kolikoweb.com Open in urlscan Pro
94.136.170.143 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://kolikoweb.com/
Submission: On December 28 via api (December 28th 2023, 8:16:26 pm UTC) from US — Scanned from DE

Summary HTTP 156 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 15 domains to perform 156 HTTP transactions. The main IP is 94.136.170.143, located in United Kingdom and belongs to UKSERVERS-AS UK Dedicated Servers, Hosting and Co-Location, GB. The main domain is kolikoweb.com.

This is the only time kolikoweb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	94.136.170.143 94.136.170.143	42831 (UKSERVERS...) (UKSERVERS-AS UK Dedicated Servers)
29	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
11	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 12	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1 4	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
6 8	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4 8	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
20	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1 2	99.80.24.194 99.80.24.194	16509 (AMAZON-02) (AMAZON-02)
1	213.202.235.9 213.202.235.9	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	2600:9000:245... 2600:9000:2450:e000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2600:1f13:800... 2600:1f13:800:7781:11d0:480:b485:ee7c	16509 (AMAZON-02) (AMAZON-02)
15	2606:4700:10:... 2606:4700:10::6816:1983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
156	24

4 94.136.170.143 (United Kingdom)

ASN42831 (UKSERVERS-AS UK Dedicated Servers, Hosting and Co-Location, GB)

kolikoweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.226 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.151.101 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.171.52 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.24.194 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-24-194.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.9 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2450:e000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f13:800:7781:11d0:480:b485:ee7c (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	640 KB
26	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 ad.doubleclick.net — Cisco Umbrella Rank: 139 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	199 KB
26	tawk.to embed.tawk.to — Cisco Umbrella Rank: 9615 va.tawk.to — Cisco Umbrella Rank: 9337	223 KB
20	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	378 KB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 900 static.adsafeprotected.com — Cisco Umbrella Rank: 602 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	103 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	5 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	5 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	63 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	258 KB
4	kolikoweb.com kolikoweb.com	91 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	39 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11353	1 KB
156	15

	Domain	Requested by
29	pagead2.googlesyndication.com	kolikoweb.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
24	tpc.googlesyndication.com	googleads.g.doubleclick.net kolikoweb.com tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
21	embed.tawk.to	kolikoweb.com embed.tawk.to
20	s0.2mdn.net	kolikoweb.com s0.2mdn.net googleads.g.doubleclick.net
12	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net kolikoweb.com
8	dt.adsafeprotected.com	googleads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	va.tawk.to	embed.tawk.to
4	ad.doubleclick.net	1 redirects kolikoweb.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net kolikoweb.com
4	kolikoweb.com	kolikoweb.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	kolikoweb.com
2	fw.adsafeprotected.com	1 redirects kolikoweb.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googleadservices.com	kolikoweb.com
2	fonts.gstatic.com	fonts.googleapis.com
1	cdn.jsdelivr.net	embed.tawk.to
1	m.exactag.com	googleads.g.doubleclick.net
156	23

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-28` - `2024-04-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2023-04-03` - `2024-05-03`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 27 frames:

Primary Page: http://kolikoweb.com/
Frame ID: 135BDEDE4F8A33C4508C91FD9D86632E
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 097EC1667CC953E6F67D2F7E9848160C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1452786187751943&output=html&adk=1812271804&adf=1573534164&lmt=1692457865&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fkolikoweb.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1703794581999&bpp=3&bdt=256&idt=199&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4938427060681&frm=20&pv=2&ga_vid=531812364.1703794582&ga_sid=1703794582&ga_hid=195356343&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31079715%2C42531705%2C44795922%2C95320885&oid=2&pvsid=4442861223456727&tmod=2107438823&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=211
Frame ID: 0E61C5B2FA6FF6EFCD61C234FDEF7CB8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1452786187751943&output=html&h=280&slotname=3806423037&adk=4092579444&adf=3025194257&pi=t.ma~as.3806423037&w=1200&fwrn=4&fwrnh=100&lmt=1692457865&rafmt=1&format=1200x280&url=http%3A%2F%2Fkolikoweb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1703794582002&bpp=2&bdt=259&idt=210&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4938427060681&frm=20&pv=1&ga_vid=531812364.1703794582&ga_sid=1703794582&ga_hid=195356343&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=309&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31079715%2C42531705%2C44795922%2C95320885&oid=2&pvsid=4442861223456727&tmod=2107438823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=212
Frame ID: BF208B7C86693DACF2E8A41153E7E2A6
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1452786187751943&output=html&h=600&slotname=7445820166&adk=2820190190&adf=655374624&pi=t.ma~as.7445820166&w=200&lmt=1692457865&format=200x600&url=http%3A%2F%2Fkolikoweb.com%2F&ea=0&wgl=1&dt=1703794582004&bpp=1&bdt=261&idt=213&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4938427060681&frm=20&pv=1&ga_vid=531812364.1703794582&ga_sid=1703794582&ga_hid=195356343&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1290&ady=391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31079715%2C42531705%2C44795922%2C95320885&oid=2&pvsid=4442861223456727&tmod=2107438823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=214
Frame ID: 9786F96C615955AE8D390B19764CEE05
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNX6HdnrR2CkZYxP199gtpRY27wIdH7dSX6VvzILyc2sP9y3BM15RPxjRqObTj49kgQytyDQf90byE-7r7YWD5yIYhQSgGl7QU46-nSZMwcYJeHG_PWNOBQelxH9A20q5Y_Iocy63KRz4cZA3YwhczDbs6YSdvn97trDS5IF2gWTdIPsAQs
Frame ID: CAE6E38625A4F8B689B16360FEBBFB26
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 7292ED529EF8AB8352A59EAAC336619F
Requests: 27 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 108675C1A63B289AED2257814E17BDD9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: FA06FD541337E55DAFC3BACA4EEE8A6F
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8B1982B452903CB815F9ED13662A48EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYjIzo4gEwAQ&v=APEucNVSwMW1v_jIYH5MCfFoTEpsbjNS3HTvRLHZABb_BxMDCv6h88lCPmDpn2t6T5zARS1t7wX-D40qUPumk6NuDIb7ks_fMgiT6wMJdKryeJo0D15iBLZ8qvEmMNk0thBVGh-Af9FlzbBpQFe4wbS20ECpmQdwFRYiuw4-dbGl0DgG4uNUYmc
Frame ID: 72FB021213AFCD362B8655723CAA7A38
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: 074B1A8D16ABF2DC2991CB44156DFCEB
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: BD074CAC47A530C9BCBA3646154CEA38
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D581459CE7A782A9725A099BF7639CF6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 974B7A65D62F1ED1B01FE7EE33DEB301
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=FdAeKvGml6&t=1&renderingType=2&ev=01_250
Frame ID: E47CE9BDC4BCA673A7933650B0FA923A
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 15D81333B9FF6C6865AD68887126E43A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
Frame ID: 66F51657E5170406E0922A2A7A6CB815
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 212462DD8EAFAEFC1FC258517ACFF4C5
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 79CDA86D80EA54C649F799CBD43DDA66
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: BA8922A01020E43B4B08010F0FE87271
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0E95CA2A484B677ECD823BD10C301E23
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B3CDE3BC4FCC9390A8A49E4B033CEF9F
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65839862293/css/min-widget.css
Frame ID: 650A3FCC4EF14536C6AE4514B37B4284
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65839862293/css/message-preview.css
Frame ID: 6451096450AA3801406F3F6BFB723AE7
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65839862293/css/bubble-widget.css
Frame ID: F1858D806205BD1E32B5596394F909B8
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65839862293/css/max-widget.css
Frame ID: 9C0A9B730CD940C1D576A9B531E50401
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kolikoweb:: Online Tools and Utilities

Detected technologies

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

156
Requests

90 %
HTTPS

61 %
IPv6

15
Domains

23
Subdomains

24
IPs

4
Countries

2003 kB
Transfer

5840 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://googleads.g.doubleclick.net/pagead/adview?ai=C74lllteNZemBF6GSid4PuOSk8Anr86iFdYXZ1M3yEc_Xor3AARABINnPliJglYKAgJQHoAHbyp6yKcgBCagDAcgDywSqBNEBT9AXDEvucOK6sOY1yiQSCWbRgs0GJJSp_NamjHtNn9U57_S9nvhNxqcYgEBTBhIlgpurGO8BpM3h2iuV9uOMMcVN9tJ9EqLc6iNEpjO4D1khI8a3SWzU6qBdLSeBSYhA7dyfkCeKUQB05RpIdSq5Gxupstq4onN8NzNy-XcGhIXGa2STtM6MRNjoy7LdMQ1m5LrhbTnpqqP0WjMd7KRKnYA92q-kpEa39AuwS83aEa4veoOScLB5VWBidiSFGI04BnD5-MbaZSnB-GMllG7UcN_ABOXRw72_BIgF6drHik2SBQQIBBgBkgUECAUYBKAGLoAHsqHN_wSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCwmgbSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WPf54Lb5soMDmgknaHR0cHM6Ly9wbGF5Lmdvb2dsZS5jb20vZ29vZ2xlcGxheWdhbWVzgAoByAsBogwUKhIKEOS0sQLutbECtbixAru7sQK4E-QD2BMKiBQB0BUBgBcBshccChoIABIUcHViLTE0NTI3ODYxODc3NTE5NDMYAA&sigh=cEGgNC3b3yI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_77Oio4bPv74ZxAhZApRoTK_OBWiSsyPKsYBuuInQf7QblPM6jXfGF2GvubbKsk98sGH0kpFQhYTthzPzocaNHd-BUztxsHQSNBgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222911265033545085119%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211111212379%22],%2222%22:[%22true%22],%224%22:[%2212-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215073531175488534241%22}&andc=true

Request Chain 30

https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B30696776.379322279;dc_trk_aid=570374401;dc_trk_cid=200742503;ord=1212850415;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B30696776.379322279;dc_pre=CIr_lrf5soMDFU79uwgds0EBXg;dc_trk_aid=570374401;dc_trk_cid=200742503;ord=1212850415;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2

