1WD9OqU9h-NFLZKs9tNYZK75gqSxqprrGq7ZQZDE3RmyKCN-CX6_zTpqifMBxJsjksz-UZs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: icookandpaint.com
URL: https://icookandpaint.com/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:01 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82ca7741b80035e5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:01 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 273
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIS_OXAP-CqE9mSf_0s5WcQ&google_cver=1&google_push=AXcoOmSszHfTNDRek5iDs89BWXImvlpd1WD9OqU9h-NFLZKs9tNYZK75gqSxqprrGq7ZQZDE3RmyKCN-CX6_zTpqifMBxJsjksz-UZs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSszHfTNDRek5iDs89BWXImvlpd1WD9OqU9h-NFLZKs9tNYZK75gqSxqprrGq7ZQZDE3RmyKCN-CX6_zTpqifMBxJsjksz-UZs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82ca77403e0b35e5-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 3C01 0
98 B 86ms
31ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmSvWs_tYrfOESeN_E8ANCksLhP_RQRgmoT472Cgd9aoaF4LEzwgu8UzesFX4Jgi8yQjK8vXMEsbuHDdnFfXXYkTD0j9rnY3aQ&google_gid=CAESEP5sMK1BwJbD5e7RlwjAQ1Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=280&adk=2960012911&adf=3562762558&pi=t.aa~a.2420967575~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x280&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2224&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0&nras=2&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=1650&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C01
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEN0W-KZRF3IkETDkwiVV2R4&google_cver=1&google_push=AXcoOmTR1nWMPPvr03_5scxy_ZC7-yQ7T1HCasLdG3YkUMqFxMC44XWBQfyLc2QQ1vnJ0jzpQzT2WXh2PkVe_sbt...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=lnZ7NU86TD0ZfrHS8KC4Xg&google_push=AXcoOmTR1nWMPPvr03_5scxy_ZC7-yQ7T1HCasLdG3YkUMqFxMC44XWBQfyLc2QQ1vnJ0jzpQzT2WXh2PkVe_sbtESjy9SKdS0DIy3E

170 B
188 B

35ms
34ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=lnZ7NU86TD0ZfrHS8KC4Xg&google_push=AXcoOmTR1nWMPPvr03_5scxy_ZC7-yQ7T1HCasLdG3YkUMqFxMC44XWBQfyLc2QQ1vnJ0jzpQzT2WXh2PkVe_sbtESjy9SKdS0DIy3E

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 27 Nov 2023 12:45:00 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=lnZ7NU86TD0ZfrHS8KC4Xg&google_push=AXcoOmTR1nWMPPvr03_5scxy_ZC7-yQ7T1HCasLdG3YkUMqFxMC44XWBQfyLc2QQ1vnJ0jzpQzT2WXh2PkVe_sbtESjy9SKdS0DIy3E
x-host: tde-deliveryengine-production-bb588bf9-q6dwr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C01
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmR-ZTw5...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmR-ZTw5...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzExMjcxMjQ1MDEwMDAxMzg3MzY4ODE1NQ%3D%3D&google_push=AXcoOmR-ZTw5XGTY0Cg8Eh5Ip-WuYtuML8N6-0KVD3qd0ZyHYHMVG4HzMiBbWwuL0X4fDx...

170 B
188 B

33ms
32ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzExMjcxMjQ1MDEwMDAxMzg3MzY4ODE1NQ%3D%3D&google_push=AXcoOmR-ZTw5XGTY0Cg8Eh5Ip-WuYtuML8N6-0KVD3qd0ZyHYHMVG4HzMiBbWwuL0X4fDxH5wcrb8sGm0yepQ6F-lwMSJ95hmjuc3WM

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzExMjcxMjQ1MDEwMDAxMzg3MzY4ODE1NQ%3D%3D&google_push=AXcoOmR-ZTw5XGTY0Cg8Eh5Ip-WuYtuML8N6-0KVD3qd0ZyHYHMVG4HzMiBbWwuL0X4fDxH5wcrb8sGm0yepQ6F-lwMSJ95hmjuc3WM
pragma: no-cache
date: Mon, 27 Nov 2023 12:45:01 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Mon, 27 Nov 2023 12:45:01 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 3C01 43 B
362 B 31ms
30ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTQ8hUcqNOYCtU_iDnif8271PrkFXOubcY5c-3MitQJ0f-5uaYZM_bxlxeMmNmBDMaEdEFj5W7r8VzBzMPSgLd_ayToLmtagA&google_gid=CAESECbeg5UIbxQI5u5n2sKUuMc&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 307044
expires: Mon, 27 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3C01
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMs9Q7kIcIXjOhcG8fAiR4E&google_cver=1&google_push=AXcoOmSO3vwNaqsV2Kaf6Yj3sRpNPzfr5XOlnw3JVL6CXVJGSRtnH79EtgHcy3p6_BaOrPRcrC-6nfeu...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMs9Q7kIcIXjOhcG8fAiR4E&google_cver=1&google_push=AXcoOmSO3vwNaqsV2Kaf6Yj3sRpNPzfr5XOlnw3JVL6CXVJGSRtnH79EtgHcy3p6_BaOrPRcrC-...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzEzNDUxNDAyNzc4MzA3MjYw&google_push=AXcoOmSO3vwNaqsV2Kaf6Yj3sRpNPzfr5XOlnw3JVL6CXVJGSRtnH79EtgHcy3p6_BaOrPRcrC-6nfeu...

170 B
188 B

33ms
33ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzEzNDUxNDAyNzc4MzA3MjYw&google_push=AXcoOmSO3vwNaqsV2Kaf6Yj3sRpNPzfr5XOlnw3JVL6CXVJGSRtnH79EtgHcy3p6_BaOrPRcrC-6nfeuYGCq6_ljynINQrsXnm22hg

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzEzNDUxNDAyNzc4MzA3MjYw&google_push=AXcoOmSO3vwNaqsV2Kaf6Yj3sRpNPzfr5XOlnw3JVL6CXVJGSRtnH79EtgHcy3p6_BaOrPRcrC-6nfeuYGCq6_ljynINQrsXnm22hg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 3C01 0
49 B 35ms
34ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KgB67KszAnP94AkXzsf_q9GIhK9PT4wpT-JInha-fOvr39t6OIzvRYGgIUtuGPeFrcjTmP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5DAB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
39ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:00 GMT
expires: Mon, 27 Nov 2023 12:45:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 563C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

42ms
41ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:00 GMT
expires: Mon, 27 Nov 2023 12:45:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:00 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C4DD 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77c50a7fcf056c7f33e57a397fac5ad69ee47a02cd1340e41d8966aac7ec9db6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 36B2
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJzc9an4xGoNge8E0N126To&google_cver=1&google_push=AXcoOmTvaa3mZ12oiR5l53BPYc6ZxOzntO-26F6F7LxZh2eGpCHMLaPyqgQ9ldkfH7FVeKCKghxYc5B2ndbf-0EicgVDhFZA2HG8U...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJzc9an4xGoNge8E0N126To&google_cver=1&google_push=AXcoOmTvaa3mZ12oiR5l53BPYc6ZxOzntO-26F6F7LxZh2eGpCHMLaPyqgQ9ldkfH7FVeKCKghxYc5B2ndbf-0EicgVDhFZA2HG...

43 B
405 B

178ms
178ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJzc9an4xGoNge8E0N126To&google_cver=1&google_push=AXcoOmTvaa3mZ12oiR5l53BPYc6ZxOzntO-26F6F7LxZh2eGpCHMLaPyqgQ9ldkfH7FVeKCKghxYc5B2ndbf-0EicgVDhFZA2HG8UA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTvaa3mZ12oiR5l53BPYc6ZxOzntO-26F6F7LxZh2eGpCHMLaPyqgQ9ldkfH7FVeKCKghxYc5B2ndbf-0EicgVDhFZA2HG8UA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: icookandpaint.com
URL: https://icookandpaint.com/
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:01 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82ca7741afdb35e5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:01 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 589
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJzc9an4xGoNge8E0N126To&google_cver=1&google_push=AXcoOmTvaa3mZ12oiR5l53BPYc6ZxOzntO-26F6F7LxZh2eGpCHMLaPyqgQ9ldkfH7FVeKCKghxYc5B2ndbf-0EicgVDhFZA2HG8UA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTvaa3mZ12oiR5l53BPYc6ZxOzntO-26F6F7LxZh2eGpCHMLaPyqgQ9ldkfH7FVeKCKghxYc5B2ndbf-0EicgVDhFZA2HG8UA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82ca77406e5635e5-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36B2
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEEYAIEmtIGQRepGBGpZD8gE&google_cver=1&google_push=AXcoOmRbEjG637CBSDBZArSMKfcNKCp0m6wYZQVJAtOAFYAtJPmzQuYRmE0_sE-RtxB-UPXU2LAcJo9Jjoosfpm5781uh9gFakvAwBQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1839467EDBE849378F2AD9D6AF3608CC&google_push=AXcoOmRbEjG637CBSDBZArSMKfcNKCp0m6wYZQVJAtOAFYAtJPmzQuYRmE0_sE-RtxB-UPXU2LAcJo9Jjoosfpm...

170 B
188 B

40ms
39ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1839467EDBE849378F2AD9D6AF3608CC&google_push=AXcoOmRbEjG637CBSDBZArSMKfcNKCp0m6wYZQVJAtOAFYAtJPmzQuYRmE0_sE-RtxB-UPXU2LAcJo9Jjoosfpm5781uh9gFakvAwBQ

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 27 Nov 2023 12:45:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1839467EDBE849378F2AD9D6AF3608CC&google_push=AXcoOmRbEjG637CBSDBZArSMKfcNKCp0m6wYZQVJAtOAFYAtJPmzQuYRmE0_sE-RtxB-UPXU2LAcJo9Jjoosfpm5781uh9gFakvAwBQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 26 Nov 2023 12:45:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36B2
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEMPfWg38WQjOARRVxgrAnRE&google_cver=1&google_push=AXcoOmTnWFdm-Cu-fDzMUlw8yRMnQIrH3KOGSGOK6wEOLuGg-vVDb2H0NCNJyv11OmOMaJ7HdrscT3B6vTSeE7...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmTnWFdm-Cu-fDzMUlw8yRMnQIrH3KOGSGOK6wEOLuGg-vVDb2H0NCNJyv11OmOMaJ7HdrscT3B6vTSeE7LR2AGJ_9-j0dY6wWU&google_hm=hmVkj0wLS5YmQa...

170 B
188 B

36ms
35ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmTnWFdm-Cu-fDzMUlw8yRMnQIrH3KOGSGOK6wEOLuGg-vVDb2H0NCNJyv11OmOMaJ7HdrscT3B6vTSeE7LR2AGJ_9-j0dY6wWU&google_hm=hmVkj0wLS5YmQa3_9Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65648F4C0B4B962641ADFFF5BLIS

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmTnWFdm-Cu-fDzMUlw8yRMnQIrH3KOGSGOK6wEOLuGg-vVDb2H0NCNJyv11OmOMaJ7HdrscT3B6vTSeE7LR2AGJ_9-j0dY6wWU&google_hm=hmVkj0wLS5YmQa3_9Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65648F4C0B4B962641ADFFF5BLIS
date: Mon, 27 Nov 2023 12:45:00 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 36B2 43 B
146 B 92ms
24ms Image
image/gif 3.69.41.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHndn6SWKL1B91TKu8cjePo&google_cver=1&google_push=AXcoOmSmTe4ERMbSV4OG8BS3yF2jJN0LYQD8k6D_YxO-ojmQ4cNyUpYZq14WklUdjJ4hABk8njskgqsInRQssyxBwNgErZZEQiaa5Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=280&adk=2616919896&adf=68558358&pi=t.aa~a.562942491~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x280&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2224&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280&nras=3&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=1259&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.41.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-41-2.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36B2
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEyQGItewJfv8LuC8EB93sc&google_cver=1&google_push=AXcoOmSbVUb_2gZ6DfqYVFkgs7L-OTgkUS-ZzMS0blJI4VdGUrY74y9vcXBgi2f2V7ShTxpSIVpb-6urmYVeEICPgPRCv1y...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSbVUb_2gZ6DfqYVFkgs7L-OTgkUS-ZzMS0blJI4VdGUrY74y9vcXBgi2f2V7ShTxpSIVpb-6urmYVeEICPgPRCv1y8oJXJ95c&google_hm=eS1JYlRMT1dORTJwR2V...

170 B
188 B

33ms
32ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSbVUb_2gZ6DfqYVFkgs7L-OTgkUS-ZzMS0blJI4VdGUrY74y9vcXBgi2f2V7ShTxpSIVpb-6urmYVeEICPgPRCv1y8oJXJ95c&google_hm=eS1JYlRMT1dORTJwR2VYUFhCQmI0Q0VPd1BsZHZ3WUZIcX5B

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 27 Nov 2023 12:45:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSbVUb_2gZ6DfqYVFkgs7L-OTgkUS-ZzMS0blJI4VdGUrY74y9vcXBgi2f2V7ShTxpSIVpb-6urmYVeEICPgPRCv1y8oJXJ95c&google_hm=eS1JYlRMT1dORTJwR2VYUFhCQmI0Q0VPd1BsZHZ3WUZIcX5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 36B2 43 B
362 B 36ms
28ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSODtQsIhPFWEpFsvxtmsAZ-LsEU9OHd1aCdCTa-SfhvvD9BZDQ_cpU4rsPpiFcKqp_BERCHeinmQO15mdFZM4P3wfhcXziXQ&google_gid=CAESEGnpPhIdqCiBg9v1rlP3T_U&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 193000
expires: Mon, 27 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36B2
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEELhjf1f58C4K5AYKm0qkDk&google_cver=1&google_push=AXcoOmS2HXOxLO7exQg5Fxv6gPQE-Zu2fDxSZa9q8t3UlSxAhfVPepNFyWrRRJRhJCzqhhBu5fbfHAdp15-R...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS2HXOxLO7exQg5Fxv6gPQE-Zu2fDxSZa9q8t3UlSxAhfVPepNFyWrRRJRhJCzqhhBu5fbfHAdp15-R-OHB9rHiuArBHhQMiKU

170 B
188 B

35ms
35ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS2HXOxLO7exQg5Fxv6gPQE-Zu2fDxSZa9q8t3UlSxAhfVPepNFyWrRRJRhJCzqhhBu5fbfHAdp15-R-OHB9rHiuArBHhQMiKU

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS2HXOxLO7exQg5Fxv6gPQE-Zu2fDxSZa9q8t3UlSxAhfVPepNFyWrRRJRhJCzqhhBu5fbfHAdp15-R-OHB9rHiuArBHhQMiKU
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 36B2 0
40 B 41ms
33ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IA9L8mFmNAGECU3s9WTuOIvq0immTAYfWc_i7qwG7aNMwo-PA6Fx_M9ZjSe4_RKxOJ8vjB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C4DD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CluA0TI9kZeuADtKfiM0PraWfkATMj86zdMjeidmkELCQHxABINyijShglfrwgYwHoAH34pu0KMgBAqgDAcgDyQSqBO4BT9BWMcVlcPJVa3qXY-PIBBt1i0-bnOC-72AuorIo6m8EkMSOEv6...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228971816263549577870%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%...

0
0

57ms
57ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228971816263549577870%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%224%22:[%2211-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215062821226572734481%22}&andc=true

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"8971816263549577870","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"4":["11-27"],"6":["true"]},"priority":"500","source_event_id":"15062821226572734481"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Nov 2023 12:45:01 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Nov 2023 12:45:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8971816263549577870","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"4":["11-27"],"6":["true"]},"priority":"500","source_event_id":"15062821226572734481"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 6D05 350 B
641 B 107ms
37ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 606348
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4ptrp%2B2XuWC2wYqsLQLybGGN6O%2FebawPc%2Buiiy4SmufDDt5zT3gdiiHQJGGBId9fq08pgDypeZpm5wPwWUi8m%2Fzx11PqvsKOLGRI%2FvDZuEG14zlKQtkczbMxNfqtZgq%2F7U28Ad%2BHVdW1F2NXV1xRcLY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82ca77412a51926b-FRA
expires: Tue, 19 Nov 2024 12:19:12 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A5E1 350 B
910 B 105ms
36ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 606348
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pf2uSPnYG2IDywwi5FVhiVJlJC1NOpoW97zF3RqCQfh0bHNZpTGW6qJz%2BRFlPGInT%2F0aJtyPE9awf3ucK1BLrDnhkY41xkI4%2Fv8dXT4kNEov10ybK2zKBq1pDs6ED77BgrRkJCEPrXW3LY56X%2Fatzfmb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82ca77412a4c926b-FRA
expires: Tue, 19 Nov 2024 12:19:12 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0DF9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Ce2WDTI9kZfzXDdqsiM0PvPu0-ArUiLusdJ68t_PgEb_hHhABINyijShglfrwgYwHoAGs1ZL-A8gBA6kCfvH_VGddsj6oAwHIA8kEqgTqAU_Qm75OJUWnlTevYSD56zz8uj-39T7cG_Mmagt...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210103872721546105382%22,%22debug_reporting%22:true,%22destination%22:%22https://wolf.eu%22,%22event_report_window%22:%2225...