Request Chain 33

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBfSjmnECsAq1M1tvdhV9xU&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBfSjmnECsAq1M1tvdhV9xU&google_cver=1&C=1

Request Chain 34

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY3Xl.EVqgzFS2pJRdENbAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxGqYJHxNbEvumajgG0afQ&google_cver=1&google_hm=2

Request Chain 35

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEF8-bo1b-evFCvNRwjNAqMU&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEF8-bo1b-evFCvNRwjNAqMU%26google_cver%3D1

Request Chain 36

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEyNTY3MTM5MTA1MDE5ODUw

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxGqYJHxNbEvumajgG0afQ&google_cver=1

Request Chain 68

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY3Xl0D8vhVdHFGq-PSOXQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxGqYJHxNbEvumajgG0afQ&google_cver=1

Request Chain 69

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEElpCDr5vqWLL2bF9oUOQ3U&google_cver=1

Request Chain 70

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEyNTY3MTM5MTA1MDE5ODUw

Request Chain 71

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 102

https://fw.adsafeprotected.com/rfw/st/990511/61634098/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-1452786187751943&ias_chanId=1&ias_placementId=20338656462&bidurl=http://kolikoweb.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h2qW4TRSiA3LtnRZcy4jIz&adContainerId=brand_safety_l9eNZfjsDvX9x_AP166buAo&cbFunctionName=goog_wrapCb_l9eNZfjsDvX9x_AP166buAo&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Fkolikoweb.com&adsafe_type=g&adsafe_url=http%3A%2F%2Fkolikoweb.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-1452786187751943%26output%3Dhtml%26h%3D600%26slotname%3D7445820166%26adk%3D2820190190%26adf%3D655374624%26pi%3Dt.ma~as.7445820166%26w%3D200%26lmt%3D1692457865%26format%3D200x600%26url%3Dhttp%253A%252F%252Fkolikoweb.com%252F%26ea%3D0%26wgl%3D1%26dt%3D1703794582004%26bpp%3D1%26bdt%3D261%26idt%3D213%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%26nras%3D1%26correlator%3D4938427060681%26frm%3D20%26pv%3D1%26ga_vid%3D531812364.1703794582%26ga_sid%3D1703794582%26ga_hid%3D195356343%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D1290%26ady%3D391%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C95320239%252C31079715%252C42531705%252C44795922%252C95320885%26oid%3D2%26pvsid%3D4442861223456727%26tmod%3D2107438823%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CleE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D23%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D214&adsafe_type=bed&adsafe_jsinfo=,id:1f75056f-42d4-04e6-f453-ef5134057d9d,c:y814Ld,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765c58974b-jmrbl,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:tZLCrdV+11%7C12%7C131%7C141*.990511-61634098%7C1411%7C1412%7C1413%7C1511%7C1512%7C1611%7C1612%7C1613,idMap:141*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:12,oid:f8ae2bfc-a5bd-11ee-94c0-e259c6890bc0,v:19.8.466,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_l9eNZfjsDvX9x_AP166buAo&cbFunctionName=goog_wrapCb_l9eNZfjsDvX9x_AP166buAo&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js

156 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
kolikoweb.com/ 4 KB
2 KB 493ms
64ms Document
text/html 94.136.170.143
UKSERVERS-AS UK D...

General

Check archive.org

Show headers Download Go to

Full URL: http://kolikoweb.com/
Protocol: HTTP/1.1
Server: 94.136.170.143 , United Kingdom, ASN42831 (UKSERVERS-AS UK Dedicated Servers, Hosting and Co-Location, GB),
Reverse DNS
Software: Apache /
Resource Hash: 964cc009d8dd7a47c29d8ab48496fbef1ebb2c7d61196b1edcff96487bb49b66

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: none
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1674
Content-Type: text/html
Date: Thu, 28 Dec 2023 20:16:21 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Sat, 19 Aug 2023 15:11:05 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H/1.1 200
OK style.css
kolikoweb.com/ 4 KB
2 KB 53ms
53ms Stylesheet
text/css 94.136.170.143
UKSERVERS-AS UK D...

General

Check archive.org

Show headers Download Go to

Full URL: http://kolikoweb.com/style.css
Requested by: Host: kolikoweb.com
URL: http://kolikoweb.com/
Protocol: HTTP/1.1
Server: 94.136.170.143 , United Kingdom, ASN42831 (UKSERVERS-AS UK Dedicated Servers, Hosting and Co-Location, GB),
Reverse DNS
Software: Apache /
Resource Hash: be142fda1953af62ec53073b4f73a6ea5a8354f1966071271d1c930176946b2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://kolikoweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 20:16:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Apr 2023 21:04:38 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: none
Keep-Alive: timeout=5, max=99
Content-Length: 1486

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 208ms
69ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1452786187751943

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed4f54431105084a31a3a495352d6976751d6645dc7ab5cfd388a6a03c79f13a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kolikoweb.com/
Origin: http://kolikoweb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51382
x-xss-protection: 0
server: cafe
etag: 13313643658527855507
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 28 Dec 2023 20:16:21 GMT

GET
H/1.1 200
OK under-construction.jpg
kolikoweb.com/ 87 KB
87 KB 82ms
43ms Image
image/jpeg 94.136.170.143
UKSERVERS-AS UK D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://kolikoweb.com/under-construction.jpg
Requested by: Host: kolikoweb.com
URL: http://kolikoweb.com/
Protocol: HTTP/1.1
Server: 94.136.170.143 , United Kingdom, ASN42831 (UKSERVERS-AS UK Dedicated Servers, Hosting and Co-Location, GB),
Reverse DNS
Software: Apache /
Resource Hash: 3ef59049e3faf826e42c35dc2d998f7126d0a71c286c34ec9de015846cdc99e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://kolikoweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 20:16:21 GMT
Last-Modified: Thu, 27 Apr 2023 21:04:39 GMT
Server: Apache
ETag: "15a79-5fa57b46c5544"
Vary: User-Agent
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 88697

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 236ms
98ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c857980841f706811ab24d5a44632e05602c69283aab30da92fcfc7634d73ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://kolikoweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51375
x-xss-protection: 0
server: cafe
etag: 1825381647750760310
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 20:16:21 GMT

GET
H2 200 1fkmp50aj Show response
embed.tawk.to/6194e1ea6885f60a50bc3571/ 2 KB
932 B 558ms
478ms Script
application/x-javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/6194e1ea6885f60a50bc3571/1fkmp50aj

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d0ab9915087fb52455cc3783891afcbd720bdae148cb768b87f6d946825490c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://kolikoweb.com/
Origin: http://kolikoweb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:22 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
server: cloudflare
etag: W/"stable-v4-65839862293"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 83cc7b08dbdb916a-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK bar1.png
kolikoweb.com/ 110 B
395 B 48ms
48ms Image
image/png 94.136.170.143
UKSERVERS-AS UK D...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://kolikoweb.com/bar1.png
Requested by: Host: kolikoweb.com
URL: http://kolikoweb.com/style.css
Protocol: HTTP/1.1
Server: 94.136.170.143 , United Kingdom, ASN42831 (UKSERVERS-AS UK Dedicated Servers, Hosting and Co-Location, GB),
Reverse DNS
Software: Apache /
Resource Hash: bc1ab6d17de6a7f53e8c7c4d642f5e16875437e5824dd90e7bc732940e2988df

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://kolikoweb.com/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 20:16:21 GMT
Last-Modified: Thu, 27 Apr 2023 21:04:35 GMT
Server: Apache
ETag: "6e-5fa57b42bd3e0"
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 110

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 99ms
93ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1452786187751943&plah=kolikoweb.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1452786187751943

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b11981cd32054bfea7caae6253fd067cee1c59a21ba2e890f015efe40b3b98c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://kolikoweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137960
x-xss-protection: 0
server: cafe
etag: 9372872640786263359
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 20:16:22 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 097E 9 KB
4 KB 67ms
20ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1452786187751943

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kolikoweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23204
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 13:49:38 GMT
etag: 5585625838579639069
expires: Thu, 11 Jan 2024 13:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0E61 345 KB
92 KB 742ms
742ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1452786187751943&output=html&adk=1812271804&adf=1573534164&lmt=1692457865&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fkolikoweb.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1703794581999&bpp=3&bdt=256&idt=199&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4938427060681&frm=20&pv=2&ga_vid=531812364.1703794582&ga_sid=1703794582&ga_hid=195356343&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31079715%2C42531705%2C44795922%2C95320885&oid=2&pvsid=4442861223456727&tmod=2107438823&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=211

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1452786187751943&plah=kolikoweb.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9b65da49808d902df196c5d66cd0fd348e352ec0b29a073b48b30119d47ce74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kolikoweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 94462
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 20:16:22 GMT
expires: Thu, 28 Dec 2023 20:16:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BF20 122 KB
40 KB 587ms
586ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1452786187751943&output=html&h=280&slotname=3806423037&adk=4092579444&adf=3025194257&pi=t.ma~as.3806423037&w=1200&fwrn=4&fwrnh=100&lmt=1692457865&rafmt=1&format=1200x280&url=http%3A%2F%2Fkolikoweb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1703794582002&bpp=2&bdt=259&idt=210&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4938427060681&frm=20&pv=1&ga_vid=531812364.1703794582&ga_sid=1703794582&ga_hid=195356343&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=309&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31079715%2C42531705%2C44795922%2C95320885&oid=2&pvsid=4442861223456727&tmod=2107438823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=212

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b5da78867230965f7ff85a94ee12107a826e89479b85ef7475ee83f0520f181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kolikoweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41082
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 20:16:22 GMT
expires: Thu, 28 Dec 2023 20:16:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9786 25 KB
10 KB 781ms
780ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1452786187751943&output=html&h=600&slotname=7445820166&adk=2820190190&adf=655374624&pi=t.ma~as.7445820166&w=200&lmt=1692457865&format=200x600&url=http%3A%2F%2Fkolikoweb.com%2F&ea=0&wgl=1&dt=1703794582004&bpp=1&bdt=261&idt=213&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4938427060681&frm=20&pv=1&ga_vid=531812364.1703794582&ga_sid=1703794582&ga_hid=195356343&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1290&ady=391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31079715%2C42531705%2C44795922%2C95320885&oid=2&pvsid=4442861223456727&tmod=2107438823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=214

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdb9b4abba43ee2f0d1a417746b1f8dd2117bb108f81298fedb7b22b1da3ef83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kolikoweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10547
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 20:16:22 GMT
expires: Thu, 28 Dec 2023 20:16:22 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame BF20 4 KB
1 KB 133ms
32ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1452786187751943&output=html&h=280&slotname=3806423037&adk=4092579444&adf=3025194257&pi=t.ma~as.3806423037&w=1200&fwrn=4&fwrnh=100&lmt=1692457865&rafmt=1&format=1200x280&url=http%3A%2F%2Fkolikoweb.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1703794582002&bpp=2&bdt=259&idt=210&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4938427060681&frm=20&pv=1&ga_vid=531812364.1703794582&ga_sid=1703794582&ga_hid=195356343&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=309&ady=50&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31079715%2C42531705%2C44795922%2C95320885&oid=2&pvsid=4442861223456727&tmod=2107438823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=212

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 20:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 19:11:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 20:16:22 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BF20 2 KB
875 B 122ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame BF20 23 KB
9 KB 122ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 23:00:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BF20 3 KB
1 KB 127ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 15:59:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BF20 20 KB
9 KB 117ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF20 203 KB
65 KB 127ms
30ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 20:16:22 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame BF20 37 KB
16 KB 116ms
20ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 13:56:43 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2503842175792395934/ Frame BF20 27 KB
27 KB 131ms
37ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2503842175792395934/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f281b9e96b576688d25ad98ede875be30dd5828459a6d820cdb85875220545d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 25 Dec 2024 09:54:49 GMT
date: Tue, 26 Dec 2023 09:54:49 GMT
x-content-type-options: nosniff
age: 210093
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27543
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 08:39:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/2966731929940662849/ Frame BF20 2 KB
2 KB 143ms
49ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2966731929940662849/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

277ee42098cf65f9ff4e350a523bb1f0e6958f3a1a2faac0170758afdd24a7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 25 Dec 2024 05:13:40 GMT
date: Tue, 26 Dec 2023 05:13:40 GMT
x-content-type-options: nosniff
age: 226962
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2361
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 11:50:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame BF20 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d977f2e123c0a98ba3312d919a44f700610b1563d7df607ca0d07b8479663a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CAE6 624 B
246 B 61ms
60ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNX6HdnrR2CkZYxP199gtpRY27wIdH7dSX6VvzILyc2sP9y3BM15RPxjRqObTj49kgQytyDQf90byE-7r7YWD5yIYhQSgGl7QU46-nSZMwcYJeHG_PWNOBQelxH9A20q5Y_Iocy63KRz4cZA3YwhczDbs6YSdvn97trDS5IF2gWTdIPsAQs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1452786187751943&output=html&h=600&slotname=7445820166&adk=2820190190&adf=655374624&pi=t.ma~as.7445820166&w=200&lmt=1692457865&format=200x600&url=http%3A%2F%2Fkolikoweb.com%2F&ea=0&wgl=1&dt=1703794582004&bpp=1&bdt=261&idt=213&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4938427060681&frm=20&pv=1&ga_vid=531812364.1703794582&ga_sid=1703794582&ga_hid=195356343&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1290&ady=391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31079715%2C42531705%2C44795922%2C95320885&oid=2&pvsid=4442861223456727&tmod=2107438823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=214

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1452786187751943&output=html&h=600&slotname=7445820166&adk=2820190190&adf=655374624&pi=t.ma~as.7445820166&w=200&lmt=1692457865&format=200x600&url=http%3A%2F%2Fkolikoweb.com%2F&ea=0&wgl=1&dt=1703794582004&bpp=1&bdt=261&idt=213&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4938427060681&frm=20&pv=1&ga_vid=531812364.1703794582&ga_sid=1703794582&ga_hid=195356343&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1290&ady=391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31079715%2C42531705%2C44795922%2C95320885&oid=2&pvsid=4442861223456727&tmod=2107438823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=214
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 20:16:23 GMT
expires: Thu, 28 Dec 2023 20:16:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7292 89 KB
31 KB 181ms
179ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 20:16:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7292 3 KB
1 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 15:59:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7292 20 KB
8 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7292 203 KB
64 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 20:16:23 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7292 42 B
63 B 58ms
57ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cwgg-Tbp9S04MN_UI8mfX73JkIRGy66Jj3dV_fA7Je2lqdpBxgcJkh2-NiLGuyQy6juFr1_gEB_Uubls6XxrfdUgNbpPbWuhG4wdDy4YA6kwsvweo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BF20 16 KB
16 KB 79ms
29ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:38:05 GMT
x-content-type-options: nosniff
age: 268698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Dec 2024 17:38:05 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame BF20 15 KB
16 KB 73ms
23ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 08:54:09 GMT
x-content-type-options: nosniff
age: 213734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 08:54:09 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame BF20
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C74lllteNZemBF6GSid4PuOSk8Anr86iFdYXZ1M3yEc_Xor3AARABINnPliJglYKAgJQHoAHbyp6yKcgBCagDAcgDywSqBNEBT9AXDEvucOK6sOY1yiQSCWbRgs0GJJSp_NamjHtNn9U57_S...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222911265033545085119%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22...

0
0

104ms
55ms

Fetch
text/css

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222911265033545085119%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211111212379%22],%2222%22:[%22true%22],%224%22:[%2212-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215073531175488534241%22}&andc=true

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:23 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2911265033545085119","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11111212379"],"22":["true"],"4":["12-28"],"6":["true"]},"priority":"500","source_event_id":"15073531175488534241"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 28 Dec 2023 20:16:23 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 28 Dec 2023 20:16:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2911265033545085119","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11111212379"],"22":["true"],"4":["12-28"],"6":["true"]},"priority":"500","source_event_id":"15073531175488534241"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

B30696776.379322279;dc_pre=CIr_lrf5soMDFU79uwgds0EBXg;dc_trk_aid=570374401;dc_trk_cid=200742503;ord=1212850415;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_t...
ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/ Frame BF20
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B30696776.379322279;dc_trk_aid=570374401;dc_trk_cid=200742503;ord=1212850415;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B30696776.379322279;dc_pre=CIr_lrf5soMDFU79uwgds0EBXg;dc_trk_aid=570374401;dc_trk_cid=200742503;ord=1212850415;dc_lat=;dc_rd...

42 B
246 B

46ms
44ms

Image
image/gif

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B30696776.379322279;dc_pre=CIr_lrf5soMDFU79uwgds0EBXg;dc_trk_aid=570374401;dc_trk_cid=200742503;ord=1212850415;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B30696776.379322279;dc_pre=CIr_lrf5soMDFU79uwgds0EBXg;dc_trk_aid=570374401;dc_trk_cid=200742503;ord=1212850415;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?&cbvp=2
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 86ms
82ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41448ce4891ad73962363ab2f22c05a38d45c057a987752611ae74cbb29b49e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://kolikoweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56012
x-xss-protection: 0
server: cafe
etag: 7719666273244323917
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 20:16:23 GMT

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 1086 50 KB
19 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 196027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 13:49:16 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame CAE6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBfSjmnECsAq1M1tvdhV9xU&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBfSjmnECsAq1M1tvdhV9xU&google_cver=1&C=1

43 B
337 B

74ms
61ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBfSjmnECsAq1M1tvdhV9xU&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNX6HdnrR2CkZYxP199gtpRY27wIdH7dSX6VvzILyc2sP9y3BM15RPxjRqObTj49kgQytyDQf90byE-7r7YWD5yIYhQSgGl7QU46-nSZMwcYJeHG_PWNOBQelxH9A20q5Y_Iocy63KRz4cZA3YwhczDbs6YSdvn97trDS5IF2gWTdIPsAQs
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdxWZB6PcXhO%2FDdTl6wZVgF%2BWwPES2ow6StHQVWbQjOnzRcPTyJQZOz0ShFj6r2fYJplDXOXfVniZyQe2zTOQJZ6L8fmsKuEf3JvABXRCmeSs1MupgIu0DVjJhde3DdcyiiSZxWTiXbzkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83cc7b118c6e4480-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mqqse1rxDGtoI1anjcL4c1xC5ZRgTawhfVBTJMN6vDq8fnqVbiznNXNJACbCwv2AIrRLASpv7RhGe8IrwcbPQBrjEWElSjOBMhCj7y4VFBFDkFwyBSgG0eLKJhN2FzXVLKNaVjqEsquHwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEBfSjmnECsAq1M1tvdhV9xU&google_cver=1&C=1
cache-control: no-cache
cf-ray: 83cc7b111b2f4480-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame CAE6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY3Xl.EVqgzFS2pJRdENbAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxGqYJHxNbEvumajgG0afQ&google_cver=1&google_hm=2

43 B
736 B

75ms
74ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxGqYJHxNbEvumajgG0afQ&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNX6HdnrR2CkZYxP199gtpRY27wIdH7dSX6VvzILyc2sP9y3BM15RPxjRqObTj49kgQytyDQf90byE-7r7YWD5yIYhQSgGl7QU46-nSZMwcYJeHG_PWNOBQelxH9A20q5Y_Iocy63KRz4cZA3YwhczDbs6YSdvn97trDS5IF2gWTdIPsAQs
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fx9GurmbyoeCjvS0CX0e%2FvD0qiIy5FgoYIRMUKfAMwRUHpDU0ZrGaiXBVjf4cP%2Fk%2BfRxkLrOr0QqSgX5%2FSvzoMGDQeMqz2vEz1u5DCi9cO8nKluyo1cHaVB19iVXfl6UMqjvIl3KD8pgVg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83cc7b120d8d4480-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxGqYJHxNbEvumajgG0afQ&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame CAE6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEF8-bo1b-evFCvNRwjNAqMU&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEF8-bo1b-evFCvNRwjNAqMU%26google_cver%3D1