0
0

57ms
57ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210103872721546105382%22,%22debug_reporting%22:true,%22destination%22:%22https://wolf.eu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221069853356%22],%224%22:[%2211-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226108342603848112129%22}&andc=true

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10103872721546105382","debug_reporting":true,"destination":"https://wolf.eu","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1069853356"],"4":["11-27"],"6":["true"]},"priority":"500","source_event_id":"6108342603848112129"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Nov 2023 12:45:01 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Nov 2023 12:45:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10103872721546105382","debug_reporting":true,"destination":"https://wolf.eu","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1069853356"],"4":["11-27"],"6":["true"]},"priority":"500","source_event_id":"6108342603848112129"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 frame.html Show response
ad4m.at/ Frame 3BAC 2 KB
2 KB 35ms
33ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1499396
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 82ca7740b9ee1941-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 27 Nov 2023 12:45:00 GMT
expires: Fri, 10 Nov 2023 05:08:36 GMT
last-modified: Tue, 17 Oct 2023 09:43:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNNc8oUtYuwvJ%2FRU1ji%2FbI7mgbeoWAKB4iaXZG7sPQ2x%2FcOmrvkeEo4UOFk28IDsYe07uBU4NV7ccpULbyVFwK6yss1rUkMHOIs8ox5W587F9QQ8MVutePolhaxUDi1H2sX0uTg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 frame.html Show response
ad4m.at/ Frame A56F 2 KB
2 KB 39ms
37ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1499396
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 82ca7740b9f01941-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 27 Nov 2023 12:45:00 GMT
expires: Fri, 10 Nov 2023 05:08:36 GMT
last-modified: Tue, 17 Oct 2023 09:43:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqioOp0SLK6HXBFMHtuywlz3PKHVo4qKFNgKx88kKumd4ciFbaNSZQ7rFIpQ%2Fc%2ByBY8ZIxxlXj%2B%2FO%2FZC1mzdS67Wvgde8oYVu1dBIKGM6oAmv4VS4NMlkKuDAbyq5pSF8kCtUnU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 6EB2 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 302931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 00:36:09 GMT

GET
H3 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E87 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 00:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 302931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Nov 2024 00:36:09 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 6D05 2 KB
2 KB 56ms
55ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac3cce84cefafb37101c83a72ac6b312b5a25d6d7212de24152ab9238099847c

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZ6OxPXfPTMBFYZ4lRCXU8cVYG7tCGpb%2FXUZIzObZRL6uRlBwBWL0DiL4s1P5ff4Q8fsr0yKFvaC8SApruaCLcsfhGTgB5QUjPw8iHj%2F7CFiiyjEFeCbHphHwhhDTgnQ3wPzYf4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 82ca77417b8891e3-FRA
x-backend-server: aa-reachservice-group-europe-west1-rlrs
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 77ms
49ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82ca77412b2791e3-FRA
content-length: 24
content-type: text/plain
date: Mon, 27 Nov 2023 12:45:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgJ0SjZVBr9MpQ8I2BKNUcImUsDRWJdSuAP7v8TlO5W9S4WCYeU4GPedm8qvnHDM1Tm7dsezLx%2Fc5xqfoDX%2BkEp9zBWZ2vRZFXgX8HRxfQpAmevefDwOkfRLUa1HTtARzroxbNw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-rlrs

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 56ms
55ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 27 Nov 2023 12:45:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 rs Show response
ad4m.at/ Frame A5E1 2 KB
2 KB 67ms
66ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 099a73b67e21848d3c4e58df4b50e6df4c6fe49f6dc7135bc8c3f10c6e0e3581

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHBzmUX2%2BD1%2BqK0OyQjE9oUbYnySVFKB6vtkEkbrRzjxS4ZgDA8hj5B1qXG6E5XXttw%2BbTZnD%2BwKU%2BsY1MT1rg%2Bfb9fnSUSk6XM8XBDQl5nStKRWQlvqttp6jrkrGj%2FFeWpeCRc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 82ca77417b7c91e3-FRA
x-backend-server: aa-reachservice-group-europe-west1-rlrs
alt-svc: h3=":443"; ma=86400

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 56ms
55ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 27 Nov 2023 12:45:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 48ms
47ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82ca77412b2591e3-FRA
content-length: 24
content-type: text/plain
date: Mon, 27 Nov 2023 12:45:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0pblg7gR8Tg%2FaGnxirlE567PdqxG3xpGfdd9l%2BBJ%2Bowqd0jLV252ktHNgQlycASJSPAn%2B6NrEWhWdGxiu2CgROtxE8z%2BkiJu07Ar9MrCfyf0yr8XqnMlD1I%2BzIvFxG6Vu%2BAIko%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-rlrs

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 185F 2 KB
3 KB 46ms
46ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gffg43gkfxypmqn6zzbs6z85cpa07ta1hvd8ed604qfqa7gbr4yh7sn8gnyge7fgnrzg669gc5detfz7gwha982rhwnpn0ehcs9x4cb42r310aed1katqnsfpcq1q8qz7z485ebhgkzxeam2p18hxq2bvpt3r8b31vhrcbq5y3gs90qyrx7zwrd5ecwkj3mk9zy110dxbxp7zxqaand1zz2za5b7shr8rmdavq7kvz256xm3c0xxqj6cm6gf8pnggw90mxqvpfewk1hhrsmtxx9t5rb62gtcfyb7pgn19vt06y8n2bp58cq0xbkmjzx4vjjtnc4x48rgvm5jjeyqqamgggyb7nzhk3hk4e9zjwsv78881cszc6da00rgc0bqzakyndzs999apb0j98ry8kq0b7qqhwfgazn4qkwe8xxbb44es7wvhwxpwp2630s0x513a7w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeIOgTI9kZcveDbGpjuwPh-Ca4ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ-8f9UZ12yPqgDAcgDAqoE5gFP0Nf0jUaZ7fYpGCa_-DJGxyjEH4GYavx-E8MNNTAaqy6vrXS67KOO1uv8wNFiskQx3-w5NkzdYEJfdfBARg2siBbn3JFII0cRORTA5t4mMrlyXyljlxgw7NrVmU_4cAh3FAjYqmi37zFufL8rMB3G_zns8FFTsVysk1XArPN5G9kweKKwh1vD0lJhw-szjD3ckZ4tzrhtV5OwgqdbkGLNadEzJqDR57zWIQwXpEFlgAHw0aett6fr-xJlYNFenk-98uAZt4zfCPup7jAQB2_XCEHDdvkeuQoPdePd5XbYmLPyfUJM9IAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3AnTO8_oN7HXo2qnRclaWSuoGzDQ%26client%3Dca-pub-5152365778116488%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=50&adk=3306574534&adf=750424724&pi=t.aa~a.315013902~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x50&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2223&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280%2C380x280%2C790x90%2C380x100&nras=7&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=2985&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=28

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5d2b172bfc023bbc845e3f4f7f3c2acf2bbf689e5fe39bc048f45a8b9be6746

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82ca77416aa21941-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:01 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C2E7 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 09:52:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 09:52:14 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2834 1 KB
643 B 24ms
23ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 16:18:10 GMT
etag: 48472445140208031
expires: Mon, 27 Nov 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C2E7 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:17:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73662
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Dec 2023 16:17:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C2E7 0
0 31ms
30ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTrQOBSNkYtL_BGL7SNidq9B5sYjZIOr6LdoaPCj9ZttTocdAf1urWmMDN6VIlJQ_niak0xNhVEEaQPV_EA_ggAba2UIQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=50&adk=3306574534&adf=750424724&pi=t.aa~a.315013902~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x50&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2223&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280%2C380x280%2C790x90%2C380x100&nras=7&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=2985&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=28
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C2E7 202 KB
64 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 12:45:01 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6F02 0
19 B 67ms
67ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_te-TI9kZaDCDcirjuwP8Kub-AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ6XmZ6uF-yPqgDAcgDAqoE4wFP0H7VfwwEGwcmNl7RvJu6TYmanaMCQbx6T54HLqT-Q5yKwCPIkXiKDYfSGgiHBjxhG7iDke2_hrDTTJBQpTZsumuzSPhyfCaN8Q0xGQaqc25vJ8_viVQaOZO8DkHmQTL9HikvDJnagSd4W3CHcA86-6UF7_E3-dycK6RfaQZhNhGPAmi3UWlvbQagUy60WMKIKe8ULwIHqNSeEi3WM0LFauZeOJk_fUhOljIvaLMic5c3xtQWLvKJK14YOz43exYdMDONK1-qRbTxkRXsyA_gp79IPKt1PJ5oL_rf878CCg9n9oAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01MTUyMzY1Nzc4MTE2NDg4GAA&sigh=OTp3wq-cOiU&uach_m=%5BUACH%5D&cid=CAQSPADICaaNcf92CkY7sILBpvlM8WL6vYnuRty5JaBuUo4A7I9bHl9Y8v_Leb65LJkeGI0yzhLi_E-00kQXsBgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=90&adk=2046082024&adf=2479915878&pi=t.aa~a.193431884~rp.4&w=790&fwrn=1&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=790x90&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2224&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280%2C380x280&nras=5&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=24
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Nov 2023 12:45:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 6F02 0
39 B 33ms
33ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g30fqzmp8wwhb2j73t1pazn4jt4g3pdahnfqqyemd6485bbknrjb30n6342v2a2vyhmhc6q0pyjvgxftg7zg8nafxabwdmf64gj29qxpzztvwksb3gdwrsykza63w17zm2g4ycjeyk1tmyfym5zvz210thstm8xd2kptpja5s524y7tyxn36x28hd59hjgfkzqewya51ermyy2cngpffh4xwe9h22wyz7v259m9kb04jpvdvb66dsjpeyekzgb87sdm2m4z9kjv6n0a35pdgf2sjxmjgdbh3fvna3z98r23cq2sv998rvnw4qd512t4ygg848dvqqkbc1e2sqeh7hwwrf2s7fpzcqp8dz59hektg097jwssrbj0a0gkw128zwjhhbzqegj1650&b=ZWSPTAADYSAHg5XIAAbV8A7H87nKz5BhLQxbGA&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=90&adk=2046082024&adf=2479915878&pi=t.aa~a.193431884~rp.4&w=790&fwrn=1&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=790x90&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&fwrattr=false&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2224&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280%2C380x280&nras=5&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 27 Nov 2023 12:45:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame C2E7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b221901d99aa2ee6f9b7a0afa6f5d5d346212a2a5e30510f45ba433a428d593

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2834
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEINplSyBAJpckAMLvGjd_vU&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TDI1eUZvVngxUjdBWVk1&google_gid=CAESEINplSyBAJpckAMLvGjd_vU&google_cver=1&google_push=AXcoOmSJUoKBh8NEUQ949GMMoAg8jTVL9w1MqsRropmOkKo...

170 B
188 B

33ms
33ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TDI1eUZvVngxUjdBWVk1&google_gid=CAESEINplSyBAJpckAMLvGjd_vU&google_cver=1&google_push=AXcoOmSJUoKBh8NEUQ949GMMoAg8jTVL9w1MqsRropmOkKor5kOhnFvEb71md4Js2TJlV-jyNTo_azmRaxUflzM027yux0l83lwDXbGD

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 27 Nov 2023 12:45:00 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TDI1eUZvVngxUjdBWVk1&google_gid=CAESEINplSyBAJpckAMLvGjd_vU&google_cver=1&google_push=AXcoOmSJUoKBh8NEUQ949GMMoAg8jTVL9w1MqsRropmOkKor5kOhnFvEb71md4Js2TJlV-jyNTo_azmRaxUflzM027yux0l83lwDXbGD
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2834
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECbKWJtoWdR1o2qvZrypFDY&google_push=AXcoOmQJ6CwsebhbNU5jX7iVbQYQ3wY_WcNbYUs1CfYsZLYzD12iPnaxXr...

170 B
188 B

32ms
32ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECbKWJtoWdR1o2qvZrypFDY&google_push=AXcoOmQJ6CwsebhbNU5jX7iVbQYQ3wY_WcNbYUs1CfYsZLYzD12iPnaxXrvrnOTSTYDeS3q2Y2Iz-JsQ9bBow0eAACoEo2GNirlgOb2b

Requested by

Host: icookandpaint.com
URL: https://icookandpaint.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-cph2320055-CPH
pragma: no-cache
date: Mon, 27 Nov 2023 12:45:01 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1701089101.176900,VS0,VE100
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECbKWJtoWdR1o2qvZrypFDY&google_push=AXcoOmQJ6CwsebhbNU5jX7iVbQYQ3wY_WcNbYUs1CfYsZLYzD12iPnaxXrvrnOTSTYDeS3q2Y2Iz-JsQ9bBow0eAACoEo2GNirlgOb2b
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2834
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECHPsbBuQAbOKxcQbbvyOAA&google_cver=1&google_push=AXcoOmQG_syimiWNPfwXuSDpaZaMZ5aWWJJqEn1VuUMi-jZ7sB5gsGOLlAfNblBa_5q8nb359nXkR5UfeoCrwV...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQG_syimiWNPfwXuSDpaZaMZ5aWWJJqEn1VuUMi-jZ7sB5gsGOLlAfNblBa_5q8nb359nXkR5UfeoCrwV84I1vaOdvY2Iehrxvf&google_hm=hmVkj0wLS5YmQ...

170 B
188 B

36ms
36ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQG_syimiWNPfwXuSDpaZaMZ5aWWJJqEn1VuUMi-jZ7sB5gsGOLlAfNblBa_5q8nb359nXkR5UfeoCrwV84I1vaOdvY2Iehrxvf&google_hm=hmVkj0wLS5YmQa3_9Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65648F4C0B4B962641ADFFF5BLIS

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmQG_syimiWNPfwXuSDpaZaMZ5aWWJJqEn1VuUMi-jZ7sB5gsGOLlAfNblBa_5q8nb359nXkR5UfeoCrwV84I1vaOdvY2Iehrxvf&google_hm=hmVkj0wLS5YmQa3_9Q&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65648F4C0B4B962641ADFFF5BLIS
date: Mon, 27 Nov 2023 12:45:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2834
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFn_9xn470Jf9iHuytC4Q_I&google_cver=1&google_push=AXcoOmSFGx0LK4qbX29OAE7DK6aPho9ttzY4ANP-gZNinkfCjbuXDv-LaTgyadMIw8fPFZujE0lofhBcZ1H7tS...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNjEyMjA1NjM4MTg4ODY2NQ%3D%3D&google_push=AXcoOmSFGx0LK4qbX29OAE7DK6aPho9ttzY4ANP-gZNinkfCjbuXDv-LaTgyadMIw8fPFZujE0lofhBcZ1H7tSnIev...

170 B
188 B

34ms
34ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNjEyMjA1NjM4MTg4ODY2NQ%3D%3D&google_push=AXcoOmSFGx0LK4qbX29OAE7DK6aPho9ttzY4ANP-gZNinkfCjbuXDv-LaTgyadMIw8fPFZujE0lofhBcZ1H7tSnIevmT2bEGIC-8_gwr

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNjEyMjA1NjM4MTg4ODY2NQ%3D%3D&google_push=AXcoOmSFGx0LK4qbX29OAE7DK6aPho9ttzY4ANP-gZNinkfCjbuXDv-LaTgyadMIw8fPFZujE0lofhBcZ1H7tSnIevmT2bEGIC-8_gwr
Date: Mon, 27 Nov 2023 12:45:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 sync
x.bidswitch.net/ Frame 2834 43 B
145 B 25ms
24ms Image
image/gif 3.69.41.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIe4PO4pkgdqengliE_ae1I&google_cver=1&google_push=AXcoOmRuajBI4IFtb2EQo83cs68YF3DGm5IeGkEvcUz64LqrPKrSd1mcWTLcPlFuR_8179MUB5JJoC1foqT4Ks5xV_VTkIyPYuSDB22W
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=50&adk=3306574534&adf=750424724&pi=t.aa~a.315013902~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x50&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2223&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280%2C380x280%2C790x90%2C380x100&nras=7&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=2985&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.41.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-41-2.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2834
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEtK-0cQ03eiTcpjkT1qHw8&google_cver=1&google_push=AXcoOmRSq4putlmEv9t3u0twSlQ2JVBJtSES5TL12u3emDXFVf1HDL--Qv_eB04G9_jh5DMrNs1xiiQqadLj5vfLe7ZcE0f...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRSq4putlmEv9t3u0twSlQ2JVBJtSES5TL12u3emDXFVf1HDL--Qv_eB04G9_jh5DMrNs1xiiQqadLj5vfLe7ZcE0fwhRQ7sNKF&google_hm=eS1JYlRMT1dORTJwR2...