43 B
889 B

38ms
36ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEF8-bo1b-evFCvNRwjNAqMU%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNX6HdnrR2CkZYxP199gtpRY27wIdH7dSX6VvzILyc2sP9y3BM15RPxjRqObTj49kgQytyDQf90byE-7r7YWD5yIYhQSgGl7QU46-nSZMwcYJeHG_PWNOBQelxH9A20q5Y_Iocy63KRz4cZA3YwhczDbs6YSdvn97trDS5IF2gWTdIPsAQs

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
an-x-request-uuid: 0943012e-c91e-4995-9a69-2479c78c2bd4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.25; 217.114.218.25; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
an-x-request-uuid: 86cff1fd-da49-4dd4-8abf-9c473f21fe71
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEF8-bo1b-evFCvNRwjNAqMU%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.25; 217.114.218.25; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CAE6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEyNTY3MTM5MTA1MDE5ODUw

170 B
243 B

35ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEyNTY3MTM5MTA1MDE5ODUw

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
an-x-request-uuid: c30b71d1-cd0c-4c31-b83e-db14ff79ba44
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEyNTY3MTM5MTA1MDE5ODUw
x-proxy-origin: 217.114.218.25; 217.114.218.25; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 113ms
56ms Preflight
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 28 Dec 2023 20:16:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame FA06 9 KB
4 KB 22ms
22ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kolikoweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57556
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:17:07 GMT
etag: 5585625838579639069
expires: Thu, 11 Jan 2024 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 8B19 9 KB
4 KB 25ms
25ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kolikoweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57556
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:17:07 GMT
etag: 5585625838579639069
expires: Thu, 11 Jan 2024 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame FA06 4 KB
767 B 36ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 20:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 19:58:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 20:16:23 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FA06 205 B
519 B 29ms
22ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:12:33 GMT
x-content-type-options: nosniff
age: 36230
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 27 Dec 2024 10:12:33 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame FA06 604 B
695 B 29ms
23ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:13:33 GMT
x-content-type-options: nosniff
age: 68570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 27 Dec 2024 01:13:33 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame FA06 16 KB
7 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:43 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame FA06 22 KB
9 KB 27ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 10:17:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 10:17:44 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 72FB 624 B
242 B 64ms
63ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYjIzo4gEwAQ&v=APEucNVSwMW1v_jIYH5MCfFoTEpsbjNS3HTvRLHZABb_BxMDCv6h88lCPmDpn2t6T5zARS1t7wX-D40qUPumk6NuDIb7ks_fMgiT6wMJdKryeJo0D15iBLZ8qvEmMNk0thBVGh-Af9FlzbBpQFe4wbS20ECpmQdwFRYiuw4-dbGl0DgG4uNUYmc

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 20:16:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 074B 172 KB
61 KB 97ms
21ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73639
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Dec 2023 23:49:04 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 074B 7 KB
3 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 02:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63177
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 02:43:26 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 074B 23 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 20:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84803
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 20:43:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 074B 41 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 526275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 18:05:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 074B 3 KB
1 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 15:59:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 074B 20 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 074B 203 KB
64 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 20:16:23 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 074B 42 B
63 B 61ms
61ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Apst-JjgyhHsTfpdNz3BteiKuJqXgwXHBleIJuyRgWIQ1V22z6nvULwuFfWm9lHikCKf4eD54n9POVLllewr0mlj_aJo5yAuq08r-R6GE31Sghx1I

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7292 0
20 B 58ms
58ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=904203574675&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7292 0
20 B 59ms
58ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=904203574675&version=m202309260101&ct=76&x=1&cor=13185964485049248000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7292 107 KB
41 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DG8_yXEzUnfDMOxt4_lOIbLvpcgQM2YyeNhwsVnP6naMB-N2U-jqI4BwtvWAlMQwk2YkXQTSAGINoc7E6w4xsPPgK5edRV6Q6v47orXfowvaeByhL9S0mx3PFWeBv1u1xIJT4PhTqEJqttXKipswzc-aaa-pI-q2hyUTF_d9wgmxnavuo&dbm_d=AKAmf-DOuoI05prtCV9e4gP7Ln7Ihe0XBuZUBAnSuMLP76EXRp1OIaji0ShyW3nnXHGGkjEzrswE-xUzxT5GwLbxP8WLsaWfeWDaq-IxCnlxGLYK44RGRo9Z1_Z1CWV17pO4wQuXZSsIjCGABwBP-o0S0MfBNd5kwfO1BiK6zuoPBT6v_Ug084BzTjd2sGVTr4YAGrMm815c0CcFiNQzHuJMbbebtsv34CRXYqdjrlGx4JAicauvBPndit7KV0-Cr_fG5yL3rvxdn4JJEeya7skhtmNjnDZGXtwojeidJVtJtOW170Ly6w-0tAw8xWkLmRCexNnBiBzNsNOlrXei770X8U58TMK5CsKroWkj7heyjYSzK7NiRwNFQSc2HSlROQpDZrw-l0VuZN8IgZjmcNgonVRhSraKWb3NgLHI59MLXBXXRQ8CRju7nGsN7b9Pclie8kRD3jMv_0NXH3-Xm444hyGn6uwJ3AfjKwK3NG-K14iSjC1p3in_ajwiWl4MM5YTpNRoLG9wb71u1JTdP4vfJUvDy03HkCWfcNOM5l9FY5JoJkFYeZW-DOVKBMfud3ezzLw77pz8MA68JGt1ugv37a-GIBNa0PVfg_GKvmBaobB8UMXVqgYqeEKhhHgj-CDIUcCloRi5dsOoDBgEDVluiu58sMBE-99AJqpkxP_cjNfWrDmF7np1GBSnw2j0Eor0gX_L3K3F0aiUUY3cb8KBLo0YxSkcJKSi7oavh-Reuygus7fOZaHa9bJ7YJPKXMca7Z_KBEQ8AE5m9wSlNwECxQ1AvNf_iThcoyb5XR_u0hUXft3sLyOT8NaXG34iqu7VbTgWrUCRjd6orr8vowGRJP5iiZ8V_EZV5-caEKUoNATMB1BRd9Q2gOMtYC-TDt21ZG1pOMHo45nNm9c9dZO9ERnvBVrAJ8q5chhbh-CRrS6sbKrsSo2n8KaRlg91AVyIHWOrjbs7RimoLJwBWGhskMIJn6xITHWU9SYmWvzUJiAEgqkolnpAcmN8cpVQX9517CyxLCjfUaa3N3eezvDVi5fHHBSsc_IAuDrOoOHiz31dTDVOrRNPd7YN76QREwCvaDfxO3dpoggDEPzS5cSEocf0I66RI32yOJZXGlb4eHVT1OjC7O786UdaXz2UU8nrxyUfVInprLPg782HLZtLiEkOiI3Jc4aZs2WpzudhieVbR3ZbWMr2AMXaHjOQqi6KXITegPFAt2RnqmeGB9mSKPzcCASIkXG6Bx1cgC2WywTE3IeXcapnzzutEz9QrcyFEBs8-kakh-35FXdMhOiRrH3rd5aYbqgPTWwICcDCbC9k647Kjj40vKAlW1rTobnnfPMhGG8dlwGxslfTtifbLFtqiAGFmoAfYiS3cmdwpYhPbs6_o-d6tttRsW7WliMrIr8RmOw5AUoTljf_LpZ1CG5OBOJyxpkI2erN5Tnw9zIg7phKR2RqFcVs3nylwoweCAOb0Ab-Iq2BePPqWdZD_eONt42lovKSeVH0tlHZkocrmDDkEUAF0bSHq9Os8QqV8WabEin22MSySG6f0Z9kq6X634UNwYDHs5T8rerFe_Hobuu7aPSWqddZ4Rm-wz_U6bIZTSFYdVLRlLDeOKm23Yan_ZnX5gCfnlC7NjA9s1wRK31FP8CLdwZYtZg04h096bfW-O7DPHOTgPGQ1oNJUXLDOzriqa6zDsT7dhw6WqxLES34iDSya_L_Vsp1iGBNks1-6pd2pHrQGxFti3bJTwCOMt6Fsxd70yIlb03iYZnp2xWTEMGXtBmEUg1-QpidxcX83SKrLoVlU6c6mGS0aEhJbrcISFb5JyQqN9dpZ1RlPOTqXx2UF8RHosxTcFr2jNHgJiMu7hhFXQNYvrg3nRcOQpw0vQ3J3gaurecAVqe74kNGa-9sGUftR6WpOL72nkuImsVPm6DZBsILHqCt63JplztttXtFb4f54MuUZB_7hMfEywIjlUNt7oLM88eHZ9xF2ncqFJNgVwVkgKAr0OLeMx8S5Fj31ZoaHgHQHfuxn2tk5_LohLh2qVCyHHbLi4u9HP00-ebbMaMN-J01ek8WiBSzI2SMYHXINMCHeIQOM1Dz4SXQlFek369Bh9209X2ZdyNJtfLiRF9KGQmmGAwJvucbDwrdRrbJEeEi5xQgG41OZefbvqejis44qa5ZVE0AgYT1n5jF2RzTV_BHjm3Tvl0UWA0McemkwBOIVmCaK00cb8HNK_WZoZKEk3g6IAiSWVqKSlplTkDW7Edkcv_GS0bQVTQUc-R2AB5yI_F7kjfJPaHQ6JdQSJi_LXXoyKHCbxnkdy1Xcv3eBX4pSvlO8e8Z0gV6Co2I7Eou0OD7qvjVUgcoHoKuAVYmgI0TEireLzfIH-tk3VJzGO5H7Or6OH8jeFI-bizzgqv0TQQSjxeKqb_RM9_JLunzwSApOVR0znW1oKZrSICs7wu7uEwe5VpLTAveKQNw2XWrf2oujIJ6QeQTc6eH7PHbjXd2jDh9z-N7dTqzR2qCXFQwtSr0qEIsr4QyA0APBxYGJiwqaGqjqUEdgEQxRIQfyUOWrGbyHBAEKors_rQxINcEgwuaU6Q8z8wfNhI2T2bdnthKYZDBep7weLJPfgHZGWdH23j0KGQNC4ksrAiwXgg130_ED4jBZI7UVs331At23eG4Fe15T7HGCo12dJpgXO5MNZySouqF5ua512c-vzss7Q601Q5oYJiz6PZLTzwxjc6aS-ihL1iIpYfIMwuCHtB1IoUMCL15RrsyFj1TekgaUSlQjPwxCyNirgGt7XB_dCUcfmb6adioX_67t5-4WrtokMJilLqy0sHTtMEymDIc6tet9kv2G9COh7gV5YzM3SeDGXKKZrkZhAv00IYshNZ74HmKz2QE2bs7bdIbWngRq516qDylkvf58KYeb4WxfJmcuI0i4cfk3og5-y8Ig_ef_QIyDMBqZsIdgLgaC8cIWyFRXqjwNFPQeAI3YdhZBQqmgpse8IvpIFbLxha5LlHBRzQPS86Z8RLpRGKohBrUkHsGOTKwxzFFpwFgZvTXPVl9Vq3UjzHXA7oWBJAyJh-5HUX_m8a9nPVoUaKnenKfNMO7WQcRatZ6owXC0GEwpbLBcAU1AOZU6e-_CpXVcEI3Nq_0wOqX6BAcsSPce9n8GZE-bL5M0R-T413vGLxzYKvNhXd5jw2gU-WfRqZ5pEY-ULYImbQbwStJeberCubFsMTDjaiGFLx3LkSyhrL8YnL5FMVH527YN3ZJ_g280gkPkCcSatE54D8LRjh6it-ZmDxc3TyCAr8k4XJ8IAAFsmXd5d0ZZXiq5fdgMTYHPcSAGIVD_VxPHsd5Lymh3CokfHUSL22V_fVocVNdlEJ8OYNbnJHdh2SB_qeVBO76w3RHIgJBBpa-OQWPV-1sAgLkHLKrojFR4HK2kaG812ss445h1VFslWDCdFjIkpcz49CUku1ghnGYoyZKrfFL-K9MScCrPPCz6_qFCFyj-5l4bAb_ehYDnkGgH8hbMX1-EDQuIyYmRtmlXUsRnn5sevtyqPZLXboX35Hwjhh2bvPhpC0PTOa1d3s&cid=CAQSTgAvHhf_W298XMgIYMZvPZxTSQV2U27nBnEcyJ-2hhTfR-SUFaHmODXWXMaWG_f3ehD_4HfUx66puRHtm-E9zx614745pzITz_Hsn01uQBgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fkolikoweb.com%2F&ds=l&xdt=1&iif=1&cor=13185964485049248000&adk=497053792&idt=188&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d439dc3208ae77f3e35048084730a1a0c7134a0e685a1bc57fff0b043889ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1452786187751943&output=html&h=600&slotname=7445820166&adk=2820190190&adf=655374624&pi=t.ma~as.7445820166&w=200&lmt=1692457865&format=200x600&url=http%3A%2F%2Fkolikoweb.com%2F&ea=0&wgl=1&dt=1703794582004&bpp=1&bdt=261&idt=213&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4938427060681&frm=20&pv=1&ga_vid=531812364.1703794582&ga_sid=1703794582&ga_hid=195356343&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1290&ady=391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31079715%2C42531705%2C44795922%2C95320885&oid=2&pvsid=4442861223456727&tmod=2107438823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41786
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BD07 14 KB
1 KB 34ms
28ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 20:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 19:38:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 20:16:23 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BD07 2 KB
822 B 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame BD07 23 KB
9 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 23:00:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D581 143 B
166 B 23ms
22ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 19:29:38 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BD07 3 KB
1 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 15:59:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame BD07 20 KB
8 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:19 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BD07 203 KB
64 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 20:16:23 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame BD07 37 KB
15 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 13:56:43 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 974B 38 KB
13 KB 24ms
24ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 210665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 09:45:18 GMT
expires: Wed, 25 Dec 2024 09:45:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 074B 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fd1b9f82ac7a5415d73ec1144770b89242c46469aeb3d99045ecc877de041a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 72FB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxGqYJHxNbEvumajgG0afQ&google_cver=1

43 B
771 B

96ms
95ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxGqYJHxNbEvumajgG0afQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYjIzo4gEwAQ&v=APEucNVSwMW1v_jIYH5MCfFoTEpsbjNS3HTvRLHZABb_BxMDCv6h88lCPmDpn2t6T5zARS1t7wX-D40qUPumk6NuDIb7ks_fMgiT6wMJdKryeJo0D15iBLZ8qvEmMNk0thBVGh-Af9FlzbBpQFe4wbS20ECpmQdwFRYiuw4-dbGl0DgG4uNUYmc
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkLtfo7z8GNrBf%2FRapeK6O4MDigYYjZaeVHXNWV69k8ZYdNfsXrqSsfPb7XlCdQ3%2FpBSZCVTGNwx35V8ZkzVzSZIcD4MR0iEjRyDx8i6UrMhzTTqYIsPjdtArJCOqaNjNn%2FIF3tCoMQzlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83cc7b11cd1c4480-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxGqYJHxNbEvumajgG0afQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 72FB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY3Xl0D8vhVdHFGq-PSOXQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxGqYJHxNbEvumajgG0afQ&google_cver=1

43 B
738 B

63ms
62ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxGqYJHxNbEvumajgG0afQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYjIzo4gEwAQ&v=APEucNVSwMW1v_jIYH5MCfFoTEpsbjNS3HTvRLHZABb_BxMDCv6h88lCPmDpn2t6T5zARS1t7wX-D40qUPumk6NuDIb7ks_fMgiT6wMJdKryeJo0D15iBLZ8qvEmMNk0thBVGh-Af9FlzbBpQFe4wbS20ECpmQdwFRYiuw4-dbGl0DgG4uNUYmc
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4cz%2B8HCCbDBZ%2Fm8L8m37oxPhmG0peULuO%2FfcEcz2ulDHCtY6I4b83Th5aaQPqF%2BCTo%2B6THWnEYC1b8JehTHJCxyQEMQ1IvwAquYMnYLw8hGrQkp3UMBvOVvNSbw%2BHR9tjdt4vi8ybYZkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83cc7b124e124480-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECxGqYJHxNbEvumajgG0afQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 72FB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEElpCDr5vqWLL2bF9oUOQ3U&google_cver=1

43 B
840 B

34ms
34ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEElpCDr5vqWLL2bF9oUOQ3U&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYjIzo4gEwAQ&v=APEucNVSwMW1v_jIYH5MCfFoTEpsbjNS3HTvRLHZABb_BxMDCv6h88lCPmDpn2t6T5zARS1t7wX-D40qUPumk6NuDIb7ks_fMgiT6wMJdKryeJo0D15iBLZ8qvEmMNk0thBVGh-Af9FlzbBpQFe4wbS20ECpmQdwFRYiuw4-dbGl0DgG4uNUYmc

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
an-x-request-uuid: 24d9d063-26e8-496c-94e6-b8459dd7dbc5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.25; 217.114.218.25; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEElpCDr5vqWLL2bF9oUOQ3U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 72FB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEyNTY3MTM5MTA1MDE5ODUw

170 B
188 B

33ms
33ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEyNTY3MTM5MTA1MDE5ODUw

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
an-x-request-uuid: 5d52b793-c024-462f-bf7e-824edd1118be
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODEyNTY3MTM5MTA1MDE5ODUw
x-proxy-origin: 217.114.218.25; 217.114.218.25; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D581
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