170 B
188 B

34ms
34ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRSq4putlmEv9t3u0twSlQ2JVBJtSES5TL12u3emDXFVf1HDL--Qv_eB04G9_jh5DMrNs1xiiQqadLj5vfLe7ZcE0fwhRQ7sNKF&google_hm=eS1JYlRMT1dORTJwR2VYUFhCQmI0Q0VPd1BsZHZ3WUZIcX5B

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 27 Nov 2023 12:45:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRSq4putlmEv9t3u0twSlQ2JVBJtSES5TL12u3emDXFVf1HDL--Qv_eB04G9_jh5DMrNs1xiiQqadLj5vfLe7ZcE0fwhRQ7sNKF&google_hm=eS1JYlRMT1dORTJwR2VYUFhCQmI0Q0VPd1BsZHZ3WUZIcX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2834
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJukwDpZxSiuyuknhQEfYBs&google_cver=1&google_push=AXcoOmQQCAS8OWf3x-niFLr_lYaUCLOnbJzxdtenedxzI5NNTHfwayhvb587Uu7qsOHehqLMO6jxjM0j9gCH...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQQCAS8OWf3x-niFLr_lYaUCLOnbJzxdtenedxzI5NNTHfwayhvb587Uu7qsOHehqLMO6jxjM0j9gCHeYTAyp3x8iRKt37Qi1An

170 B
188 B

36ms
36ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQQCAS8OWf3x-niFLr_lYaUCLOnbJzxdtenedxzI5NNTHfwayhvb587Uu7qsOHehqLMO6jxjM0j9gCHeYTAyp3x8iRKt37Qi1An

Requested by

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQQCAS8OWf3x-niFLr_lYaUCLOnbJzxdtenedxzI5NNTHfwayhvb587Uu7qsOHehqLMO6jxjM0j9gCHeYTAyp3x8iRKt37Qi1An
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2834 0
12 B 32ms
32ms Image
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LHAQy5r7p-pl58XFYblbcNxTKMINKrl-BLWbmKJ4pqJpwhaUrAgzQqmCzsgGT62w0WPV18

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 185F 115 KB
14 KB 38ms
37ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gffg43gkfxypmqn6zzbs6z85cpa07ta1hvd8ed604qfqa7gbr4yh7sn8gnyge7fgnrzg669gc5detfz7gwha982rhwnpn0ehcs9x4cb42r310aed1katqnsfpcq1q8qz7z485ebhgkzxeam2p18hxq2bvpt3r8b31vhrcbq5y3gs90qyrx7zwrd5ecwkj3mk9zy110dxbxp7zxqaand1zz2za5b7shr8rmdavq7kvz256xm3c0xxqj6cm6gf8pnggw90mxqvpfewk1hhrsmtxx9t5rb62gtcfyb7pgn19vt06y8n2bp58cq0xbkmjzx4vjjtnc4x48rgvm5jjeyqqamgggyb7nzhk3hk4e9zjwsv78881cszc6da00rgc0bqzakyndzs999apb0j98ry8kq0b7qqhwfgazn4qkwe8xxbb44es7wvhwxpwp2630s0x513a7w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeIOgTI9kZcveDbGpjuwPh-Ca4ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ-8f9UZ12yPqgDAcgDAqoE5gFP0Nf0jUaZ7fYpGCa_-DJGxyjEH4GYavx-E8MNNTAaqy6vrXS67KOO1uv8wNFiskQx3-w5NkzdYEJfdfBARg2siBbn3JFII0cRORTA5t4mMrlyXyljlxgw7NrVmU_4cAh3FAjYqmi37zFufL8rMB3G_zns8FFTsVysk1XArPN5G9kweKKwh1vD0lJhw-szjD3ckZ4tzrhtV5OwgqdbkGLNadEzJqDR57zWIQwXpEFlgAHw0aett6fr-xJlYNFenk-98uAZt4zfCPup7jAQB2_XCEHDdvkeuQoPdePd5XbYmLPyfUJM9IAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3AnTO8_oN7HXo2qnRclaWSuoGzDQ%26client%3Dca-pub-5152365778116488%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gffg43gkfxypmqn6zzbs6z85cpa07ta1hvd8ed604qfqa7gbr4yh7sn8gnyge7fgnrzg669gc5detfz7gwha982rhwnpn0ehcs9x4cb42r310aed1katqnsfpcq1q8qz7z485ebhgkzxeam2p18hxq2bvpt3r8b31vhrcbq5y3gs90qyrx7zwrd5ecwkj3mk9zy110dxbxp7zxqaand1zz2za5b7shr8rmdavq7kvz256xm3c0xxqj6cm6gf8pnggw90mxqvpfewk1hhrsmtxx9t5rb62gtcfyb7pgn19vt06y8n2bp58cq0xbkmjzx4vjjtnc4x48rgvm5jjeyqqamgggyb7nzhk3hk4e9zjwsv78881cszc6da00rgc0bqzakyndzs999apb0j98ry8kq0b7qqhwfgazn4qkwe8xxbb44es7wvhwxpwp2630s0x513a7w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeIOgTI9kZcveDbGpjuwPh-Ca4ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ-8f9UZ12yPqgDAcgDAqoE5gFP0Nf0jUaZ7fYpGCa_-DJGxyjEH4GYavx-E8MNNTAaqy6vrXS67KOO1uv8wNFiskQx3-w5NkzdYEJfdfBARg2siBbn3JFII0cRORTA5t4mMrlyXyljlxgw7NrVmU_4cAh3FAjYqmi37zFufL8rMB3G_zns8FFTsVysk1XArPN5G9kweKKwh1vD0lJhw-szjD3ckZ4tzrhtV5OwgqdbkGLNadEzJqDR57zWIQwXpEFlgAHw0aett6fr-xJlYNFenk-98uAZt4zfCPup7jAQB2_XCEHDdvkeuQoPdePd5XbYmLPyfUJM9IAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3AnTO8_oN7HXo2qnRclaWSuoGzDQ%26client%3Dca-pub-5152365778116488%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1230218
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPP%2FIybzz7z7bi7zUsXgU5xLTF1fc4mq0sFK2ai1VkKtIILElPVZ9POXdeEV8xRjjrzCgTT%2ByVnAZg%2BEmGv%2FkO%2FWCN7lIksi9WS5LzMOSbtShOAnAqLFjegTFR820Jk4OFDTUkRTu04%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 82ca7741bb0d1941-FRA
expires: Tue, 28 Nov 2023 12:45:01 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 185F 25 KB
10 KB 36ms
35ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gffg43gkfxypmqn6zzbs6z85cpa07ta1hvd8ed604qfqa7gbr4yh7sn8gnyge7fgnrzg669gc5detfz7gwha982rhwnpn0ehcs9x4cb42r310aed1katqnsfpcq1q8qz7z485ebhgkzxeam2p18hxq2bvpt3r8b31vhrcbq5y3gs90qyrx7zwrd5ecwkj3mk9zy110dxbxp7zxqaand1zz2za5b7shr8rmdavq7kvz256xm3c0xxqj6cm6gf8pnggw90mxqvpfewk1hhrsmtxx9t5rb62gtcfyb7pgn19vt06y8n2bp58cq0xbkmjzx4vjjtnc4x48rgvm5jjeyqqamgggyb7nzhk3hk4e9zjwsv78881cszc6da00rgc0bqzakyndzs999apb0j98ry8kq0b7qqhwfgazn4qkwe8xxbb44es7wvhwxpwp2630s0x513a7w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeIOgTI9kZcveDbGpjuwPh-Ca4ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ-8f9UZ12yPqgDAcgDAqoE5gFP0Nf0jUaZ7fYpGCa_-DJGxyjEH4GYavx-E8MNNTAaqy6vrXS67KOO1uv8wNFiskQx3-w5NkzdYEJfdfBARg2siBbn3JFII0cRORTA5t4mMrlyXyljlxgw7NrVmU_4cAh3FAjYqmi37zFufL8rMB3G_zns8FFTsVysk1XArPN5G9kweKKwh1vD0lJhw-szjD3ckZ4tzrhtV5OwgqdbkGLNadEzJqDR57zWIQwXpEFlgAHw0aett6fr-xJlYNFenk-98uAZt4zfCPup7jAQB2_XCEHDdvkeuQoPdePd5XbYmLPyfUJM9IAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3AnTO8_oN7HXo2qnRclaWSuoGzDQ%26client%3Dca-pub-5152365778116488%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 21823
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZbTNSXN7uz1QJjxhHlcagUpX%2BNHkkPL9C9IXM%2Fnsnz9PIjnZVmskNCFxCHH%2F%2FOsMV%2F%2F9ePbNpydjB%2FDpo%2F6BsfBHLpTjb%2Bx5j5Mknb2WkFEpPO4wN0RIRsd1IuegQWhgThJccto%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 82ca7741bb0f1941-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 27 Nov 2023 06:41:18 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame B305 9 KB
4 KB 48ms
48ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=3c0f5156b9aafecd8340941463cbc3ff%2F10510125924960658205&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101052&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkdajv4ekmhsm4hmgam67nq7e4hg0d8rd21dm4f2k65z5wvbfcvh9c2n7p93n5v3pz4bnpm1b9me1za08mrqg2c6ss5rs1sbmae7y42bsbwz1t96g84xc6kfdjdac0znz7c3wmmttg1w80xpvc9gb0zernjagkz9ffbgxc4xveysx46zafrw0k6xscnptncbz2ktes6hwbd931hkhyweqnjwasgavbs5qyvkyb3fp1heyrmpc77wzpq55nt4328zt327cz56hqd1x57ftaj35nb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckvDTI9kZZabDrGaiM0PuZyqiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQITD9A53FuyPqgDAcgDAqoE5wFP0H7u4BHzb-14igiIqEqH7ATlmrFNHmP7kRt3m0sW1bhB8pPrDxsRdOLWgzi-URrRAkOUi2wIyPC8wJVb4iZBGBD2EZfkRdOxj2JVlt_sMeIvHdDo-W-hRRSzkkPn8zYBPCRxTPlWLrelF03g9V2mBhOlDcXwJK4he8NsvIli1yQcRlmrYgXHDLR3TXC3CCdyM0jTMmVn0dbourktOKouUnMPc_-eyltTyh2Q1Tehi4DVCMkRspUcKAC6yBvKqgSHG_j0ZwNs4vEZDejEu3ZsNRcP-is3uBMBKxprF7_lfEXLiCBa0i2ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0_4nN4jhzknIrud0z0n962-0DwAQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cfead2ff24f62b768e6f48c05ac5b9f2cf18c5563bf3dbca4d8d96f5b2c6408

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gjpyy5ppk5fvzhvwreraxw43bjr7rv88e6hgqxv74ns3vkhyr35566sf4wpg036y0nwhm5v1wv7vjtz783fqasc8p0m8mcvccf4g1j1qf4s91h4e7ev5zwek2e5071y2kwsm1tnaj9pea9kvs09xmc5dfhj1g4vn350vkqnhdznge3d1rhvmnm26x3zng828at4xf9vxgd1e1a5dkdpsmhvj1pb6vtszaff1phsfey04hcsa9444pw8zgr5z6zpyb0zea3wv3nd7s68tfpjernp1bb70412akdf92kw7fkwd6xn9yyks715x3y0fj9z557g8ghqvkjp5ffqknasrdj23t25s6s6r0nqg49pjaw5e2seh3e71v2vckntnzv5kk73y79k6dxmkd3jexm2dpe4k4dh40wdsz6fp8zw6atks1esvs2b36b9p2dtb91ct4eq03zz44&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCckvDTI9kZZabDrGaiM0PuZyqiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQITD9A53FuyPqgDAcgDAqoE5wFP0H7u4BHzb-14igiIqEqH7ATlmrFNHmP7kRt3m0sW1bhB8pPrDxsRdOLWgzi-URrRAkOUi2wIyPC8wJVb4iZBGBD2EZfkRdOxj2JVlt_sMeIvHdDo-W-hRRSzkkPn8zYBPCRxTPlWLrelF03g9V2mBhOlDcXwJK4he8NsvIli1yQcRlmrYgXHDLR3TXC3CCdyM0jTMmVn0dbourktOKouUnMPc_-eyltTyh2Q1Tehi4DVCMkRspUcKAC6yBvKqgSHG_j0ZwNs4vEZDejEu3ZsNRcP-is3uBMBKxprF7_lfEXLiCBa0i2ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0_4nN4jhzknIrud0z0n962-0DwAQ%26client%3Dca-pub-5152365778116488%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82ca7741db511941-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:01 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 9C52 9 KB
4 KB 46ms
46ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6ccf069a5d0c35b960738c5355618f99%2F15605883553576715545&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7nb8b8rj8m9nwvq559mvf01btpgxj1rcxj68t55a2szggzsfvfbk2dz91gdnajje8epbwt8a6mw4f24bc9xwtxadcjpk8fpybvmetcefd408jwagpeegwyxk4kg44m28ry7qth4yd3tss9yj3d7cpafzgnw9rbm2509mh5trzn9saxrfs88905wj5qy5ngvgayyg9sna2d91am0348g0h6f8j3qqn6rqf0g09m9w7eccdpfy3nvn2tcz3a5wp3rg6serhmwz6js8ggv2xceptf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjRuVTI9kZaDCDcirjuwP8Kub-AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ6XmZ6uF-yPqgDAcgDAqoE5gFP0H7VfwwEGwcmNl7RvJu6TYmanaMCQbx6T54HLqT-Q5yKwCPIkXiKDYfSGgiHBjxhG7iDke2_hrDTTJBQpTZsumuzSPhyfCaN8Q0xGQaqc25vJ8_viVQaOZO8DkHmQTL9HikvDJnagSd4W3CHcA86-6UF7_E3-dycK6RfaQZhNhGPAmi3UWlvbQagUy60WMKIKe8ULwIHqNSeEi3WM0LFauZeOJk_fUhOljIvaLMic5c3xtQWLvKJK14YOz51eTeP58oKa5ctDSIr2Ice8RvqCrVmJHb1_tf6127B36fX1pAnPqfoU4AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-t2CIAPTeufXN-W8gHU9B44eWmQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f55b93870e0d0a7f8f05cee1c060ad5704edb1be7bd57a3dadcc4cacbdb1a4b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1h88963htt441p53x65p43xfhx0cnpxd9fxcsgayr0j8w17cc5tr35yn11p0vtn0vnyn0a5fj1dr958xfaxgk6k9mpn7dvs0n3y1bwyqkw6kqe2wh63q8603xta54xzvce0nf23s86v7yccv76dn764wf1v7w8b9ajhk9371qyqd1njjjtrn5kvvgvsqd8564dkpx3nfnkrqfz2b020x3j65jkxbyjjvt6nqhmgastcbh7ardbq3shkt2x39spsdgjsm9xegbyqk7qx2ytefqy8jhnp092cszw8tgq7ac6p4najh2wjbtnxcfpysk15d7adj1n4yar7z25gck3zbrdys6bqh8hchg4qkp12qzfe3nmbv2a8wv32fahrpbzd1419c6pcax018m18fx99krh0x5wq3hsfsma3vvqh7fwjw50x3b434prf649fem4r25f8bhj3v&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjRuVTI9kZaDCDcirjuwP8Kub-AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ6XmZ6uF-yPqgDAcgDAqoE5gFP0H7VfwwEGwcmNl7RvJu6TYmanaMCQbx6T54HLqT-Q5yKwCPIkXiKDYfSGgiHBjxhG7iDke2_hrDTTJBQpTZsumuzSPhyfCaN8Q0xGQaqc25vJ8_viVQaOZO8DkHmQTL9HikvDJnagSd4W3CHcA86-6UF7_E3-dycK6RfaQZhNhGPAmi3UWlvbQagUy60WMKIKe8ULwIHqNSeEi3WM0LFauZeOJk_fUhOljIvaLMic5c3xtQWLvKJK14YOz51eTeP58oKa5ctDSIr2Ice8RvqCrVmJHb1_tf6127B36fX1pAnPqfoU4AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1-t2CIAPTeufXN-W8gHU9B44eWmQ%26client%3Dca-pub-5152365778116488%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82ca7741eb5d1941-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:01 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 185F 350 B
667 B 35ms
35ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 606349
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYbJBL8U%2FMoC91vNJ9x21IYiRNZvu17344vwGvJcrzAccO6ge8FLkKGhEIR6o%2FSKV26iAnYJY6Z4P13U%2F9tOe1PQ18yZ7WalgNYSfkn5Xt1QcqE8%2BJ9MCmDDYZf61IllW6JxLS%2FbctvhfMKXveSpw4Ta"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82ca77421aec926b-FRA
expires: Tue, 19 Nov 2024 12:19:12 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 2F94 2 KB
2 KB 35ms
35ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1499397
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 82ca77421b9a1941-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 27 Nov 2023 12:45:01 GMT
expires: Fri, 10 Nov 2023 05:08:36 GMT
last-modified: Tue, 17 Oct 2023 09:43:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkG5jVXnTY6g7kLY5PMtnVDcka0iheA8DIBg%2BZmolPFFv4WkXQyySRb2HJe9weRicXk%2FCny8YISzKCGMn8QLXg%2BhShWTPHFNX0udPGm81cHHP%2BPoAoarGYSoxO4Cyb8WGEcCNGM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame B305 115 KB
14 KB 35ms
35ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=3c0f5156b9aafecd8340941463cbc3ff%2F10510125924960658205&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101052&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkdajv4ekmhsm4hmgam67nq7e4hg0d8rd21dm4f2k65z5wvbfcvh9c2n7p93n5v3pz4bnpm1b9me1za08mrqg2c6ss5rs1sbmae7y42bsbwz1t96g84xc6kfdjdac0znz7c3wmmttg1w80xpvc9gb0zernjagkz9ffbgxc4xveysx46zafrw0k6xscnptncbz2ktes6hwbd931hkhyweqnjwasgavbs5qyvkyb3fp1heyrmpc77wzpq55nt4328zt327cz56hqd1x57ftaj35nb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckvDTI9kZZabDrGaiM0PuZyqiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQITD9A53FuyPqgDAcgDAqoE5wFP0H7u4BHzb-14igiIqEqH7ATlmrFNHmP7kRt3m0sW1bhB8pPrDxsRdOLWgzi-URrRAkOUi2wIyPC8wJVb4iZBGBD2EZfkRdOxj2JVlt_sMeIvHdDo-W-hRRSzkkPn8zYBPCRxTPlWLrelF03g9V2mBhOlDcXwJK4he8NsvIli1yQcRlmrYgXHDLR3TXC3CCdyM0jTMmVn0dbourktOKouUnMPc_-eyltTyh2Q1Tehi4DVCMkRspUcKAC6yBvKqgSHG_j0ZwNs4vEZDejEu3ZsNRcP-is3uBMBKxprF7_lfEXLiCBa0i2ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0_4nN4jhzknIrud0z0n962-0DwAQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=3c0f5156b9aafecd8340941463cbc3ff%2F10510125924960658205&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101052&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkdajv4ekmhsm4hmgam67nq7e4hg0d8rd21dm4f2k65z5wvbfcvh9c2n7p93n5v3pz4bnpm1b9me1za08mrqg2c6ss5rs1sbmae7y42bsbwz1t96g84xc6kfdjdac0znz7c3wmmttg1w80xpvc9gb0zernjagkz9ffbgxc4xveysx46zafrw0k6xscnptncbz2ktes6hwbd931hkhyweqnjwasgavbs5qyvkyb3fp1heyrmpc77wzpq55nt4328zt327cz56hqd1x57ftaj35nb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckvDTI9kZZabDrGaiM0PuZyqiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQITD9A53FuyPqgDAcgDAqoE5wFP0H7u4BHzb-14igiIqEqH7ATlmrFNHmP7kRt3m0sW1bhB8pPrDxsRdOLWgzi-URrRAkOUi2wIyPC8wJVb4iZBGBD2EZfkRdOxj2JVlt_sMeIvHdDo-W-hRRSzkkPn8zYBPCRxTPlWLrelF03g9V2mBhOlDcXwJK4he8NsvIli1yQcRlmrYgXHDLR3TXC3CCdyM0jTMmVn0dbourktOKouUnMPc_-eyltTyh2Q1Tehi4DVCMkRspUcKAC6yBvKqgSHG_j0ZwNs4vEZDejEu3ZsNRcP-is3uBMBKxprF7_lfEXLiCBa0i2ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0_4nN4jhzknIrud0z0n962-0DwAQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1230218
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZE3GSPcYL0igIOU8APqp1A1lewOt4SGSaD%2FLUQisL%2BSmqWAlqCWoxpMDI2YR8p4gvUew5cyuOxNoWoz%2FYiPwIwJ8rIBQ4YKd5plcTZLZVdJvSSb6ire%2FeGzPGEBeTELXY8VYFjNZy7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 82ca77422bb21941-FRA
expires: Tue, 28 Nov 2023 12:45:01 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame B305 9 KB
9 KB 82ms
60ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=3c0f5156b9aafecd8340941463cbc3ff%2F10510125924960658205&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101052&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkdajv4ekmhsm4hmgam67nq7e4hg0d8rd21dm4f2k65z5wvbfcvh9c2n7p93n5v3pz4bnpm1b9me1za08mrqg2c6ss5rs1sbmae7y42bsbwz1t96g84xc6kfdjdac0znz7c3wmmttg1w80xpvc9gb0zernjagkz9ffbgxc4xveysx46zafrw0k6xscnptncbz2ktes6hwbd931hkhyweqnjwasgavbs5qyvkyb3fp1heyrmpc77wzpq55nt4328zt327cz56hqd1x57ftaj35nb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckvDTI9kZZabDrGaiM0PuZyqiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQITD9A53FuyPqgDAcgDAqoE5wFP0H7u4BHzb-14igiIqEqH7ATlmrFNHmP7kRt3m0sW1bhB8pPrDxsRdOLWgzi-URrRAkOUi2wIyPC8wJVb4iZBGBD2EZfkRdOxj2JVlt_sMeIvHdDo-W-hRRSzkkPn8zYBPCRxTPlWLrelF03g9V2mBhOlDcXwJK4he8NsvIli1yQcRlmrYgXHDLR3TXC3CCdyM0jTMmVn0dbourktOKouUnMPc_-eyltTyh2Q1Tehi4DVCMkRspUcKAC6yBvKqgSHG_j0ZwNs4vEZDejEu3ZsNRcP-is3uBMBKxprF7_lfEXLiCBa0i2ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0_4nN4jhzknIrud0z0n962-0DwAQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1229261
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12lem5%2FV76NdrTXmCOkLy7yhadCsZjt7OvG%2FT%2FMom8HbCpTKaBg%2B%2FZGg2cz%2B5kZO7p1LfCXB0OpfHGy9h%2F7bAEpMI31pIBnEcMsOY%2BZ1qKl7K4RisajuycceSAOvLw1kzO91sPy7HG6yKluU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82ca77425bdf994b-FRA