29ms
29ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 20:16:23 GMT
expires: Thu, 28 Dec 2023 20:16:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 20:16:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 974B 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Dec 2024 15:59:50 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634098/ Frame 7292 256 KB
77 KB 179ms
53ms Script
application/javascript 99.80.24.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634098/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-1452786187751943&ias_chanId=1&ias_placementId=20338656462&bidurl=http://kolikoweb.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h2qW4TRSiA3LtnRZcy4jIz
Requested by: Host: kolikoweb.com
URL: http://kolikoweb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.24.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-24-194.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: f0a0c6031a717d60e2bf3e1eff250678510af8b68af2f27aab5f9c7eb3969ec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7292 111 KB
39 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 20:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84585
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Dec 2023 20:46:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 7292 11 KB
4 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DG8_yXEzUnfDMOxt4_lOIbLvpcgQM2YyeNhwsVnP6naMB-N2U-jqI4BwtvWAlMQwk2YkXQTSAGINoc7E6w4xsPPgK5edRV6Q6v47orXfowvaeByhL9S0mx3PFWeBv1u1xIJT4PhTqEJqttXKipswzc-aaa-pI-q2hyUTF_d9wgmxnavuo&dbm_d=AKAmf-DOuoI05prtCV9e4gP7Ln7Ihe0XBuZUBAnSuMLP76EXRp1OIaji0ShyW3nnXHGGkjEzrswE-xUzxT5GwLbxP8WLsaWfeWDaq-IxCnlxGLYK44RGRo9Z1_Z1CWV17pO4wQuXZSsIjCGABwBP-o0S0MfBNd5kwfO1BiK6zuoPBT6v_Ug084BzTjd2sGVTr4YAGrMm815c0CcFiNQzHuJMbbebtsv34CRXYqdjrlGx4JAicauvBPndit7KV0-Cr_fG5yL3rvxdn4JJEeya7skhtmNjnDZGXtwojeidJVtJtOW170Ly6w-0tAw8xWkLmRCexNnBiBzNsNOlrXei770X8U58TMK5CsKroWkj7heyjYSzK7NiRwNFQSc2HSlROQpDZrw-l0VuZN8IgZjmcNgonVRhSraKWb3NgLHI59MLXBXXRQ8CRju7nGsN7b9Pclie8kRD3jMv_0NXH3-Xm444hyGn6uwJ3AfjKwK3NG-K14iSjC1p3in_ajwiWl4MM5YTpNRoLG9wb71u1JTdP4vfJUvDy03HkCWfcNOM5l9FY5JoJkFYeZW-DOVKBMfud3ezzLw77pz8MA68JGt1ugv37a-GIBNa0PVfg_GKvmBaobB8UMXVqgYqeEKhhHgj-CDIUcCloRi5dsOoDBgEDVluiu58sMBE-99AJqpkxP_cjNfWrDmF7np1GBSnw2j0Eor0gX_L3K3F0aiUUY3cb8KBLo0YxSkcJKSi7oavh-Reuygus7fOZaHa9bJ7YJPKXMca7Z_KBEQ8AE5m9wSlNwECxQ1AvNf_iThcoyb5XR_u0hUXft3sLyOT8NaXG34iqu7VbTgWrUCRjd6orr8vowGRJP5iiZ8V_EZV5-caEKUoNATMB1BRd9Q2gOMtYC-TDt21ZG1pOMHo45nNm9c9dZO9ERnvBVrAJ8q5chhbh-CRrS6sbKrsSo2n8KaRlg91AVyIHWOrjbs7RimoLJwBWGhskMIJn6xITHWU9SYmWvzUJiAEgqkolnpAcmN8cpVQX9517CyxLCjfUaa3N3eezvDVi5fHHBSsc_IAuDrOoOHiz31dTDVOrRNPd7YN76QREwCvaDfxO3dpoggDEPzS5cSEocf0I66RI32yOJZXGlb4eHVT1OjC7O786UdaXz2UU8nrxyUfVInprLPg782HLZtLiEkOiI3Jc4aZs2WpzudhieVbR3ZbWMr2AMXaHjOQqi6KXITegPFAt2RnqmeGB9mSKPzcCASIkXG6Bx1cgC2WywTE3IeXcapnzzutEz9QrcyFEBs8-kakh-35FXdMhOiRrH3rd5aYbqgPTWwICcDCbC9k647Kjj40vKAlW1rTobnnfPMhGG8dlwGxslfTtifbLFtqiAGFmoAfYiS3cmdwpYhPbs6_o-d6tttRsW7WliMrIr8RmOw5AUoTljf_LpZ1CG5OBOJyxpkI2erN5Tnw9zIg7phKR2RqFcVs3nylwoweCAOb0Ab-Iq2BePPqWdZD_eONt42lovKSeVH0tlHZkocrmDDkEUAF0bSHq9Os8QqV8WabEin22MSySG6f0Z9kq6X634UNwYDHs5T8rerFe_Hobuu7aPSWqddZ4Rm-wz_U6bIZTSFYdVLRlLDeOKm23Yan_ZnX5gCfnlC7NjA9s1wRK31FP8CLdwZYtZg04h096bfW-O7DPHOTgPGQ1oNJUXLDOzriqa6zDsT7dhw6WqxLES34iDSya_L_Vsp1iGBNks1-6pd2pHrQGxFti3bJTwCOMt6Fsxd70yIlb03iYZnp2xWTEMGXtBmEUg1-QpidxcX83SKrLoVlU6c6mGS0aEhJbrcISFb5JyQqN9dpZ1RlPOTqXx2UF8RHosxTcFr2jNHgJiMu7hhFXQNYvrg3nRcOQpw0vQ3J3gaurecAVqe74kNGa-9sGUftR6WpOL72nkuImsVPm6DZBsILHqCt63JplztttXtFb4f54MuUZB_7hMfEywIjlUNt7oLM88eHZ9xF2ncqFJNgVwVkgKAr0OLeMx8S5Fj31ZoaHgHQHfuxn2tk5_LohLh2qVCyHHbLi4u9HP00-ebbMaMN-J01ek8WiBSzI2SMYHXINMCHeIQOM1Dz4SXQlFek369Bh9209X2ZdyNJtfLiRF9KGQmmGAwJvucbDwrdRrbJEeEi5xQgG41OZefbvqejis44qa5ZVE0AgYT1n5jF2RzTV_BHjm3Tvl0UWA0McemkwBOIVmCaK00cb8HNK_WZoZKEk3g6IAiSWVqKSlplTkDW7Edkcv_GS0bQVTQUc-R2AB5yI_F7kjfJPaHQ6JdQSJi_LXXoyKHCbxnkdy1Xcv3eBX4pSvlO8e8Z0gV6Co2I7Eou0OD7qvjVUgcoHoKuAVYmgI0TEireLzfIH-tk3VJzGO5H7Or6OH8jeFI-bizzgqv0TQQSjxeKqb_RM9_JLunzwSApOVR0znW1oKZrSICs7wu7uEwe5VpLTAveKQNw2XWrf2oujIJ6QeQTc6eH7PHbjXd2jDh9z-N7dTqzR2qCXFQwtSr0qEIsr4QyA0APBxYGJiwqaGqjqUEdgEQxRIQfyUOWrGbyHBAEKors_rQxINcEgwuaU6Q8z8wfNhI2T2bdnthKYZDBep7weLJPfgHZGWdH23j0KGQNC4ksrAiwXgg130_ED4jBZI7UVs331At23eG4Fe15T7HGCo12dJpgXO5MNZySouqF5ua512c-vzss7Q601Q5oYJiz6PZLTzwxjc6aS-ihL1iIpYfIMwuCHtB1IoUMCL15RrsyFj1TekgaUSlQjPwxCyNirgGt7XB_dCUcfmb6adioX_67t5-4WrtokMJilLqy0sHTtMEymDIc6tet9kv2G9COh7gV5YzM3SeDGXKKZrkZhAv00IYshNZ74HmKz2QE2bs7bdIbWngRq516qDylkvf58KYeb4WxfJmcuI0i4cfk3og5-y8Ig_ef_QIyDMBqZsIdgLgaC8cIWyFRXqjwNFPQeAI3YdhZBQqmgpse8IvpIFbLxha5LlHBRzQPS86Z8RLpRGKohBrUkHsGOTKwxzFFpwFgZvTXPVl9Vq3UjzHXA7oWBJAyJh-5HUX_m8a9nPVoUaKnenKfNMO7WQcRatZ6owXC0GEwpbLBcAU1AOZU6e-_CpXVcEI3Nq_0wOqX6BAcsSPce9n8GZE-bL5M0R-T413vGLxzYKvNhXd5jw2gU-WfRqZ5pEY-ULYImbQbwStJeberCubFsMTDjaiGFLx3LkSyhrL8YnL5FMVH527YN3ZJ_g280gkPkCcSatE54D8LRjh6it-ZmDxc3TyCAr8k4XJ8IAAFsmXd5d0ZZXiq5fdgMTYHPcSAGIVD_VxPHsd5Lymh3CokfHUSL22V_fVocVNdlEJ8OYNbnJHdh2SB_qeVBO76w3RHIgJBBpa-OQWPV-1sAgLkHLKrojFR4HK2kaG812ss445h1VFslWDCdFjIkpcz49CUku1ghnGYoyZKrfFL-K9MScCrPPCz6_qFCFyj-5l4bAb_ehYDnkGgH8hbMX1-EDQuIyYmRtmlXUsRnn5sevtyqPZLXboX35Hwjhh2bvPhpC0PTOa1d3s&cid=CAQSTgAvHhf_W298XMgIYMZvPZxTSQV2U27nBnEcyJ-2hhTfR-SUFaHmODXWXMaWG_f3ehD_4HfUx66puRHtm-E9zx614745pzITz_Hsn01uQBgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fkolikoweb.com%2F&ds=l&xdt=1&iif=1&cor=13185964485049248000&adk=497053792&idt=188&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 21:44:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81135
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 21:44:08 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 7292 31 KB
12 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:43:50 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7292 41 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 526275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 18:05:08 GMT

GET
DATA 200
OK truncated
/ Frame 7292 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 751869c0b7ed492fd1092fc0a93ed075e1e321857f1cd68ab6de9b8dbce16b3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15415463092317913147/ Frame E47C 1 KB
768 B 88ms
41ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=FdAeKvGml6&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 739
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 20:16:23 GMT
expires: Fri, 27 Dec 2024 20:16:23 GMT
last-modified: Thu, 27 Apr 2023 13:50:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 074B 0
0 67ms
67ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst-AsiH_3DBXCsR3jQeWYd9fwy38EumSKpQCTJdRhE4kl_sZ6fx4OA4Yq7PBGc_JSz2zhQ-RKMfkqObR3SY7MPaHYDtf1UuIMriaUqGaZ5dM2GzkTeToZyxnQ92X6_18QqoMf2gHd9p-LrSWl-J3ebh6uGkSlMjOWdPatuSZLqAPLB6pqav2G6So4s2--05QE1gLK0Q9v-6RAPl_O_1CKEMbQkGPVK4dqDnXbsnYWHCRbCEsMSuHsqKTpo3gKV5MH2wAuiJcJzClDDsIdC84gODOrMx3g5fz5exOzlZ31OrcHGoyAO97eJxZCaKfA_mS3iKzCU1twfqd2vbNn0LCjcZtOkiP9ANZB2xrUfAnMN-iLHQiIeAGIlRXoXeO-3_B6sxny7F24J9pmMR7YDyWZRhedCmwcyeYcuKY3blUFb6cqb8TNUTBRkVEcA1O68jJR14ON-tL2mBmeGiTNxRVwU0dhb0yvTe7BURBfklVWeXFkYtajefhnlMgZGlwpQrcVsZa2aWdZFr16e-97eiqeP4qsoJ8s7_wcvgcvdnluU6ibUJ7ISLCGcHfQoexP8cXAd8XZixxL3KiMv0Q-AEzkoFCec3cz6Fpjt0JhU3Mlp6j8fg7cDO9et8Ud-M-N9ZaGEuRx6ylgtCwC-nXJSQob8hB1ruzMVc415nO5-SnZBzQvkE9bQL21wiiuvuVdM-JHFZr7H7MQdwFmdSDcPsLLlqdxVmRIjEClvpnGSdwL_zYby1drvwlrcB74_3GA8EkpqgMzsvTCOPqrt93FLi39zlPuPHhuPjeCb-aCN28RqK-WiHbDuLkKuszEwgWmTktHnqawDt_A-U_UiUgr1Fo_BPttp3-PhSVVrGbxvcj0qZxpDMyEpB6BiwBC1FFykkxJFDwHdtpfhHqfmo1jpSopcB4OP_hu7dZ4nAg0oyVbecNOFzj222Rj8Wus2-rw7pySCz0qP_GrZdAxTEI21sS0kJMizNevLxOg3frPN2HFbTatRxyuzRwVg3lnbJn7eZPeKdpF9M5yZmCzVhn1pNRFG9YsyOmP8lJ_TcdbHec7ZamwqZDIltSydT0O32KFcCr7nhKZOaK2oqqtrvM7JX8-OFMX9z_cdgxBNBJPm2NMUi_GVEAeJYtRr4-HSpWgLYSexK2L7NLtxUTDTwVZTnqiJKBJl-0cS9JWZi9oGbSqJTFbYtaTaGahKpErkbSO27wLeBZIIK6VFfTsN8e5sJUYrS6Yux0p0iDtnF-bMbLDVbhfrcBWlnqPiGDckuUVgRhwx6mEAbmZLx3ZJlulGZogs2Qa6g59ZyHkUqCBoD_I3RrNxiS9t7ijqkYgCgv5xcjEIC5Mm4Kcmdc27BJDyULmQ5Y1pVW8xungclAxNZtRSNdJGIT-qE&sai=AMfl-YTVcQnvfUEIJ_zayzPJxxcWw7SQ6LaXMrAj4YZxh0iBt52PrbJYjuTl8Nr5Rw_N8frzMsdMQDDs3i7RzVgVzxLBTkwLZf-2Le7QAcn8OU01ETVhcQvgZUCqbqo2yB5Tx1fmXJ8EFkQd0pRd_P5uVbHqfsa6wNN6qDv3RcSYNFaY9qu_z1NgWi3TEb5hSJUX8ujpCRf0AFBpLscDnZUARs1OZlwoWLFOh_9toJeVnOaw0_lQe-BF0nPrWuzDGgTYpyPrmeqyOHoZswXOvWK8OEzoJTUXyHmY8xxW3Uh8xy7Vi6wlPnYUC6ud47dNGxeTYWOhCHr2pvx2TcjdzBdgHO1zsEEf9ZIhOdUV6NbkSIkz1AK8L3VXy08xiYIH2OvJqpci0ZCaj0vdPjqgctNOXNuQALgPWs3VkpBFYGNfH3bTxbhEX8IGE-kfbheFF1e8G0VEypbb3lHqQRF-TWgJW4jwSsI23WwpeC8aoBB3z6JTErShLPpqnO1G1i-aeroXRszYCTU&sig=Cg0ArKJSzORarlFM0zz0EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=154&cbvp=1&cstd=149&cisv=r20231207.88609&arae=0&ftch=1&adurl=

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 28 Dec 2023 20:16:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 074B 43 B
1 KB 148ms
32ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180481255&extPm=361198352&gdpr_consent=&gdpr=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Thu, 28 Dec 2023 20:16:22 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Do, 28 Dez 2023 08:16:23 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1119
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 15D8 38 KB
13 KB 22ms
22ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 210665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 09:45:18 GMT
expires: Wed, 25 Dec 2024 09:45:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10256918388168393334/ Frame 66F5 148 KB
23 KB 57ms
23ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c69976cd568b69a76e60900676f5e45c901c66b2cd4b0181e1ac468bc28c986c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 226167
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 23597
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 05:26:56 GMT
expires: Wed, 25 Dec 2024 05:26:56 GMT
last-modified: Wed, 09 Feb 2022 10:34:13 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7292 0
0 138ms
67ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuYwIQWGBgKEllCEJBfhsSJLOGBvmVlR1kDFU9lRC0n6uWVZ8ax6cC4QJPW0mXGd5o-qUO-PzVIxoup25J7A_MtxT9loRuIWD0YTnb63MV05wdnXdhd7an7hzYhiVRlnS7zD0QPUV-W7zX9qH7jOY3Ua9x0aXzY-EL809VNkpl5FjYRjfdCSC-bTxm8P0_6YT1AP4sYA1eM9wI1dheH7BgQRE6OkVxptYGMgkx2Q4QGnBXDugAr4-7LZZdMivwz6ofylnDIosKUHj2d7ZqXHPgNywo_rjaNsg3gyoO0A5ufsYL9OR7b91qNG2hztnJlZXiTNO--3lyAXUA-LJKFnCAq9ngOGzUC5L7wC2_6D4sikmKhgWZjwZWfDlue81v8FJMBuGrVpgH1b3ga9eNyzPzaFZVbMGWsxBKlXZ-20_IFDSia_eobLPsAtoW_sr79Wdz0HtFWqJeeJvJSvKZlbnWhvmRy6NxmuAgMqlqbXp6sC8f1mfzkaQlhBF835cZUJ2-gNOdbtoHJptc18lciMz017VFlFz3_DfN4eR0B6YH6BLhU4A2fYROD8NCMWD9m5DakIaIrOHb1xNGPo-RQcGMP449SVfcy3d50cktaYwdo6g6Qv8AuJ0rXkLJQDCbSP5HnQLtTjApEgrPFEjXfL5aPseGaUFs-9xk2Jit7dMVSiCUUE3L1Ezq9tDFVvcKQorqwEVRk-jMkjMkfCqeUDAvoEs_bg8PYtXvZyex1kVeR5xoBwIQmC4bU-zAkFfpKdTS4OPSDTJflWNozLaL7iRrncdOZapQjbKT0rQRNEHZra3ZjrpZIGhVyBgTAfSwrxJhZIKOMNaAM692g2NwMF57BL6IRGUn3E63iPnfaTRcrH9Tbz1pmm1Sx7jycr6pIrKEq2QDk8hlYOIjj3NKnZ38RC9UnY3FcIczsrozB2J7J9Af6JpjvwouBNzXzVB0HL7f4Muxrc0xPFOOG5FgBjIu5AGXhJQoCPSLha2QSfHXiX27Qm3tJC1BjaG21xgXvqhgGVBzYRnkH-jK52J85F4ZiwpCHHjy56WvTP6HcQFQioYFTd69Tm_eFtc6jTKQ1WRXbtL_plOMLSf1syRpLo9TD5U_72rOEj5uxDI14ljyiHJh62QkDzeE1gtWtojN0U7LGfHH96JTEh5CFQBZ8paHG-aa5xGT2ICaXN6Q6UdNP0MwSL4CrnuYMvgyjv6nupPXmZAKn-5FyLIjSzbJspop5hV_Co5yNCwe-SM8rk-1mR4GUb6lQSRsTvj_28plQJ584QOhaGbIehwFBJ604LoOygwl-1eVK8Yz_b9FdexZ97S0x05OdycQUNGWtVkEJ_DI5Ci9mHNobMnnqP83lGiK8hIdNVwv1hjH2RAvugpcaeaP-UNdkk7GSeGs&sai=AMfl-YRgACqpkQiDF9B6oJtmaSi_rhI6pBGo1YpqiRPFzIqQbHVBYgR8fe18_1lsO5E6QY_KAuSU1onZHMYeU5nHC1PH6JWsluSX9O3UrHXJVugb8Nb6DBUHfYq940AYsX-nQBJ7DhdBJ0GmcYDimnf78s7Q1HUdPERKkZHPIwvhqNJgw1VWN8MEcBGq8V5KNuRNN3lC_ONvZkPrHCGxneYjPnv1ab7oMC6qS3lFsx1cm1ipqZWcyTtJfTzeFGJH4UiGFHusMqne4KXE-OmqDdvhLZxzEw-24UNbkwLY5muks0_3RnauLZja1xChiQ7nMA&sig=Cg0ArKJSzN3cfi2P4qb4EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=51&cbvp=1&cstd=49&cisv=r20231207.99664&arae=0&ftch=1&adurl=

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 28 Dec 2023 20:16:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 15D8 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Dec 2024 15:59:50 GMT