GET
H2 200 60E988674A375A0D248F79BE73B17558F6DE13BA7BD626BA3ECE3CE45F1E8D4E2A797E05335FDF754A97E81953DCE8924DA57CE77B35FA4F8DC239219DA96769
assets.ad4m.at/ Frame B305 28 KB
29 KB 86ms
64ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/60E988674A375A0D248F79BE73B17558F6DE13BA7BD626BA3ECE3CE45F1E8D4E2A797E05335FDF754A97E81953DCE8924DA57CE77B35FA4F8DC239219DA96769
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=3c0f5156b9aafecd8340941463cbc3ff%2F10510125924960658205&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101052&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkdajv4ekmhsm4hmgam67nq7e4hg0d8rd21dm4f2k65z5wvbfcvh9c2n7p93n5v3pz4bnpm1b9me1za08mrqg2c6ss5rs1sbmae7y42bsbwz1t96g84xc6kfdjdac0znz7c3wmmttg1w80xpvc9gb0zernjagkz9ffbgxc4xveysx46zafrw0k6xscnptncbz2ktes6hwbd931hkhyweqnjwasgavbs5qyvkyb3fp1heyrmpc77wzpq55nt4328zt327cz56hqd1x57ftaj35nb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckvDTI9kZZabDrGaiM0PuZyqiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQITD9A53FuyPqgDAcgDAqoE5wFP0H7u4BHzb-14igiIqEqH7ATlmrFNHmP7kRt3m0sW1bhB8pPrDxsRdOLWgzi-URrRAkOUi2wIyPC8wJVb4iZBGBD2EZfkRdOxj2JVlt_sMeIvHdDo-W-hRRSzkkPn8zYBPCRxTPlWLrelF03g9V2mBhOlDcXwJK4he8NsvIli1yQcRlmrYgXHDLR3TXC3CCdyM0jTMmVn0dbourktOKouUnMPc_-eyltTyh2Q1Tehi4DVCMkRspUcKAC6yBvKqgSHG_j0ZwNs4vEZDejEu3ZsNRcP-is3uBMBKxprF7_lfEXLiCBa0i2ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0_4nN4jhzknIrud0z0n962-0DwAQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0471f27843ee42d45cf9b749a57ec4bbc26dd40f961989ed7cfe4e0f24ea6fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1233071
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 28958
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:06:38 GMT
server: cloudflare
etag: "346e75cff96234b45fe664b527c7c88d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhEPXeHey2Rqx719OdnwVsS%2FrVDI1Z0NgrlXuT6Y7InkzFAhgQd0BDaBmDyO6zBVCroda9PaXrnFOXUuKMWArpyDxn9q3IhTIycCc8olqj3hPxqNmHLEINHlY9Kjgqhw8reQ7EulvuSCPUt5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82ca77425be0994b-FRA

GET
H2

200

view.aspx
pb.media01.eu/ Frame B305
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=87911...

0
201 B

160ms
94ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=3c0f5156b9aafecd8340941463cbc3ff%2F10510125924960658205&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101052&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkdajv4ekmhsm4hmgam67nq7e4hg0d8rd21dm4f2k65z5wvbfcvh9c2n7p93n5v3pz4bnpm1b9me1za08mrqg2c6ss5rs1sbmae7y42bsbwz1t96g84xc6kfdjdac0znz7c3wmmttg1w80xpvc9gb0zernjagkz9ffbgxc4xveysx46zafrw0k6xscnptncbz2ktes6hwbd931hkhyweqnjwasgavbs5qyvkyb3fp1heyrmpc77wzpq55nt4328zt327cz56hqd1x57ftaj35nb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckvDTI9kZZabDrGaiM0PuZyqiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQITD9A53FuyPqgDAcgDAqoE5wFP0H7u4BHzb-14igiIqEqH7ATlmrFNHmP7kRt3m0sW1bhB8pPrDxsRdOLWgzi-URrRAkOUi2wIyPC8wJVb4iZBGBD2EZfkRdOxj2JVlt_sMeIvHdDo-W-hRRSzkkPn8zYBPCRxTPlWLrelF03g9V2mBhOlDcXwJK4he8NsvIli1yQcRlmrYgXHDLR3TXC3CCdyM0jTMmVn0dbourktOKouUnMPc_-eyltTyh2Q1Tehi4DVCMkRspUcKAC6yBvKqgSHG_j0ZwNs4vEZDejEu3ZsNRcP-is3uBMBKxprF7_lfEXLiCBa0i2ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0_4nN4jhzknIrud0z0n962-0DwAQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 27 Nov 2023 01:45:00 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 27 Nov 2023 12:45:01 GMT
strict-transport-security: max-age=15768000
x-iplb-instance: 40028
content-length: 0
proxy-host: pv.medialead.de
attribution-reporting-register-source: {"source_event_id":"17200573720104426","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: D972DA16:8F28_91EFC182:01BB_65648F4D_82E3587:1A429
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidbk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQPoneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=879111&produktid=ratenkredit&dt_url=
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame B305 4 KB
5 KB 62ms
40ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=3c0f5156b9aafecd8340941463cbc3ff%2F10510125924960658205&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101052&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkdajv4ekmhsm4hmgam67nq7e4hg0d8rd21dm4f2k65z5wvbfcvh9c2n7p93n5v3pz4bnpm1b9me1za08mrqg2c6ss5rs1sbmae7y42bsbwz1t96g84xc6kfdjdac0znz7c3wmmttg1w80xpvc9gb0zernjagkz9ffbgxc4xveysx46zafrw0k6xscnptncbz2ktes6hwbd931hkhyweqnjwasgavbs5qyvkyb3fp1heyrmpc77wzpq55nt4328zt327cz56hqd1x57ftaj35nb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckvDTI9kZZabDrGaiM0PuZyqiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQITD9A53FuyPqgDAcgDAqoE5wFP0H7u4BHzb-14igiIqEqH7ATlmrFNHmP7kRt3m0sW1bhB8pPrDxsRdOLWgzi-URrRAkOUi2wIyPC8wJVb4iZBGBD2EZfkRdOxj2JVlt_sMeIvHdDo-W-hRRSzkkPn8zYBPCRxTPlWLrelF03g9V2mBhOlDcXwJK4he8NsvIli1yQcRlmrYgXHDLR3TXC3CCdyM0jTMmVn0dbourktOKouUnMPc_-eyltTyh2Q1Tehi4DVCMkRspUcKAC6yBvKqgSHG_j0ZwNs4vEZDejEu3ZsNRcP-is3uBMBKxprF7_lfEXLiCBa0i2ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0_4nN4jhzknIrud0z0n962-0DwAQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 486614
cf-polished: qual=85, origFmt=jpeg, origSize=7258
alt-svc: h3=":443"; ma=86400
content-length: 4294
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 09:56:16 GMT
server: cloudflare
etag: "679602b08629bcaaabfcfad4e68fe53a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNswOWUb3l9KsgEYUtLbc2KH3T2F92tdQ241ALP%2FMGk1zZudbXNUQEoEx5z0sR0Ujeb8RwfCYXUcfg6qquq7bNJdItt8tEFEnhuo5CJpl8PLj6iFUgluyWZHP3Nk%2BemrCpp0fSQWngkE%2BNEa"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82ca77425be1994b-FRA

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame B305 15 KB
16 KB 59ms
37ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=3c0f5156b9aafecd8340941463cbc3ff%2F10510125924960658205&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101052&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkdajv4ekmhsm4hmgam67nq7e4hg0d8rd21dm4f2k65z5wvbfcvh9c2n7p93n5v3pz4bnpm1b9me1za08mrqg2c6ss5rs1sbmae7y42bsbwz1t96g84xc6kfdjdac0znz7c3wmmttg1w80xpvc9gb0zernjagkz9ffbgxc4xveysx46zafrw0k6xscnptncbz2ktes6hwbd931hkhyweqnjwasgavbs5qyvkyb3fp1heyrmpc77wzpq55nt4328zt327cz56hqd1x57ftaj35nb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckvDTI9kZZabDrGaiM0PuZyqiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQITD9A53FuyPqgDAcgDAqoE5wFP0H7u4BHzb-14igiIqEqH7ATlmrFNHmP7kRt3m0sW1bhB8pPrDxsRdOLWgzi-URrRAkOUi2wIyPC8wJVb4iZBGBD2EZfkRdOxj2JVlt_sMeIvHdDo-W-hRRSzkkPn8zYBPCRxTPlWLrelF03g9V2mBhOlDcXwJK4he8NsvIli1yQcRlmrYgXHDLR3TXC3CCdyM0jTMmVn0dbourktOKouUnMPc_-eyltTyh2Q1Tehi4DVCMkRspUcKAC6yBvKqgSHG_j0ZwNs4vEZDejEu3ZsNRcP-is3uBMBKxprF7_lfEXLiCBa0i2ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0_4nN4jhzknIrud0z0n962-0DwAQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1571708
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 15521
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:09:52 GMT
server: cloudflare
etag: "269bd58060bc660c3aec98b388bae571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dg8MedKPt944JFK5bI3pkcE2m56iRU%2BqjYfKjRyoJr4h45ujsVHc68MTpdV1e%2BV6c7CAcIEMhXta%2FMsJpm%2BvICo2npmOpfotTSV%2BunFIyUHYrX%2F0NfVcNVQpSsMQET%2FE3KBAsJ%2BVk%2FRj70Jz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82ca77424bdd994b-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame B305 43 B
705 B 193ms
116ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Nov 2023 12:45:01 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame B305 2 KB
2 KB 60ms
39ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=3c0f5156b9aafecd8340941463cbc3ff%2F10510125924960658205&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101052&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkdajv4ekmhsm4hmgam67nq7e4hg0d8rd21dm4f2k65z5wvbfcvh9c2n7p93n5v3pz4bnpm1b9me1za08mrqg2c6ss5rs1sbmae7y42bsbwz1t96g84xc6kfdjdac0znz7c3wmmttg1w80xpvc9gb0zernjagkz9ffbgxc4xveysx46zafrw0k6xscnptncbz2ktes6hwbd931hkhyweqnjwasgavbs5qyvkyb3fp1heyrmpc77wzpq55nt4328zt327cz56hqd1x57ftaj35nb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckvDTI9kZZabDrGaiM0PuZyqiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQITD9A53FuyPqgDAcgDAqoE5wFP0H7u4BHzb-14igiIqEqH7ATlmrFNHmP7kRt3m0sW1bhB8pPrDxsRdOLWgzi-URrRAkOUi2wIyPC8wJVb4iZBGBD2EZfkRdOxj2JVlt_sMeIvHdDo-W-hRRSzkkPn8zYBPCRxTPlWLrelF03g9V2mBhOlDcXwJK4he8NsvIli1yQcRlmrYgXHDLR3TXC3CCdyM0jTMmVn0dbourktOKouUnMPc_-eyltTyh2Q1Tehi4DVCMkRspUcKAC6yBvKqgSHG_j0ZwNs4vEZDejEu3ZsNRcP-is3uBMBKxprF7_lfEXLiCBa0i2ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0_4nN4jhzknIrud0z0n962-0DwAQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 482856
cf-polished: origFmt=png, origSize=2170
alt-svc: h3=":443"; ma=86400
content-length: 1662
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Nov 2023 08:38:25 GMT
server: cloudflare
etag: "4721aa7c2d5fa652c8092463f9a485bd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XH5PNn5iAPKRtwZHt6fOd2e88IpKbQfaylg%2Fg3kYOIap7W3EflMUK5fxcY6%2BDIkBgf6HgryVuFheSjxg0pJT2zzgK8nAAzfubzCZeqGevvdaY9h7m2YeYsB1dUDerut4QNHMmsOS%2FFcd4jbb"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82ca77424bdc994b-FRA

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame B305 23 KB
23 KB 82ms
61ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C19769%2C117569&b=bk8aQfZfeDWSYHbHztKt1d8fbSJTMMZHKqQP%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=3qjcpf4fkY8T7HrHAtXC1E7fPSWTKKMsg2Y3%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=3c0f5156b9aafecd8340941463cbc3ff%2F10510125924960658205&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101052&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hkdajv4ekmhsm4hmgam67nq7e4hg0d8rd21dm4f2k65z5wvbfcvh9c2n7p93n5v3pz4bnpm1b9me1za08mrqg2c6ss5rs1sbmae7y42bsbwz1t96g84xc6kfdjdac0znz7c3wmmttg1w80xpvc9gb0zernjagkz9ffbgxc4xveysx46zafrw0k6xscnptncbz2ktes6hwbd931hkhyweqnjwasgavbs5qyvkyb3fp1heyrmpc77wzpq55nt4328zt327cz56hqd1x57ftaj35nb%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCckvDTI9kZZabDrGaiM0PuZyqiA-Q4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQITD9A53FuyPqgDAcgDAqoE5wFP0H7u4BHzb-14igiIqEqH7ATlmrFNHmP7kRt3m0sW1bhB8pPrDxsRdOLWgzi-URrRAkOUi2wIyPC8wJVb4iZBGBD2EZfkRdOxj2JVlt_sMeIvHdDo-W-hRRSzkkPn8zYBPCRxTPlWLrelF03g9V2mBhOlDcXwJK4he8NsvIli1yQcRlmrYgXHDLR3TXC3CCdyM0jTMmVn0dbourktOKouUnMPc_-eyltTyh2Q1Tehi4DVCMkRspUcKAC6yBvKqgSHG_j0ZwNs4vEZDejEu3ZsNRcP-is3uBMBKxprF7_lfEXLiCBa0i2ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0_4nN4jhzknIrud0z0n962-0DwAQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1247516
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 23392
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:08:23 GMT
server: cloudflare
etag: "faa9f958d13ef03f911b71f117846705"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jg3IXIwVuEeDG4oQmIYi%2BOyNYJiic2X4I7QF7TrJbrmSh6j4CLPlbKiRKy%2FOz%2B9LuBRyibpWiOPrBuXWW8OV%2FYambLvI6T4V%2FNz5uA%2FasbPLPn0qgpogAmjAseWXsRdRTM%2BDuYSUIofMdQT5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82ca77425be9994b-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame B305 43 B
705 B 185ms
106ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Nov 2023 12:45:01 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 9C52 115 KB
14 KB 36ms
36ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6ccf069a5d0c35b960738c5355618f99%2F15605883553576715545&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7nb8b8rj8m9nwvq559mvf01btpgxj1rcxj68t55a2szggzsfvfbk2dz91gdnajje8epbwt8a6mw4f24bc9xwtxadcjpk8fpybvmetcefd408jwagpeegwyxk4kg44m28ry7qth4yd3tss9yj3d7cpafzgnw9rbm2509mh5trzn9saxrfs88905wj5qy5ngvgayyg9sna2d91am0348g0h6f8j3qqn6rqf0g09m9w7eccdpfy3nvn2tcz3a5wp3rg6serhmwz6js8ggv2xceptf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjRuVTI9kZaDCDcirjuwP8Kub-AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ6XmZ6uF-yPqgDAcgDAqoE5gFP0H7VfwwEGwcmNl7RvJu6TYmanaMCQbx6T54HLqT-Q5yKwCPIkXiKDYfSGgiHBjxhG7iDke2_hrDTTJBQpTZsumuzSPhyfCaN8Q0xGQaqc25vJ8_viVQaOZO8DkHmQTL9HikvDJnagSd4W3CHcA86-6UF7_E3-dycK6RfaQZhNhGPAmi3UWlvbQagUy60WMKIKe8ULwIHqNSeEi3WM0LFauZeOJk_fUhOljIvaLMic5c3xtQWLvKJK14YOz51eTeP58oKa5ctDSIr2Ice8RvqCrVmJHb1_tf6127B36fX1pAnPqfoU4AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-t2CIAPTeufXN-W8gHU9B44eWmQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6ccf069a5d0c35b960738c5355618f99%2F15605883553576715545&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7nb8b8rj8m9nwvq559mvf01btpgxj1rcxj68t55a2szggzsfvfbk2dz91gdnajje8epbwt8a6mw4f24bc9xwtxadcjpk8fpybvmetcefd408jwagpeegwyxk4kg44m28ry7qth4yd3tss9yj3d7cpafzgnw9rbm2509mh5trzn9saxrfs88905wj5qy5ngvgayyg9sna2d91am0348g0h6f8j3qqn6rqf0g09m9w7eccdpfy3nvn2tcz3a5wp3rg6serhmwz6js8ggv2xceptf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjRuVTI9kZaDCDcirjuwP8Kub-AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ6XmZ6uF-yPqgDAcgDAqoE5gFP0H7VfwwEGwcmNl7RvJu6TYmanaMCQbx6T54HLqT-Q5yKwCPIkXiKDYfSGgiHBjxhG7iDke2_hrDTTJBQpTZsumuzSPhyfCaN8Q0xGQaqc25vJ8_viVQaOZO8DkHmQTL9HikvDJnagSd4W3CHcA86-6UF7_E3-dycK6RfaQZhNhGPAmi3UWlvbQagUy60WMKIKe8ULwIHqNSeEi3WM0LFauZeOJk_fUhOljIvaLMic5c3xtQWLvKJK14YOz51eTeP58oKa5ctDSIr2Ice8RvqCrVmJHb1_tf6127B36fX1pAnPqfoU4AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-t2CIAPTeufXN-W8gHU9B44eWmQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1230218
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t40a5ur%2BgVF%2BktT8JD5nId3PAXXH7wdiiVUQwZoilbF%2BZoosF9bSwBe%2Fc%2BD8mFcb5O0c5h6zo36e2MvyFOwoFwoR0HwLm7XIgwnBKFITeDgkfiLgiLbgzlzk4H386GG0ErzSaS6aP%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 82ca77423bc51941-FRA
expires: Tue, 28 Nov 2023 12:45:01 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 9C52 9 KB
9 KB 57ms
42ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6ccf069a5d0c35b960738c5355618f99%2F15605883553576715545&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7nb8b8rj8m9nwvq559mvf01btpgxj1rcxj68t55a2szggzsfvfbk2dz91gdnajje8epbwt8a6mw4f24bc9xwtxadcjpk8fpybvmetcefd408jwagpeegwyxk4kg44m28ry7qth4yd3tss9yj3d7cpafzgnw9rbm2509mh5trzn9saxrfs88905wj5qy5ngvgayyg9sna2d91am0348g0h6f8j3qqn6rqf0g09m9w7eccdpfy3nvn2tcz3a5wp3rg6serhmwz6js8ggv2xceptf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjRuVTI9kZaDCDcirjuwP8Kub-AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ6XmZ6uF-yPqgDAcgDAqoE5gFP0H7VfwwEGwcmNl7RvJu6TYmanaMCQbx6T54HLqT-Q5yKwCPIkXiKDYfSGgiHBjxhG7iDke2_hrDTTJBQpTZsumuzSPhyfCaN8Q0xGQaqc25vJ8_viVQaOZO8DkHmQTL9HikvDJnagSd4W3CHcA86-6UF7_E3-dycK6RfaQZhNhGPAmi3UWlvbQagUy60WMKIKe8ULwIHqNSeEi3WM0LFauZeOJk_fUhOljIvaLMic5c3xtQWLvKJK14YOz51eTeP58oKa5ctDSIr2Ice8RvqCrVmJHb1_tf6127B36fX1pAnPqfoU4AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-t2CIAPTeufXN-W8gHU9B44eWmQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1229261
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StxCeFVLtVqC1V01Su2UJ3frLYnrdE9UoMqbghFXIeoiAwRtJL5dLaeHCrLbwqFBWvNYogushydYWEDPIq8oA6r5aNCuGgadP0VPci9iyAb0%2F2BsxMrV1fM9ku28MFf%2FiHxeLuQiuMozTiYA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82ca77425be8994b-FRA

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 9C52 4 KB
5 KB 77ms
63ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6ccf069a5d0c35b960738c5355618f99%2F15605883553576715545&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7nb8b8rj8m9nwvq559mvf01btpgxj1rcxj68t55a2szggzsfvfbk2dz91gdnajje8epbwt8a6mw4f24bc9xwtxadcjpk8fpybvmetcefd408jwagpeegwyxk4kg44m28ry7qth4yd3tss9yj3d7cpafzgnw9rbm2509mh5trzn9saxrfs88905wj5qy5ngvgayyg9sna2d91am0348g0h6f8j3qqn6rqf0g09m9w7eccdpfy3nvn2tcz3a5wp3rg6serhmwz6js8ggv2xceptf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjRuVTI9kZaDCDcirjuwP8Kub-AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ6XmZ6uF-yPqgDAcgDAqoE5gFP0H7VfwwEGwcmNl7RvJu6TYmanaMCQbx6T54HLqT-Q5yKwCPIkXiKDYfSGgiHBjxhG7iDke2_hrDTTJBQpTZsumuzSPhyfCaN8Q0xGQaqc25vJ8_viVQaOZO8DkHmQTL9HikvDJnagSd4W3CHcA86-6UF7_E3-dycK6RfaQZhNhGPAmi3UWlvbQagUy60WMKIKe8ULwIHqNSeEi3WM0LFauZeOJk_fUhOljIvaLMic5c3xtQWLvKJK14YOz51eTeP58oKa5ctDSIr2Ice8RvqCrVmJHb1_tf6127B36fX1pAnPqfoU4AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-t2CIAPTeufXN-W8gHU9B44eWmQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 486614
cf-polished: qual=85, origFmt=jpeg, origSize=7258
alt-svc: h3=":443"; ma=86400
content-length: 4294
cf-bgj: imgq:85,h2pri
last-modified: Wed, 01 Nov 2023 09:56:16 GMT
server: cloudflare
etag: "679602b08629bcaaabfcfad4e68fe53a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6C%2B5%2BXyjPJCiylukTWfBMnsFH9BZka7XZKChrmpvzICqk9Js345dfW0EquFD1Uq8KcGCTIoOQtt%2F5Sh%2BSMsGXhwZEJ7DwLNaie6q%2BbTFxhEWgGG51B3SWJfgxXeSZdY9GrdF7BNWKqWcMFrA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82ca77427c09994b-FRA

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 9C52 15 KB
15 KB 57ms
43ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6ccf069a5d0c35b960738c5355618f99%2F15605883553576715545&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7nb8b8rj8m9nwvq559mvf01btpgxj1rcxj68t55a2szggzsfvfbk2dz91gdnajje8epbwt8a6mw4f24bc9xwtxadcjpk8fpybvmetcefd408jwagpeegwyxk4kg44m28ry7qth4yd3tss9yj3d7cpafzgnw9rbm2509mh5trzn9saxrfs88905wj5qy5ngvgayyg9sna2d91am0348g0h6f8j3qqn6rqf0g09m9w7eccdpfy3nvn2tcz3a5wp3rg6serhmwz6js8ggv2xceptf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjRuVTI9kZaDCDcirjuwP8Kub-AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ6XmZ6uF-yPqgDAcgDAqoE5gFP0H7VfwwEGwcmNl7RvJu6TYmanaMCQbx6T54HLqT-Q5yKwCPIkXiKDYfSGgiHBjxhG7iDke2_hrDTTJBQpTZsumuzSPhyfCaN8Q0xGQaqc25vJ8_viVQaOZO8DkHmQTL9HikvDJnagSd4W3CHcA86-6UF7_E3-dycK6RfaQZhNhGPAmi3UWlvbQagUy60WMKIKe8ULwIHqNSeEi3WM0LFauZeOJk_fUhOljIvaLMic5c3xtQWLvKJK14YOz51eTeP58oKa5ctDSIr2Ice8RvqCrVmJHb1_tf6127B36fX1pAnPqfoU4AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-t2CIAPTeufXN-W8gHU9B44eWmQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1571708
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 15521
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:09:52 GMT
server: cloudflare
etag: "269bd58060bc660c3aec98b388bae571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zt5xRNC0sDj7hPhkmovMdoC73jAK4CNOJZpd8cEQsZtzdPimiTAN7xsVJ5Ja2FQpt0zTxd9bH%2FiKzut3UIvwileaHNkFj5WChiQQQvf0QJkle%2FNFvbosvRofkeOshsgjIr4gQS16B9N%2F2For"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82ca77425bea994b-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9C52 43 B
705 B 242ms
182ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6ccf069a5d0c35b960738c5355618f99%2F15605883553576715545&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7nb8b8rj8m9nwvq559mvf01btpgxj1rcxj68t55a2szggzsfvfbk2dz91gdnajje8epbwt8a6mw4f24bc9xwtxadcjpk8fpybvmetcefd408jwagpeegwyxk4kg44m28ry7qth4yd3tss9yj3d7cpafzgnw9rbm2509mh5trzn9saxrfs88905wj5qy5ngvgayyg9sna2d91am0348g0h6f8j3qqn6rqf0g09m9w7eccdpfy3nvn2tcz3a5wp3rg6serhmwz6js8ggv2xceptf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjRuVTI9kZaDCDcirjuwP8Kub-AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ6XmZ6uF-yPqgDAcgDAqoE5gFP0H7VfwwEGwcmNl7RvJu6TYmanaMCQbx6T54HLqT-Q5yKwCPIkXiKDYfSGgiHBjxhG7iDke2_hrDTTJBQpTZsumuzSPhyfCaN8Q0xGQaqc25vJ8_viVQaOZO8DkHmQTL9HikvDJnagSd4W3CHcA86-6UF7_E3-dycK6RfaQZhNhGPAmi3UWlvbQagUy60WMKIKe8ULwIHqNSeEi3WM0LFauZeOJk_fUhOljIvaLMic5c3xtQWLvKJK14YOz51eTeP58oKa5ctDSIr2Ice8RvqCrVmJHb1_tf6127B36fX1pAnPqfoU4AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-t2CIAPTeufXN-W8gHU9B44eWmQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Nov 2023 12:45:01 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 9C52 2 KB
2 KB 56ms
41ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6ccf069a5d0c35b960738c5355618f99%2F15605883553576715545&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7nb8b8rj8m9nwvq559mvf01btpgxj1rcxj68t55a2szggzsfvfbk2dz91gdnajje8epbwt8a6mw4f24bc9xwtxadcjpk8fpybvmetcefd408jwagpeegwyxk4kg44m28ry7qth4yd3tss9yj3d7cpafzgnw9rbm2509mh5trzn9saxrfs88905wj5qy5ngvgayyg9sna2d91am0348g0h6f8j3qqn6rqf0g09m9w7eccdpfy3nvn2tcz3a5wp3rg6serhmwz6js8ggv2xceptf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjRuVTI9kZaDCDcirjuwP8Kub-AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ6XmZ6uF-yPqgDAcgDAqoE5gFP0H7VfwwEGwcmNl7RvJu6TYmanaMCQbx6T54HLqT-Q5yKwCPIkXiKDYfSGgiHBjxhG7iDke2_hrDTTJBQpTZsumuzSPhyfCaN8Q0xGQaqc25vJ8_viVQaOZO8DkHmQTL9HikvDJnagSd4W3CHcA86-6UF7_E3-dycK6RfaQZhNhGPAmi3UWlvbQagUy60WMKIKe8ULwIHqNSeEi3WM0LFauZeOJk_fUhOljIvaLMic5c3xtQWLvKJK14YOz51eTeP58oKa5ctDSIr2Ice8RvqCrVmJHb1_tf6127B36fX1pAnPqfoU4AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-t2CIAPTeufXN-W8gHU9B44eWmQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 482856
cf-polished: origFmt=png, origSize=2170
alt-svc: h3=":443"; ma=86400
content-length: 1662
cf-bgj: imgq:85,h2pri
last-modified: Mon, 13 Nov 2023 08:38:25 GMT
server: cloudflare
etag: "4721aa7c2d5fa652c8092463f9a485bd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWyW1nGRmExTR5R%2FWWxBtBNzFKYzPXFPAmqk3TLsxMVpOa03%2BZXt3nWdAZq5Ht8YhM5g6xuHaNilrLH5nkE%2F3ftGz3JMsPap%2B53H9eXJhSaz%2BaTQzRw%2Frw1IiFd9NtGdvqH5CS%2FeqsTWalFA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82ca77425be5994b-FRA

GET
H2 200 B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 9C52 23 KB
23 KB 58ms
44ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6ccf069a5d0c35b960738c5355618f99%2F15605883553576715545&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7nb8b8rj8m9nwvq559mvf01btpgxj1rcxj68t55a2szggzsfvfbk2dz91gdnajje8epbwt8a6mw4f24bc9xwtxadcjpk8fpybvmetcefd408jwagpeegwyxk4kg44m28ry7qth4yd3tss9yj3d7cpafzgnw9rbm2509mh5trzn9saxrfs88905wj5qy5ngvgayyg9sna2d91am0348g0h6f8j3qqn6rqf0g09m9w7eccdpfy3nvn2tcz3a5wp3rg6serhmwz6js8ggv2xceptf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjRuVTI9kZaDCDcirjuwP8Kub-AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ6XmZ6uF-yPqgDAcgDAqoE5gFP0H7VfwwEGwcmNl7RvJu6TYmanaMCQbx6T54HLqT-Q5yKwCPIkXiKDYfSGgiHBjxhG7iDke2_hrDTTJBQpTZsumuzSPhyfCaN8Q0xGQaqc25vJ8_viVQaOZO8DkHmQTL9HikvDJnagSd4W3CHcA86-6UF7_E3-dycK6RfaQZhNhGPAmi3UWlvbQagUy60WMKIKe8ULwIHqNSeEi3WM0LFauZeOJk_fUhOljIvaLMic5c3xtQWLvKJK14YOz51eTeP58oKa5ctDSIr2Ice8RvqCrVmJHb1_tf6127B36fX1pAnPqfoU4AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-t2CIAPTeufXN-W8gHU9B44eWmQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1247516
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 23392
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:08:23 GMT
server: cloudflare
etag: "faa9f958d13ef03f911b71f117846705"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1yT6BRyoNIjNT4VTbHUpP2Nrc2%2B024vLpJolkqDsIVqzL9DIWPdwGmfDdN7oqe4MTszuW%2FldOQbq1q%2BGpfsdEZql8imAIDWcWvzk2Kbd%2FxZ83QSMyEjeSvj1clp9qPHXdcFyyZdq%2BRcCm36"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82ca77425be3994b-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9C52 43 B
705 B 171ms
112ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Nov 2023 12:45:01 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
assets.ad4m.at/ Frame 9C52 32 KB
33 KB 77ms
63ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6ccf069a5d0c35b960738c5355618f99%2F15605883553576715545&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101059&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g7nb8b8rj8m9nwvq559mvf01btpgxj1rcxj68t55a2szggzsfvfbk2dz91gdnajje8epbwt8a6mw4f24bc9xwtxadcjpk8fpybvmetcefd408jwagpeegwyxk4kg44m28ry7qth4yd3tss9yj3d7cpafzgnw9rbm2509mh5trzn9saxrfs88905wj5qy5ngvgayyg9sna2d91am0348g0h6f8j3qqn6rqf0g09m9w7eccdpfy3nvn2tcz3a5wp3rg6serhmwz6js8ggv2xceptf%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCjRuVTI9kZaDCDcirjuwP8Kub-AWQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ6XmZ6uF-yPqgDAcgDAqoE5gFP0H7VfwwEGwcmNl7RvJu6TYmanaMCQbx6T54HLqT-Q5yKwCPIkXiKDYfSGgiHBjxhG7iDke2_hrDTTJBQpTZsumuzSPhyfCaN8Q0xGQaqc25vJ8_viVQaOZO8DkHmQTL9HikvDJnagSd4W3CHcA86-6UF7_E3-dycK6RfaQZhNhGPAmi3UWlvbQagUy60WMKIKe8ULwIHqNSeEi3WM0LFauZeOJk_fUhOljIvaLMic5c3xtQWLvKJK14YOz51eTeP58oKa5ctDSIr2Ice8RvqCrVmJHb1_tf6127B36fX1pAnPqfoU4AGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1-t2CIAPTeufXN-W8gHU9B44eWmQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1315103
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 33043
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:07:19 GMT
server: cloudflare
etag: "4248eb804269666620fb86952a326d7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRZBzH2FYgXD%2Fp2VRBjb%2BwkRTpAK0WkEQypXApKQskDwQ3SUx6LctkfiJ740k40WhJmf9hml5zrxFcFGzaX76TBiY0VQ%2FLBNHbxGjdeF3bBOLUunAFER4zan85ZgTFLubZyXUzH%2BmZkQ8HyY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82ca77427c0b994b-FRA

GET
H2

200

view.aspx
pb.media01.eu/ Frame 9C52
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr...
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&actio...

0
629 B

134ms
94ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=981741&produktid=&dt_url=

Requested by

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:00 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 27 Nov 2023 01:45:00 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 27 Nov 2023 12:45:01 GMT
strict-transport-security: max-age=15768000
x-iplb-instance: 40028
content-length: 0
proxy-host: pv.medialead.de
attribution-reporting-register-source: {"source_event_id":"17200573720103333","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx/1.17.5
host: pv.medialead.de
x-iplb-request-id: D972DA16:8F2A_91EFC182:01BB_65648F4D_82DCCDB:1A42A
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=981741&produktid=&dt_url=
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
keep-alive: timeout=20

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C2E7 0
19 B 68ms
67ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtUtHTI9kZcveDbGpjuwPh-Ca4ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ-8f9UZ12yPqgDAcgDAqoE4wFP0Nf0jUaZ7fYpGCa_-DJGxyjEH4GYavx-E8MNNTAaqy6vrXS67KOO1uv8wNFiskQx3-w5NkzdYEJfdfBARg2siBbn3JFII0cRORTA5t4mMrlyXyljlxgw7NrVmU_4cAh3FAjYqmi37zFufL8rMB3G_zns8FFTsVysk1XArPN5G9kweKKwh1vD0lJhw-szjD3ckZ4tzrhtV5OwgqdbkGLNadEzJqDR57zWIQwXpEFlgAHw0aett6fr-xJlYNEcnG4vJRme90RYQG1zp6LiPnvdpUvtbiSee0OdjXfDyW4NRCyytYAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01MTUyMzY1Nzc4MTE2NDg4GAA&sigh=lgdXKZNEFWk&uach_m=%5BUACH%5D&cid=CAQSPADICaaNSyH_YNtpFmjmmiH93OGLiOXDBAYoE4Cr9PeNYkvwER106zUiE_nKNTKK5RdXBmLls5evuZI6jxgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=50&adk=3306574534&adf=750424724&pi=t.aa~a.315013902~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x50&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2223&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280%2C380x280%2C790x90%2C380x100&nras=7&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=2985&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=28
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 27 Nov 2023 12:45:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame C2E7 0
11 B 33ms
33ms Image
image/gif 2600:1901:0:76b9::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j7ktetmk3nhtp3jhqeph4pq002pgcx89spfvejxk1qybpz344z6qr4hhv349t82a21fbtw89p8era8q1qw297e742t72efdj78vpjt2gpj14r0xayva2xah6mb6faprnfxh04kbpyb00j4rbpcr1p9nceffbnbw4nmkyyznm4jg0kd96f8jjqf9bjfxepfdwcke29z675n11dbtc6fhqvxpn3b7d2saerzh4q7cspqzbanngp0zyw6mk6ck8x9c8jnf7356h194dcdj1v7g7rgrrp99mhyj58qqkve8qyf59nwq1bhqbaaddmasp429kzr135n7rc6ks08d7cw01g4rjwvnaq82q7y2cb4b9txsedv9g4xbany0mqjv41ry76b002syacbrhp8&b=ZWSPTAADb0sHg5SxAAawB0NM_LxDo6kjFpPzXw&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5152365778116488&output=html&h=50&adk=3306574534&adf=750424724&pi=t.aa~a.315013902~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1701089100&rafmt=1&to=qs&pwprc=1955097924&format=380x50&url=https%3A%2F%2Ficookandpaint.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701089100167&bpp=1&bdt=2223&idt=1&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C0x0%2C380x280%2C380x280%2C380x280%2C790x90%2C380x100&nras=7&correlator=2337301729069&frm=20&pv=1&ga_vid=1812790518.1701089099&ga_sid=1701089099&ga_hid=1048558765&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1020&ady=2985&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C44809004%2C44809317%2C31078301%2C44807763%2C44808149%2C44808284%2C44809057&oid=2&pvsid=393860901417136&tmod=501502382&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=28
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 27 Nov 2023 12:45:01 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

POST
H3 200 rs Show response
ad4m.at/ Frame 185F 1 KB
1 KB 57ms
57ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a62be457c4a1ff9390d8ad316433cad6efdaa7c9d03e8a3e87640f5b968f480d

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfHqk41QdlNX74QyZDOaA6UEaxcr17LhzqZu03UUF%2FDzuuC3IRyv9oEJgHZyqRetdlamarhYcRjyzq1Li19co4kgY5w8GiD7B5swd3XBtUQlIvsPvY63dcQ3gsSj9vaqbkawK3U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 82ca7742aca891e3-FRA
x-backend-server: aa-reachservice-group-europe-west1-rlrs
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 45ms
44ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82ca77425c6d91e3-FRA
content-length: 24
content-type: text/plain
date: Mon, 27 Nov 2023 12:45:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PkFzfqAdZxJJHOZ890qDR1rekuHmixjA4hKlwApXabuQa9DpQdJOClTSIvH3RIvwWlQ8OcVz%2BUNsjHmF%2F20l6nur5KnFK8ZheSsw3GdHs6d%2F88DCPZ6KDpTIHCHa8SOpnN%2BN8k%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-rlrs

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame FF26 5 KB
3 KB 50ms
50ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=182475&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw&c=320&d=50&e=&g=f5ef0e893b5af7fbc3ab747a59cbbc67%2F11448062692916609987&i=65760&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101234&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jgbxb2k5ab8kgb1x1f5kvbna9y7jghnj8d2btsmca9m7ppytybqh9fxgghj4rgcy874wdg0m0qfkw388ap3ky2aa909fp4v3318sav1j2ymqbpqqqfv6412ekhdkey3084mpmhaee675z32qk75dpzb72bxp6fvn4qbjktxded62brv3nhrvbtbzf59c7exz5wbs8z6vz11qjbpya0vhdg0capj0294rq5rj024m9w0c4p8q9qeh4jdj4sy8a2hqp37npfx37rjvs23bq9d4pe5%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeIOgTI9kZcveDbGpjuwPh-Ca4ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ-8f9UZ12yPqgDAcgDAqoE5gFP0Nf0jUaZ7fYpGCa_-DJGxyjEH4GYavx-E8MNNTAaqy6vrXS67KOO1uv8wNFiskQx3-w5NkzdYEJfdfBARg2siBbn3JFII0cRORTA5t4mMrlyXyljlxgw7NrVmU_4cAh3FAjYqmi37zFufL8rMB3G_zns8FFTsVysk1XArPN5G9kweKKwh1vD0lJhw-szjD3ckZ4tzrhtV5OwgqdbkGLNadEzJqDR57zWIQwXpEFlgAHw0aett6fr-xJlYNFenk-98uAZt4zfCPup7jAQB2_XCEHDdvkeuQoPdePd5XbYmLPyfUJM9IAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3AnTO8_oN7HXo2qnRclaWSuoGzDQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

120346e89bb31a0a1f589f97bd5aad8eee72c372f9a0dc98509111f08d1e8669

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gffg43gkfxypmqn6zzbs6z85cpa07ta1hvd8ed604qfqa7gbr4yh7sn8gnyge7fgnrzg669gc5detfz7gwha982rhwnpn0ehcs9x4cb42r310aed1katqnsfpcq1q8qz7z485ebhgkzxeam2p18hxq2bvpt3r8b31vhrcbq5y3gs90qyrx7zwrd5ecwkj3mk9zy110dxbxp7zxqaand1zz2za5b7shr8rmdavq7kvz256xm3c0xxqj6cm6gf8pnggw90mxqvpfewk1hhrsmtxx9t5rb62gtcfyb7pgn19vt06y8n2bp58cq0xbkmjzx4vjjtnc4x48rgvm5jjeyqqamgggyb7nzhk3hk4e9zjwsv78881cszc6da00rgc0bqzakyndzs999apb0j98ry8kq0b7qqhwfgazn4qkwe8xxbb44es7wvhwxpwp2630s0x513a7w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeIOgTI9kZcveDbGpjuwPh-Ca4ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ-8f9UZ12yPqgDAcgDAqoE5gFP0Nf0jUaZ7fYpGCa_-DJGxyjEH4GYavx-E8MNNTAaqy6vrXS67KOO1uv8wNFiskQx3-w5NkzdYEJfdfBARg2siBbn3JFII0cRORTA5t4mMrlyXyljlxgw7NrVmU_4cAh3FAjYqmi37zFufL8rMB3G_zns8FFTsVysk1XArPN5G9kweKKwh1vD0lJhw-szjD3ckZ4tzrhtV5OwgqdbkGLNadEzJqDR57zWIQwXpEFlgAHw0aett6fr-xJlYNFenk-98uAZt4zfCPup7jAQB2_XCEHDdvkeuQoPdePd5XbYmLPyfUJM9IAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3AnTO8_oN7HXo2qnRclaWSuoGzDQ%26client%3Dca-pub-5152365778116488%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82ca77430ca91941-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:01 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame FF26 115 KB
14 KB 59ms
58ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw&c=320&d=50&e=&g=f5ef0e893b5af7fbc3ab747a59cbbc67%2F11448062692916609987&i=65760&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101234&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jgbxb2k5ab8kgb1x1f5kvbna9y7jghnj8d2btsmca9m7ppytybqh9fxgghj4rgcy874wdg0m0qfkw388ap3ky2aa909fp4v3318sav1j2ymqbpqqqfv6412ekhdkey3084mpmhaee675z32qk75dpzb72bxp6fvn4qbjktxded62brv3nhrvbtbzf59c7exz5wbs8z6vz11qjbpya0vhdg0capj0294rq5rj024m9w0c4p8q9qeh4jdj4sy8a2hqp37npfx37rjvs23bq9d4pe5%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeIOgTI9kZcveDbGpjuwPh-Ca4ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ-8f9UZ12yPqgDAcgDAqoE5gFP0Nf0jUaZ7fYpGCa_-DJGxyjEH4GYavx-E8MNNTAaqy6vrXS67KOO1uv8wNFiskQx3-w5NkzdYEJfdfBARg2siBbn3JFII0cRORTA5t4mMrlyXyljlxgw7NrVmU_4cAh3FAjYqmi37zFufL8rMB3G_zns8FFTsVysk1XArPN5G9kweKKwh1vD0lJhw-szjD3ckZ4tzrhtV5OwgqdbkGLNadEzJqDR57zWIQwXpEFlgAHw0aett6fr-xJlYNFenk-98uAZt4zfCPup7jAQB2_XCEHDdvkeuQoPdePd5XbYmLPyfUJM9IAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3AnTO8_oN7HXo2qnRclaWSuoGzDQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=182475&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw&c=320&d=50&e=&g=f5ef0e893b5af7fbc3ab747a59cbbc67%2F11448062692916609987&i=65760&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101234&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jgbxb2k5ab8kgb1x1f5kvbna9y7jghnj8d2btsmca9m7ppytybqh9fxgghj4rgcy874wdg0m0qfkw388ap3ky2aa909fp4v3318sav1j2ymqbpqqqfv6412ekhdkey3084mpmhaee675z32qk75dpzb72bxp6fvn4qbjktxded62brv3nhrvbtbzf59c7exz5wbs8z6vz11qjbpya0vhdg0capj0294rq5rj024m9w0c4p8q9qeh4jdj4sy8a2hqp37npfx37rjvs23bq9d4pe5%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeIOgTI9kZcveDbGpjuwPh-Ca4ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ-8f9UZ12yPqgDAcgDAqoE5gFP0Nf0jUaZ7fYpGCa_-DJGxyjEH4GYavx-E8MNNTAaqy6vrXS67KOO1uv8wNFiskQx3-w5NkzdYEJfdfBARg2siBbn3JFII0cRORTA5t4mMrlyXyljlxgw7NrVmU_4cAh3FAjYqmi37zFufL8rMB3G_zns8FFTsVysk1XArPN5G9kweKKwh1vD0lJhw-szjD3ckZ4tzrhtV5OwgqdbkGLNadEzJqDR57zWIQwXpEFlgAHw0aett6fr-xJlYNFenk-98uAZt4zfCPup7jAQB2_XCEHDdvkeuQoPdePd5XbYmLPyfUJM9IAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3AnTO8_oN7HXo2qnRclaWSuoGzDQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1230218
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rlT9gndOZMVyw7PQJv46reCGdcEPlecgE%2FuE3GanDKkxh%2FEm6cg1tMu%2BpjNkPjKnxajJhVYUTZm2sy6vR9ZBstO8wuAoNu1rxlC7bq0enOKQ3ouVyzvY%2FBW4%2Fb7grM2lQATUGsJDbIU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 82ca77435d1a1941-FRA
expires: Tue, 28 Nov 2023 12:45:01 GMT

GET
H3 200 B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
assets.ad4m.at/logo/ Frame FF26 5 KB
5 KB 39ms
39ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw&c=320&d=50&e=&g=f5ef0e893b5af7fbc3ab747a59cbbc67%2F11448062692916609987&i=65760&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101234&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jgbxb2k5ab8kgb1x1f5kvbna9y7jghnj8d2btsmca9m7ppytybqh9fxgghj4rgcy874wdg0m0qfkw388ap3ky2aa909fp4v3318sav1j2ymqbpqqqfv6412ekhdkey3084mpmhaee675z32qk75dpzb72bxp6fvn4qbjktxded62brv3nhrvbtbzf59c7exz5wbs8z6vz11qjbpya0vhdg0capj0294rq5rj024m9w0c4p8q9qeh4jdj4sy8a2hqp37npfx37rjvs23bq9d4pe5%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeIOgTI9kZcveDbGpjuwPh-Ca4ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ-8f9UZ12yPqgDAcgDAqoE5gFP0Nf0jUaZ7fYpGCa_-DJGxyjEH4GYavx-E8MNNTAaqy6vrXS67KOO1uv8wNFiskQx3-w5NkzdYEJfdfBARg2siBbn3JFII0cRORTA5t4mMrlyXyljlxgw7NrVmU_4cAh3FAjYqmi37zFufL8rMB3G_zns8FFTsVysk1XArPN5G9kweKKwh1vD0lJhw-szjD3ckZ4tzrhtV5OwgqdbkGLNadEzJqDR57zWIQwXpEFlgAHw0aett6fr-xJlYNFenk-98uAZt4zfCPup7jAQB2_XCEHDdvkeuQoPdePd5XbYmLPyfUJM9IAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3AnTO8_oN7HXo2qnRclaWSuoGzDQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ff66b97bd8767ce16889bf15fc6e18e59fb7e60edc88bf9ee41416d3031bd24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 493787
cf-polished: origFmt=png, origSize=5231
alt-svc: h3=":443"; ma=86400
content-length: 4680
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 09:43:53 GMT
server: cloudflare
etag: "f16f7910a6ef14de318e485901cfa4a3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tV8ldy4HcmQXqWfKPsqw%2FYapVG7fyLillvH%2BgqhgrzN8NRziZS6g9CpMT4s7mVz9YQnuSLGguVjSavcn4Be9KTeifGMCA6E4hYd3rQhTH%2FOA3oFS9VWLm0S2f8jRG7ApiD543pvLGSmDEAt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82ca77435d1d1941-FRA

GET
H3 200 B7B46C67E32C8811CDC434C085DAC11692C95AC4470651A2A0ED9ED376F6F61F2A60C696B2F96D97291A7B9462A184BB5383BBC9E9ECDB66ACD89DA815902BC8
assets.ad4m.at/product_image/ Frame FF26 34 KB
35 KB 40ms
40ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B7B46C67E32C8811CDC434C085DAC11692C95AC4470651A2A0ED9ED376F6F61F2A60C696B2F96D97291A7B9462A184BB5383BBC9E9ECDB66ACD89DA815902BC8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw&c=320&d=50&e=&g=f5ef0e893b5af7fbc3ab747a59cbbc67%2F11448062692916609987&i=65760&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101234&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jgbxb2k5ab8kgb1x1f5kvbna9y7jghnj8d2btsmca9m7ppytybqh9fxgghj4rgcy874wdg0m0qfkw388ap3ky2aa909fp4v3318sav1j2ymqbpqqqfv6412ekhdkey3084mpmhaee675z32qk75dpzb72bxp6fvn4qbjktxded62brv3nhrvbtbzf59c7exz5wbs8z6vz11qjbpya0vhdg0capj0294rq5rj024m9w0c4p8q9qeh4jdj4sy8a2hqp37npfx37rjvs23bq9d4pe5%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeIOgTI9kZcveDbGpjuwPh-Ca4ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ-8f9UZ12yPqgDAcgDAqoE5gFP0Nf0jUaZ7fYpGCa_-DJGxyjEH4GYavx-E8MNNTAaqy6vrXS67KOO1uv8wNFiskQx3-w5NkzdYEJfdfBARg2siBbn3JFII0cRORTA5t4mMrlyXyljlxgw7NrVmU_4cAh3FAjYqmi37zFufL8rMB3G_zns8FFTsVysk1XArPN5G9kweKKwh1vD0lJhw-szjD3ckZ4tzrhtV5OwgqdbkGLNadEzJqDR57zWIQwXpEFlgAHw0aett6fr-xJlYNFenk-98uAZt4zfCPup7jAQB2_XCEHDdvkeuQoPdePd5XbYmLPyfUJM9IAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3AnTO8_oN7HXo2qnRclaWSuoGzDQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 274092432a2d58df5ad52ba6b516d96166bada65843299fdca4b8dd6db1d9e89

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 362687
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 35068
cf-bgj: imgq:85,h2pri
last-modified: Thu, 23 Nov 2023 08:00:13 GMT
server: cloudflare
etag: "b517cdc8d5c29fc9ccb387e83f875610"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQIj2wDjHuXmX8fMk0GpCxiygmXYDEImAoKiQkxIl1%2BwEKjqNe2hGcPtaKDShk3X%2FKcW6iq5fu0ElkAvWjqqiCMAcRubbiEXmV6cAfreFyIomYX8nP%2Fs%2Bpp3vHVBKiWR4ldh25dAZkS85EZn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 82ca77435d201941-FRA

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F207 42 B
64 B 184ms
61ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrXb7TfsYzZJ3Kwycb9MRvRwJliTocGfBMV9YJCsnPQ-9gRKo-kT9lix3lE-hesnbsWQ602HlDnI-UFn582ENFioGumvnQYBeVjll9bhfnuvCfyleoDGRyA1f-EebY5RgZGAGFlAmJ0xhP&sai=AMfl-YRcFAxvxfUoQQ729tzG3i1tZxmqLVgMBv3dumZ5y4SxBaU-jxlUIIB7HGZvfbWDawvQIYStZ3No6U0_HmIyoejUWXDEk8pvCvewaeo5Zvg6B6Ebke1m7_oAn-mjOC5U2MlOAVxvbfW22TseWkL8TT_D2hiOwPsYg8dp&sig=Cg0ArKJSzONjvflUV4j8EAE&cid=CAQSTwDICaaNh7Ptv6dIMBB58l-bNhGWXC7Hz0-6kZhu6XGb3INNIH9IGgcyDiybiiPwaC71gE5975jIb3ZxmJZbl0gwR6y0ujrH_lGfhxYOzwoYAQ&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=0.71&if=1&vu=1&app=0&itpl=22&adk=82414211&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701089099151&rpt=1205&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 12:45:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame FF26 2 KB
2 KB 212ms
114ms Script
text/html 13.42.155.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3766871&wgcampaignid=1384975&wgprogramid=287405&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j0560p67pw6as8zb4c6ztdc350pj1qszhtm7qpr32y6a8vsq4ssjqqsk3pbbqyyefhy07argy0rtyzfr5z8fs9fa02s546y1bvess5bchgc742exbewqekjevhzygy9wn2b8rm5pw5ncjwd6rhxxztfpebs3149e5t629m3yy2pfjfvmkzb5vmf7gqrykg8z3jn25daremmf3v3qwhmv6f065wy1vy6p35rxbvtcsabmq3t0rj3h10phsk4r87n8g8ca%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jgbxb2k5ab8kgb1x1f5kvbna9y7jghnj8d2btsmca9m7ppytybqh9fxgghj4rgcy874wdg0m0qfkw388ap3ky2aa909fp4v3318sav1j2ymqbpqqqfv6412ekhdkey3084mpmhaee675z32qk75dpzb72bxp6fvn4qbjktxded62brv3nhrvbtbzf59c7exz5wbs8z6vz11qjbpya0vhdg0capj0294rq5rj024m9w0c4p8q9qeh4jdj4sy8a2hqp37npfx37rjvs23bq9d4pe5%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCeIOgTI9kZcveDbGpjuwPh-Ca4ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ-8f9UZ12yPqgDAcgDAqoE5gFP0Nf0jUaZ7fYpGCa_-DJGxyjEH4GYavx-E8MNNTAaqy6vrXS67KOO1uv8wNFiskQx3-w5NkzdYEJfdfBARg2siBbn3JFII0cRORTA5t4mMrlyXyljlxgw7NrVmU_4cAh3FAjYqmi37zFufL8rMB3G_zns8FFTsVysk1XArPN5G9kweKKwh1vD0lJhw-szjD3ckZ4tzrhtV5OwgqdbkGLNadEzJqDR57zWIQwXpEFlgAHw0aett6fr-xJlYNFenk-98uAZt4zfCPup7jAQB2_XCEHDdvkeuQoPdePd5XbYmLPyfUJM9IAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3AnTO8_oN7HXo2qnRclaWSuoGzDQ%252526client%25253Dca-pub-5152365778116488%252526adurl%25253D&clickref=oneid41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keboneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw&c=320&d=50&e=&g=f5ef0e893b5af7fbc3ab747a59cbbc67%2F11448062692916609987&i=65760&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101234&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jgbxb2k5ab8kgb1x1f5kvbna9y7jghnj8d2btsmca9m7ppytybqh9fxgghj4rgcy874wdg0m0qfkw388ap3ky2aa909fp4v3318sav1j2ymqbpqqqfv6412ekhdkey3084mpmhaee675z32qk75dpzb72bxp6fvn4qbjktxded62brv3nhrvbtbzf59c7exz5wbs8z6vz11qjbpya0vhdg0capj0294rq5rj024m9w0c4p8q9qeh4jdj4sy8a2hqp37npfx37rjvs23bq9d4pe5%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeIOgTI9kZcveDbGpjuwPh-Ca4ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ-8f9UZ12yPqgDAcgDAqoE5gFP0Nf0jUaZ7fYpGCa_-DJGxyjEH4GYavx-E8MNNTAaqy6vrXS67KOO1uv8wNFiskQx3-w5NkzdYEJfdfBARg2siBbn3JFII0cRORTA5t4mMrlyXyljlxgw7NrVmU_4cAh3FAjYqmi37zFufL8rMB3G_zns8FFTsVysk1XArPN5G9kweKKwh1vD0lJhw-szjD3ckZ4tzrhtV5OwgqdbkGLNadEzJqDR57zWIQwXpEFlgAHw0aett6fr-xJlYNFenk-98uAZt4zfCPup7jAQB2_XCEHDdvkeuQoPdePd5XbYmLPyfUJM9IAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3AnTO8_oN7HXo2qnRclaWSuoGzDQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.155.83 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-155-83.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: c9ea09fb33855409e2c98193ed18564d9aa3d78d1ad7b12c791aa2353254e473

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
last-modified: Mon, 27 Nov 2023 12:45:01 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 27 Nov 2023 12:46:01 GMT

GET
H/1.1 200
OK f5bfe45bb2 Show response
tm.simptrack.com/tm/a/channel/tracker/ Frame 24E7 44 B
983 B 143ms
31ms Document
image/gif 46.4.101.241
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw&c=320&d=50&e=&g=f5ef0e893b5af7fbc3ab747a59cbbc67%2F11448062692916609987&i=65760&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101234&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jgbxb2k5ab8kgb1x1f5kvbna9y7jghnj8d2btsmca9m7ppytybqh9fxgghj4rgcy874wdg0m0qfkw388ap3ky2aa909fp4v3318sav1j2ymqbpqqqfv6412ekhdkey3084mpmhaee675z32qk75dpzb72bxp6fvn4qbjktxded62brv3nhrvbtbzf59c7exz5wbs8z6vz11qjbpya0vhdg0capj0294rq5rj024m9w0c4p8q9qeh4jdj4sy8a2hqp37npfx37rjvs23bq9d4pe5%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeIOgTI9kZcveDbGpjuwPh-Ca4ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ-8f9UZ12yPqgDAcgDAqoE5gFP0Nf0jUaZ7fYpGCa_-DJGxyjEH4GYavx-E8MNNTAaqy6vrXS67KOO1uv8wNFiskQx3-w5NkzdYEJfdfBARg2siBbn3JFII0cRORTA5t4mMrlyXyljlxgw7NrVmU_4cAh3FAjYqmi37zFufL8rMB3G_zns8FFTsVysk1XArPN5G9kweKKwh1vD0lJhw-szjD3ckZ4tzrhtV5OwgqdbkGLNadEzJqDR57zWIQwXpEFlgAHw0aett6fr-xJlYNFenk-98uAZt4zfCPup7jAQB2_XCEHDdvkeuQoPdePd5XbYmLPyfUJM9IAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3AnTO8_oN7HXo2qnRclaWSuoGzDQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.101.241 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.241.101.4.46.clients.your-server.de
Software: nginx /
Resource Hash: e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 44
Content-Type: image/gif
Date: Mon, 27 Nov 2023 12:45:01 GMT
Expires: 0
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: nginx

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame FF26 53 KB
19 KB 106ms
25ms Script
application/javascript 18.66.147.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3766871&wgcampaignid=1384975&wgprogramid=287405&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j0560p67pw6as8zb4c6ztdc350pj1qszhtm7qpr32y6a8vsq4ssjqqsk3pbbqyyefhy07argy0rtyzfr5z8fs9fa02s546y1bvess5bchgc742exbewqekjevhzygy9wn2b8rm5pw5ncjwd6rhxxztfpebs3149e5t629m3yy2pfjfvmkzb5vmf7gqrykg8z3jn25daremmf3v3qwhmv6f065wy1vy6p35rxbvtcsabmq3t0rj3h10phsk4r87n8g8ca%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jgbxb2k5ab8kgb1x1f5kvbna9y7jghnj8d2btsmca9m7ppytybqh9fxgghj4rgcy874wdg0m0qfkw388ap3ky2aa909fp4v3318sav1j2ymqbpqqqfv6412ekhdkey3084mpmhaee675z32qk75dpzb72bxp6fvn4qbjktxded62brv3nhrvbtbzf59c7exz5wbs8z6vz11qjbpya0vhdg0capj0294rq5rj024m9w0c4p8q9qeh4jdj4sy8a2hqp37npfx37rjvs23bq9d4pe5%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCeIOgTI9kZcveDbGpjuwPh-Ca4ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ-8f9UZ12yPqgDAcgDAqoE5gFP0Nf0jUaZ7fYpGCa_-DJGxyjEH4GYavx-E8MNNTAaqy6vrXS67KOO1uv8wNFiskQx3-w5NkzdYEJfdfBARg2siBbn3JFII0cRORTA5t4mMrlyXyljlxgw7NrVmU_4cAh3FAjYqmi37zFufL8rMB3G_zns8FFTsVysk1XArPN5G9kweKKwh1vD0lJhw-szjD3ckZ4tzrhtV5OwgqdbkGLNadEzJqDR57zWIQwXpEFlgAHw0aett6fr-xJlYNFenk-98uAZt4zfCPup7jAQB2_XCEHDdvkeuQoPdePd5XbYmLPyfUJM9IAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3AnTO8_oN7HXo2qnRclaWSuoGzDQ%252526client%25253Dca-pub-5152365778116488%252526adurl%25253D&clickref=oneid41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keboneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 16:26:49 GMT
content-encoding: gzip
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 16:26:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 73093
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: O8K5juKeOCtx8c81xa-LBNFPsuxBKG2wYjpg3IHka_QyCfDZKFkxnQ==

GET
H2 200 1630077001_jF1b8Jfj1B39nVsMmTxKrB0cNJRh2QB8.jpg
cdn.track.production.webgains.team/287405/ Frame FF26 55 KB
56 KB 107ms
32ms Image
image/jpeg 18.239.50.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/287405/1630077001_jF1b8Jfj1B39nVsMmTxKrB0cNJRh2QB8.jpg?Expires=1701089401&Signature=SSjXCNv5Ss3gBhkcqy3JLY3Mo4Se331cDDvxh~BgUlvCVEns6jkjRrJ0UxyO-HMuB5cUZ2gw73vA6JoNdb~cIiQJW1f63zGZdpOZSfl1xZJDDXwT27KGnwZzjsVqZyQ9e0AdhgmRDZi3t7j~KNBVemDaQDJKNx9jHDgfpiFhiHZOPmVF1kvt4MQ5MliamQOniuFGVX9IuVOgHNPMZczVm~R817UyHf59MnpTNBbZA1ldFVOlqKiYVXELK9wnSgW-DUkL6HGD9FytFgrdlLDw12JSIId34vkvMARo-wri4JhstrEQNMVtTWdIykIOhYL9YUzyrVTMEuH-GUaj2ZCzkA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw&c=320&d=50&e=&g=f5ef0e893b5af7fbc3ab747a59cbbc67%2F11448062692916609987&i=65760&j=21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1701089101234&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jgbxb2k5ab8kgb1x1f5kvbna9y7jghnj8d2btsmca9m7ppytybqh9fxgghj4rgcy874wdg0m0qfkw388ap3ky2aa909fp4v3318sav1j2ymqbpqqqfv6412ekhdkey3084mpmhaee675z32qk75dpzb72bxp6fvn4qbjktxded62brv3nhrvbtbzf59c7exz5wbs8z6vz11qjbpya0vhdg0capj0294rq5rj024m9w0c4p8q9qeh4jdj4sy8a2hqp37npfx37rjvs23bq9d4pe5%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeIOgTI9kZcveDbGpjuwPh-Ca4ASQ4YGEXLaoworwAsCNtwEQASAAYJX68IGMB4IBF2NhLXB1Yi01MTUyMzY1Nzc4MTE2NDg4yAEJqQJ-8f9UZ12yPqgDAcgDAqoE5gFP0Nf0jUaZ7fYpGCa_-DJGxyjEH4GYavx-E8MNNTAaqy6vrXS67KOO1uv8wNFiskQx3-w5NkzdYEJfdfBARg2siBbn3JFII0cRORTA5t4mMrlyXyljlxgw7NrVmU_4cAh3FAjYqmi37zFufL8rMB3G_zns8FFTsVysk1XArPN5G9kweKKwh1vD0lJhw-szjD3ckZ4tzrhtV5OwgqdbkGLNadEzJqDR57zWIQwXpEFlgAHw0aett6fr-xJlYNFenk-98uAZt4zfCPup7jAQB2_XCEHDdvkeuQoPdePd5XbYmLPyfUJM9IAG-trvg7C82JfvAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3AnTO8_oN7HXo2qnRclaWSuoGzDQ%2526client%253Dca-pub-5152365778116488%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-47.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f24acd57aec035fffd76b0bbd29ed438417cbb1d355e95c99ad044d74dc68c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 27 Nov 2023 11:00:03 GMT
via: 1.1 702b555619c53ec5f8f56dfeed61c334.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:42:17 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 76350
etag: "4e56b45a1411ee8d71fc40bc011df5b0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 56674
x-amz-cf-id: xSQ-_NrQKz3HI07usqdETi74wlmUT7-25exDySEwKNWstx9oODXF4A==

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 71ms
71ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cbbbb7f541a2fa00989ca75653c20e22b559935f52a57b575dfdc15c6d0fa02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12377
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Nov 2023 12:45:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C6D6 13 KB
5 KB 24ms
23ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://icookandpaint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7187
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 10:45:14 GMT
expires: Tue, 26 Nov 2024 10:45:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3019 829 B
559 B 33ms
32ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d81b268fdb8b3a675f124894a6881b9e1d33bf528a6c391b2cc25dcabef839ef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9NFsfUXJGEbHuOUTY4f1WA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://icookandpaint.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-9NFsfUXJGEbHuOUTY4f1WA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:45:01 GMT
expires: Mon, 27 Nov 2023 12:45:01 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame C6D6 39 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 10:49:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 10:49:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3019 0
0 56ms
56ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=393860901417136&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C6D6 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?EIHJVA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:45:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 136ms
39ms Preflight 18.132.19.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.19.32 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-19-32.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 27 Nov 2023 12:45:02 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame FF26 16 B
209 B 105ms
104ms Fetch
application/json 18.132.19.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.132.19.32 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-132-19-32.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 27 Nov 2023 12:45:02 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
60ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=393860901417136&bg=!hYalhsnNAAZxrfrxUa07ADQBe5WfOAk5ac2ykih6Unykk_iwlPlu1BU2qcslre7ZHP5fHS7yt_m6ghBpl7JjcPy_4rQ-AgAAADtSAAAAAmgBB5kCyEUQJPyzhEkYM2wXjwhXzZFzU4IyZ0JCJpqqfYV7NLVaLwb0iFsakz5F5o7CpzOj-1Laod6jhmXpit4gab6fkYsbzWA1aq83yjHCPyAtApFX9PnoXkNUhp10sVC3ZeSFKYUlpMntwED-QtVByhpiJs45M1_IyituTl9XawaE7N7GVQsCLt0eZ0pJJFeNm0xr2-n9yTf-1yDfw98ueazybOgqpm3wF41kM5FqrvBjcEHDmt960eobXBelr38yMZbaj0jshAMksCa6X_YVyUOabNACUYB-N1iCdSRR1oCfS_XcjK0SVpCOxnc2BTPacwLmVTW5yO2rnFbilp9hFfKq_Ns7T0jA1rFP5-CC7bFHwQOZc9z3DhhQvTCL79nw5oYRO5lo3qiYK3aI3Mp2lDbbJCemIs1duxiFMU7xQXkVL8B3btCqfF1v9Q8-T-FLjwGSgk1STMAYgl8rvslFMugRf1y5ntBv7k-3FtIbjrMy6K1tKH9WP7N3ZiDPkILzOxu2DqFU6sSH_BFWrfMgvSzELLwjkN9yTc3B19UQzDuYaB2bcIt8poU8-zu7boP1Rtpjs-EHVAHdY0pPvg09Laf0k_u1SukGP1gmJZdoiLSNW7mIHCGMGgP8l-sjtDHO6ynqnCLC9jl1eUh6mwI-7PpWEVXxjsbK5ceoevUVc8HzRFyETu4v_OuXJp5EfjskvbtYcYChjTxM-1MlqsJjFQYkQg1iLHLJ-x84hMCXj1JayJGEOshOr1S8mHwbQjn4TXlYHjvcBbdWFUjv39K0nTU1oT0ZnDjMBEoK2j-WyuxIvFWv84gp246mFfaTZd1-wkJ-Pt1Llz3GE1UvgvU-qqFEFoT4-GEMii7095igQKdV9bbTURiuaj426_MS54zV5RLnnfQ58aLGU6rROVmGBmRX0hTOleWJcE7Kjp5G45wfYpAUekW0utN7qFQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://icookandpaint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
icookandpaint.com/	1970-01-21 01:17:05	Name: cookielawinfo-checkbox-necessary Value: yes
icookandpaint.com/	1970-01-21 01:17:05	Name: cookielawinfo-checkbox-functional Value: no
icookandpaint.com/	1970-01-21 01:17:05	Name: cookielawinfo-checkbox-performance Value: no
icookandpaint.com/	1970-01-21 01:17:05	Name: cookielawinfo-checkbox-analytics Value: no
icookandpaint.com/	1970-01-21 01:17:05	Name: cookielawinfo-checkbox-advertisement Value: no
icookandpaint.com/	1970-01-21 01:17:05	Name: cookielawinfo-checkbox-others Value: no
.icookandpaint.com/	1970-01-21 02:07:29	Name: _ga_8C31C3J8M5 Value: GS1.1.1701089098.1.0.1701089098.0.0.0
.icookandpaint.com/	1970-01-21 02:07:29	Name: _ga Value: GA1.1.1812790518.1701089099
.icookandpaint.com/	1970-01-21 01:53:05	Name: __gads Value: ID=87dbbce83e656ba2:T=1701089099:RT=1701089099:S=ALNI_MaSI-UqvNAMdssDvR3xNS7gvl0FLg
.icookandpaint.com/	1970-01-21 01:53:05	Name: __gpi Value: UID=00000ce7f1c74381:T=1701089099:RT=1701089099:S=ALNI_MZW8TMiGGO3kamhqD6BgC7B9OT_LQ
.doubleclick.net/	1970-01-20 16:31:32	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 18:41:05	Name: ar_debug Value: 1
.blismedia.com/	1970-01-21 01:17:09	Name: b Value: 65648F4C0B4B962641ADFFF5BLIS
.adform.net/	1970-01-20 17:14:41	Name: C Value: 1
.quantserve.com/	1970-01-20 18:41:05	Name: d Value: EHEBCQHDKoEA
.quantserve.com/	1970-01-21 02:01:43	Name: mc Value: 65648f4c-d04c1-f15ed-7d4cb
.adform.net/	1970-01-20 17:57:53	Name: uid Value: 713451402778307260
.travelaudience.com/	1970-01-21 02:01:43	Name: _tracker Value: %7B%22UUID%22%3A%2296767B35-4F3A-4C3D-197E-B1D2F0A0B85E%22%7D
.yahoo.com/	1970-01-21 01:17:26	Name: A3 Value: d=AQABBEyPZGUCECRpNUTl3sqT3jRQ1VJP93MFEgEBAQHgZWVuZQAAAAAA_eMAAA&S=AQAAAuY3ksWP1zDu7fqBW4QRQhw
.simpli.fi/	1970-01-21 01:18:31	Name: suid Value: 1839467EDBE849378F2AD9D6AF3608CC
.w55c.net/	1970-01-21 02:01:43	Name: wfivefivec Value: L25yFoVx1R7AYY5
.w55c.net/	1970-01-20 17:14:41	Name: matchgoogle Value: 5
.doubleclick.net/	1970-01-21 01:53:05	Name: IDE Value: AHWqTUndmqKP_8FVJfFigCywoB4GNy5uHTgiYSFn9Byjvv8BljAtt5lfu51G_DZ3Ou0
.e.dlx.addthis.com/	1970-01-21 02:01:43	Name: na_tc Value: Y
.adfarm1.adition.com/	1970-01-20 18:41:05	Name: UserID1 Value: 7306122056381888665
.tribalfusion.com/	1970-01-20 18:40:36	Name: ANON_ID Value: ayntmIRwEfES2QVoq6vnRgh6QZawWbOuPB4ySCfUA0javcKB9LKnG471lfbFjyvqERQ8Vcyx8YaWZbqbX3QIXN9wL6
.addthis.com/	1970-01-21 02:01:43	Name: na_id Value: 2023112712450100013873688155
.addthis.com/	1970-01-21 02:01:43	Name: na_tc Value: Y
.addthis.com/	1970-01-21 02:01:43	Name: uid Value: 65648f4dcfff75c8
.addthis.com/	1970-01-21 02:01:43	Name: ouid Value: 65648f4d00018b83e482fc87f08ea66a984ef3d22fe81dd3fb7b
.dlx.addthis.com/	1970-01-20 17:14:41	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 17:14:41	Name: na_sr Value: 20231127
.dlx.addthis.com/	1970-01-20 16:31:29	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 17:14:41	Name: na_sc_e Value: 0
.everesttech.net/	1970-01-21 01:17:05	Name: everest_g_v2 Value: g_surferid~ZWSPTQACwLSnIABH
.awin1.com/	1970-01-20 16:34:21	Name: awpv20044 Value: 412871\|1701089101\|c7a2be00-8d22-11ee-98d5-22653d8c0e4c
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 365825:2531885
.awin1.com/	1970-01-20 16:34:21	Name: awpv14702 Value: 412871\|1701089101\|c7adba80-8d22-11ee-98d5-22653d8c0e4c
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: llezrr2qadln3ru3puyr4pxi
pb.media01.eu/	1970-01-21 02:07:29	Name: DTU Value: 82AEAD580B3CCE7D90782930096E92D9
.simptrack.com/	1970-01-20 18:41:05	Name: ntm_tps__4011 Value: .NNNQHlBvaeCa3H9u57PiunbNvu-m4O2T_ZqFVjPOmQXmRbWyactF0xDSwcOFgNNb9XQQPZiSEvHW4DjftlZOr6bsnMpt2ALVun9ENRduMNsqeprrep9kWvw3hy6lldCxU_ECUmylgM774DWuLCSYmgWMxCusDh71xaB5f6FE5-Cfn-JeeUG8ehrs7iWTaf_dJ52UhWOjkH_mHF80qFHm3lI-6HZstxFybAKgbuxf-Mrr8A0-hDbC2r68P9WESf4pw0gcMmCuDKuOhS34ntzD2IMddMHFXZuHRVsjLGrORI4FSH3y6Z83dWJPq_ug_zm9KiHcSPvZtx73leXVhvQkoC0FAXGBPJKPPNHV7r386TRoWg8_TPOZQ_HCFJZNNNNNNNNNVf4U
.simptrack.com/	1970-01-20 18:41:05	Name: v0rur7gqspb3_uid Value: 3e4230a7c2a07349

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmSvWs_tYrfOESeN_E8ANCksLhP_RQRgmoT472Cgd9aoaF4LEzwgu8UzesFX4Jgi8yQjK8vXMEsbuHDdnFfXXYkTD0j9rnY3aQ&google_gid=CAESEP5sMK1BwJbD5e7RlwjAQ1Q&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad4m.at
ads.travelaudience.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
assets.pinterest.com
c0.wp.com
c1.adform.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
e.dlx.addthis.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
i0.wp.com
icookandpaint.com
id.rlcdn.com
log.pinterest.com
onetag-sys.com
pagead2.googlesyndication.com
pb.media01.eu
pixel.wp.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
region1.google-analytics.com
s.tribalfusion.com
static-de.ad4mat.net
stats.wp.com
sync-tm.everesttech.net
sync.teads.tv
tm.simptrack.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
um.simpli.fi
www.awin1.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
13.42.155.83
142.250.184.194
142.250.186.162
145.239.193.130
151.101.192.84
151.101.66.49
162.241.216.197
178.250.1.9
18.132.19.32
18.239.50.47
18.66.147.52
192.0.76.3
192.0.77.2
192.0.77.37
2001:4860:4802:34::36
23.35.237.56
23.56.205.163
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::ac43:4a81
2606:4700::6812:18ad
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:802::2001
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2008
2a00:1450:4001:81c::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a02:fa8:8806:20::2010
2a04:4e42:8e::84
2a05:d018:d29:3601:ed3e:d5aa:dca8:d92e
3.69.41.2
34.96.105.8
35.186.193.173
35.190.0.66
35.204.74.118
35.244.174.68
37.157.6.254
46.4.101.241
51.89.9.251
52.29.13.21
69.192.160.219
85.114.159.93
88.198.250.30
06cd0e1ac0c41db7acc48094a1043a62431bf0dc4f23aa318dbe1577f5fd0fc9
08a25c504f8eff948a2911d660c1b12ef89c3fb8f3d57216facebebd6303b75e
099a73b67e21848d3c4e58df4b50e6df4c6fe49f6dc7135bc8c3f10c6e0e3581
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0c3b1a284dd6b56ff6334626f140a9c18ff4b28857648d37943baed47e7229c2
0ce53e2a66a6cf2068ff683a4443ff5a04622e2f93db67a09b76d2ce35ff6f44
0d8b88bbd6f12971a2a8cee8a2592df03089803ee592a0102bc22fc6f3abfb14
0db31befb4837c56bf176e879a715b5cdf457553fc7e8877f974b4c6ef75b1b1
0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
120346e89bb31a0a1f589f97bd5aad8eee72c372f9a0dc98509111f08d1e8669
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183c2c786c2d47494bd732f76495817dac9c6b70c5d8f7b3dfb00672b21bf8cd
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
19981b841576b614751aee95a7963cc871a40311535b5a9cfada8438c3323be3
19fd08e7b122eb516934df835542abacb366c7d2fde2ce1a95c6cab11018a486
1bd2efed6537bb3f1abb41c0be1990140a6e415382766f06111e9d20c9ec0a40
1df2576fa35c97ba2c708e47f7ec45ed84caa45d4cc35a72700ba5684a652451
1f1fffdcfccb2ca03296d8e054da2d690323fe46c66e00d9419604c830d21215
204e0baa67fea88fe84eabd07d5fe9a30edc09eecdbedac0ca7cdbfd74b94c21
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
21a1d248be6d47078460380c2a43ece109fa2bab2252ce09ea6c992fd3b1fde5
274092432a2d58df5ad52ba6b516d96166bada65843299fdca4b8dd6db1d9e89
275bace21e01961de13dd85b2454bf719249ee3b33559f7b468c92e3cf01a93a
277fb30e91af19162de1bd98e6364ee78f0677257c118fd46d0255b83eeadd55
279f25272d9abff4fe6094047bbbe8218b3a5e3211fa40df6ce7526c8e2e0ebf
27dd9b075cc59cf5f3c0f6ee075f4bd113782d81ce30a4f16aac669ecfdc4fa2
2c8dd1d8591a9a1270c35f0814983ad7c8766aac366bf96192dbcaf8b4f4ed83
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0
3048c7d47c809d811b73e5bc2b9c187062eb8466220f57ad261b113067990da4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
38ca8698835bdbebc9015ec6c84bde483b2ec88f8409caf70fb81a4674319729
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3cfead2ff24f62b768e6f48c05ac5b9f2cf18c5563bf3dbca4d8d96f5b2c6408
3f24acd57aec035fffd76b0bbd29ed438417cbb1d355e95c99ad044d74dc68c2
404c746c8f7e3f9b7611a8f23d908c1a32a5c972236b9d89bb68b05d9bf4b905
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
477198e363400f3aed953063b0f0fabcedad9c6265bbeb0fd75e95d2737dce22
4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a767dfc74136109b6563b3a105136ec6cb0e58f3a1d3765f1bf95799b50c6c4
5b221901d99aa2ee6f9b7a0afa6f5d5d346212a2a5e30510f45ba433a428d593
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5f299742ffaef4db8adc3ac29ff5ed716db355920a87d541e91cdf5d7aa0767d
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624778d8f54fef735c1e477018f640561ad0f36feffd481206e0965a614a37ea
63031665008978dfa8a699fc68a3a0b60b82a176d727a871c9008b12faa9e5f5
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
680cdef4c4990dc64c02d6f31af06004e57d927037b295d6151ca694ecd120e3
682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
6d22af88c0f4aeddf80077218bd5926db794237cd5cae221a1f72810be08db45
6d5db554f7ae65713d70fd359a046d051dada869941279557a39d0749beded33
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
726ea279594695c9de64454bddef579d75edf22ebbb79f6654afd0b156b8310a
77c50a7fcf056c7f33e57a397fac5ad69ee47a02cd1340e41d8966aac7ec9db6
79f87e41c6cb9752362bea57c4845a04d86b5fbdb3d2873509bfda37cf0df253
7cbbbb7f541a2fa00989ca75653c20e22b559935f52a57b575dfdc15c6d0fa02
7d272de35b410fb165377550cdf9c4d3a80fbbcc961e111914e4d5c0eaf5729f
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
7f55b93870e0d0a7f8f05cee1c060ad5704edb1be7bd57a3dadcc4cacbdb1a4b
809ec973a018b6bf8ac18e74bfffc3d25182e6f44df00128d531cf3e07570ee6
839076fdd0c62b6021ebf8c22c257d181d34a0b1ce0e7405844cc745a81c5db9
84d36d7fd6433d1a8edde377548754ff10dd91316150b6c752ecc1485707b5d4
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
87b34f2c1c4c30f70478efc10c6c026f9311019f028157314717e6ddfa4c1f4b
89e18d5004946dad96f4d0ac0aa12d088284af8e2b6fb7e67368336feaf9cc96
8a86b8b4534c51b5970d803dcc18a494c86da2ce13df90dc193e790cbef7f396
8e6ec359e0fe2e216fed935dcf85a5a4917b8fb1f136109b375bca2f91c5a04a
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
8f7beff324d5af165c3d5cec2f5d7c286d156e9e835745fefc81223b882261a0
909cc5d431192654cae6765c05dce941015e632a56ccd7afe5aff278c9d2642d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9262c9c88bc5cd458d8f31eec7b9815200df866073f01947894bfd45a6f6b0b2
959d0ee6c6e8ee63d2e85c80ec51dfebb0cca91edb58f728a4cac6863780883b
974acb9e99ac0467663ad37af1bf0ddada4ca5c4d52e67e259a231b5db90ca3e
97b66be7d96b63e66d883c7804f667f0ca57da49b538c0185223dbfd58f352b3
9a06aa84f08b4d57747e5eba867aa061deaadb4e657ca532d10e73b5a36fd73c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b7e574146adb2e34f5d1210cea786679805a648a73ac03ddab6fefaec903de3
9c419e3ada62ac8a308cf7a6967d866775a2aa78e89dd4c4698db8a429f8f85a
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
9ff66b97bd8767ce16889bf15fc6e18e59fb7e60edc88bf9ee41416d3031bd24
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0df1d7c18d1fc6fe0fc9e06d0f275906507f86fbeaba2c9c9419a847fbfe60f
a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36
a41f4da68b201f5efd2c38a69dae444d2239e2ac84da38df66329386a1184bf6
a62be457c4a1ff9390d8ad316433cad6efdaa7c9d03e8a3e87640f5b968f480d
a7cb6475b6f5847bf00c81d6be0e3b20abf11664161ba4dc0ee17c208b65d49b
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
ac3cce84cefafb37101c83a72ac6b312b5a25d6d7212de24152ab9238099847c
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b41d81bb6a0341922e7df58aa1e35e46fb5bf977487be5ca5b6a1c93798f5b13
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b79430a9de38710c84acfff45b12451f47393d89bb5acf8bc6f291ca16bc8839
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bab444449313087158cc4309707b35772c63bf8cd271e254e768a68ab5e0cc4f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bbff6da21e93893b72b875d8bda265790be4d2c5f87d0e878a8c03062e6e29fb
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bfcecf36215e5680f1efebc9390980b80342ba2a0dffbaec24a629fb3ea55a68
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
c134294eed5ed182bc80abcb7a34e4d707d75066f551976144c4d7d6e8696da5
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9ea09fb33855409e2c98193ed18564d9aa3d78d1ad7b12c791aa2353254e473
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ce52d5b385569bcdc3f93a1a49e6cb7e71dfb246acdb5bbda64975ae14da7752
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d3077a87adee5789c5860a32a6dbaea69511f79ff5d0f5b963f18b23eaf184b1
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d5d2b172bfc023bbc845e3f4f7f3c2acf2bbf689e5fe39bc048f45a8b9be6746
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73
d81b268fdb8b3a675f124894a6881b9e1d33bf528a6c391b2cc25dcabef839ef
d8802526aa9c937090fb4084afb46e55f3fab01ef9877bbbab630359957e5cf3
db9d792c9e988ead03aa9131a6a51ba7f728c8f54e590ba314a6695fa1b32fc5
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e0471f27843ee42d45cf9b749a57ec4bbc26dd40f961989ed7cfe4e0f24ea6fe
e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c
e26d9dee4c255cf0f83d2af9ed15f932345b4825496804b77a6dbed4f612c128
e35972d3a166fd4e0b780a4bedd9294664c0861c3630e031fc4bc777cb2459db
e372009b3d431ced13e472e5e55316067f6bd64dee91e8521009b8aea1cf00ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e662e37209d4ec1b6219635ce80ee5a60c3629f70a7ef3a1ac9fed423cc8c0d6
e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f230538018f9156f925bd667c6ac4f437ae4541b9d421424728592d359b499c8
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3b05a27ae27239778d00e7cd1c47d039a207fe5a09133e60202d010653fbfa7
f4b2f5a5f8825ffa47251f4420a753b27b03479ef0cff621d1abaf97ee4348ab
f5dcb054ae51bdf507ef8d80501c831b02c308acdd9420b1af4b84c0d55f0f46
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
fe59064f59041198e862abc740bf8bd187056ebeff024a554cfdcc1a08888b19

icookandpaint.com Open in urlscan Pro 162.241.216.197 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

286 Requests

89 %HTTPS

41 %IPv6

39 Domains

53 Subdomains

39 IPs

8 Countries

3816 kBTransfer

8809 kBSize

42 Cookies

5 Outgoing links

Page URL History

Redirected requests

286 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

icookandpaint.com Open in urlscan Pro
162.241.216.197 Public Scan

Screenshot
Live screenshot

Full Image

286
Requests

89 %
HTTPS

41 %
IPv6

39
Domains

53
Subdomains

39
IPs

8
Countries

3816 kB
Transfer

8809 kB
Size

42
Cookies

286 HTTP transactions
7 data transactions