GET
H3 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 2124 50 KB
19 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 196027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 13:49:16 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 66F5 29 KB
10 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 20:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84839
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Dec 2023 20:42:24 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 974B 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BYfcqlteNZe-LF9OZid4Px4WjmAEAAAAAOAHgBAI&bg=!oaKlou3NAAY3kmNgF5I7ADQBe5WfOGsyePdAt5j08WAJ_ufyUSEu8daR3t01ObYZZO8fHaZbTG0nzAQTQAKgbUZ7xOVPAgAAAE9SAAAAAmgBB5kDQJMyNQ-rv599eJoL0ncLx4d91_k1QMrN4ci3j1jwmKynuBbR0eezgaYPyFLuXbRtNBcy8hA93CtF8hcM-_b-blQtOcApFDL9-XTNDHksZC3ad1cxiMI7lE6yk2DsmzpWcTznyekVd1ZqT0sJFlIG7HSmUZe9qlyxHrujjrTZVVXp2Bg_tPtXS7K2X0CYD3IjYN_20ZiqKOg-eeBzOSJYJMQmPoMqCFxDrbpF9WG-cceZXDMHK5LmEHUujWN4VasIrHpRt9AEVjWZAs6kQsZrvR3I9gE8Ltbu22DsfOOadhr_-XjBpc5f5onNuRn8pj7TOwNE1MO-wMJrU_0YShpwF98DENcRCSiAwzRPGayqafbIh6iF-r900p2B6DYR6zqPuCBFE5GxI7orhIdlY7edHmYqrM2xraZphUsZ-JhMmlya2MrtOjwcywXU52AsC0gPsq5rJZ3eWn7NNy8uWiHIYw3O7xYb0bUzS7JI6ohHCcqClA6MjX7vQoBfqNWHagKc62-p_Sq27VFOQ-sSd_Rjbk6i2P1op40qQwYz3lY3apCfuVUKLkede3QAOk4Q_lTPF8ah3cAi8CWP6L0qZ2gUCgHZjVnjLfhLX1Uf3OcG3jZsoP64aT6jBBNtETYbYLSCP_FAPyxJiQUB8oqBFeQjZ2u1vQYxFKGAtBbMSBYjb5_Kb6PLyvW9lGvN3QvdvpCgilBDHFLcyMCYS7V-WmVfMmvR2adhdcVaUueDgI5e-Hv0ZXowp92goFOSU4VHdeXU92tX95C6mv4-4DilaApe3ms7waW6eHXpnuvXWEyN57jgdd39u9C7qKRJEo1QCqQp1-_mVuGv6SyXIH-rP3unYfWhTHO7U24Rznf6WK5m6L5rTYwDo188l5VuJ2dfvxeqJ8omBHQyt5c9OxT7xEyWKOjCpAdj-d0kMJ2gM9GxH-p-f7M4hDJYU7sCuxFCH4kvJ-Yc660s0DprjuXnSgQLw5t3V7T7LErJoetoy2cfTlBBYeo5Ef6m31YqDUF2kQLGJUOpgpcKA3cpXgCZWThhcpDApEghH7jHufWPuTYH4hhxI_FvgEY8GCNwq5UCblfWAKmKl1LFmQ7d1GoGl5yPFWo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame E47C 113 KB
38 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=FdAeKvGml6&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=FdAeKvGml6&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Dec 2023 20:16:23 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame E47C 118 KB
40 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=FdAeKvGml6&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=FdAeKvGml6&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:12:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57830
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Dec 2023 04:12:33 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7292 0
0 61ms
61ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuYwIQWGBgKEllCEJBfhsSJLOGBvmVlR1kDFU9lRC0n6uWVZ8ax6cC4QJPW0mXGd5o-qUO-PzVIxoup25J7A_MtxT9loRuIWD0YTnb63MV05wdnXdhd7an7hzYhiVRlnS7zD0QPUV-W7zX9qH7jOY3Ua9x0aXzY-EL809VNkpl5FjYRjfdCSC-bTxm8P0_6YT1AP4sYA1eM9wI1dheH7BgQRE6OkVxptYGMgkx2Q4QGnBXDugAr4-7LZZdMivwz6ofylnDIosKUHj2d7ZqXHPgNywo_rjaNsg3gyoO0A5ufsYL9OR7b91qNG2hztnJlZXiTNO--3lyAXUA-LJKFnCAq9ngOGzUC5L7wC2_6D4sikmKhgWZjwZWfDlue81v8FJMBuGrVpgH1b3ga9eNyzPzaFZVbMGWsxBKlXZ-20_IFDSia_eobLPsAtoW_sr79Wdz0HtFWqJeeJvJSvKZlbnWhvmRy6NxmuAgMqlqbXp6sC8f1mfzkaQlhBF835cZUJ2-gNOdbtoHJptc18lciMz017VFlFz3_DfN4eR0B6YH6BLhU4A2fYROD8NCMWD9m5DakIaIrOHb1xNGPo-RQcGMP449SVfcy3d50cktaYwdo6g6Qv8AuJ0rXkLJQDCbSP5HnQLtTjApEgrPFEjXfL5aPseGaUFs-9xk2Jit7dMVSiCUUE3L1Ezq9tDFVvcKQorqwEVRk-jMkjMkfCqeUDAvoEs_bg8PYtXvZyex1kVeR5xoBwIQmC4bU-zAkFfpKdTS4OPSDTJflWNozLaL7iRrncdOZapQjbKT0rQRNEHZra3ZjrpZIGhVyBgTAfSwrxJhZIKOMNaAM692g2NwMF57BL6IRGUn3E63iPnfaTRcrH9Tbz1pmm1Sx7jycr6pIrKEq2QDk8hlYOIjj3NKnZ38RC9UnY3FcIczsrozB2J7J9Af6JpjvwouBNzXzVB0HL7f4Muxrc0xPFOOG5FgBjIu5AGXhJQoCPSLha2QSfHXiX27Qm3tJC1BjaG21xgXvqhgGVBzYRnkH-jK52J85F4ZiwpCHHjy56WvTP6HcQFQioYFTd69Tm_eFtc6jTKQ1WRXbtL_plOMLSf1syRpLo9TD5U_72rOEj5uxDI14ljyiHJh62QkDzeE1gtWtojN0U7LGfHH96JTEh5CFQBZ8paHG-aa5xGT2ICaXN6Q6UdNP0MwSL4CrnuYMvgyjv6nupPXmZAKn-5FyLIjSzbJspop5hV_Co5yNCwe-SM8rk-1mR4GUb6lQSRsTvj_28plQJ584QOhaGbIehwFBJ604LoOygwl-1eVK8Yz_b9FdexZ97S0x05OdycQUNGWtVkEJ_DI5Ci9mHNobMnnqP83lGiK8hIdNVwv1hjH2RAvugpcaeaP-UNdkk7GSeGs&sai=AMfl-YRgACqpkQiDF9B6oJtmaSi_rhI6pBGo1YpqiRPFzIqQbHVBYgR8fe18_1lsO5E6QY_KAuSU1onZHMYeU5nHC1PH6JWsluSX9O3UrHXJVugb8Nb6DBUHfYq940AYsX-nQBJ7DhdBJ0GmcYDimnf78s7Q1HUdPERKkZHPIwvhqNJgw1VWN8MEcBGq8V5KNuRNN3lC_ONvZkPrHCGxneYjPnv1ab7oMC6qS3lFsx1cm1ipqZWcyTtJfTzeFGJH4UiGFHusMqne4KXE-OmqDdvhLZxzEw-24UNbkwLY5muks0_3RnauLZja1xChiQ7nMA&sig=Cg0ArKJSzN3cfi2P4qb4EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=173&vt=11&dtpt=122&dett=3&cstd=49&cisv=r20231207.99664&arae=0&ftch=1&adurl=

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 66F5 6 KB
2 KB 23ms
23ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Dec 2023 20:28:52 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 66F5 2 KB
1 KB 26ms
25ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:14:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Dec 2023 20:29:03 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 66F5 3 KB
1 KB 24ms
23ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:14:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Dec 2023 20:29:19 GMT

GET
H3 200 head2_5line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 66F5 12 KB
3 KB 27ms
26ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_5line_paare.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fc65e436756cddb5fdfe98535eb5c0dadda31f81801a21fa4c0839d45daebd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:06:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 620
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3331
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 13:00:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Dec 2023 20:21:03 GMT

GET
H3 200 head1_2line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 66F5 4 KB
2 KB 29ms
29ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_2line_paare.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ab6793dc8e7ecc84e623176376fac17df0d4513fc68ab392d3850200da5f13b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 614
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1686
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 13:00:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Dec 2023 20:21:09 GMT

GET
H3 200 160x600_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 66F5 37 KB
37 KB 27ms
27ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/160x600_kv_paar.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d6d8aa9116c8538da4416d44de1532dcf9f5ec4ddc85f4d524714e8ed918ee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:13:46 GMT
x-content-type-options: nosniff
age: 157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37561
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 08:15:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Dec 2023 20:28:46 GMT

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 074B 0
0 62ms
62ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjst-AsiH_3DBXCsR3jQeWYd9fwy38EumSKpQCTJdRhE4kl_sZ6fx4OA4Yq7PBGc_JSz2zhQ-RKMfkqObR3SY7MPaHYDtf1UuIMriaUqGaZ5dM2GzkTeToZyxnQ92X6_18QqoMf2gHd9p-LrSWl-J3ebh6uGkSlMjOWdPatuSZLqAPLB6pqav2G6So4s2--05QE1gLK0Q9v-6RAPl_O_1CKEMbQkGPVK4dqDnXbsnYWHCRbCEsMSuHsqKTpo3gKV5MH2wAuiJcJzClDDsIdC84gODOrMx3g5fz5exOzlZ31OrcHGoyAO97eJxZCaKfA_mS3iKzCU1twfqd2vbNn0LCjcZtOkiP9ANZB2xrUfAnMN-iLHQiIeAGIlRXoXeO-3_B6sxny7F24J9pmMR7YDyWZRhedCmwcyeYcuKY3blUFb6cqb8TNUTBRkVEcA1O68jJR14ON-tL2mBmeGiTNxRVwU0dhb0yvTe7BURBfklVWeXFkYtajefhnlMgZGlwpQrcVsZa2aWdZFr16e-97eiqeP4qsoJ8s7_wcvgcvdnluU6ibUJ7ISLCGcHfQoexP8cXAd8XZixxL3KiMv0Q-AEzkoFCec3cz6Fpjt0JhU3Mlp6j8fg7cDO9et8Ud-M-N9ZaGEuRx6ylgtCwC-nXJSQob8hB1ruzMVc415nO5-SnZBzQvkE9bQL21wiiuvuVdM-JHFZr7H7MQdwFmdSDcPsLLlqdxVmRIjEClvpnGSdwL_zYby1drvwlrcB74_3GA8EkpqgMzsvTCOPqrt93FLi39zlPuPHhuPjeCb-aCN28RqK-WiHbDuLkKuszEwgWmTktHnqawDt_A-U_UiUgr1Fo_BPttp3-PhSVVrGbxvcj0qZxpDMyEpB6BiwBC1FFykkxJFDwHdtpfhHqfmo1jpSopcB4OP_hu7dZ4nAg0oyVbecNOFzj222Rj8Wus2-rw7pySCz0qP_GrZdAxTEI21sS0kJMizNevLxOg3frPN2HFbTatRxyuzRwVg3lnbJn7eZPeKdpF9M5yZmCzVhn1pNRFG9YsyOmP8lJ_TcdbHec7ZamwqZDIltSydT0O32KFcCr7nhKZOaK2oqqtrvM7JX8-OFMX9z_cdgxBNBJPm2NMUi_GVEAeJYtRr4-HSpWgLYSexK2L7NLtxUTDTwVZTnqiJKBJl-0cS9JWZi9oGbSqJTFbYtaTaGahKpErkbSO27wLeBZIIK6VFfTsN8e5sJUYrS6Yux0p0iDtnF-bMbLDVbhfrcBWlnqPiGDckuUVgRhwx6mEAbmZLx3ZJlulGZogs2Qa6g59ZyHkUqCBoD_I3RrNxiS9t7ijqkYgCgv5xcjEIC5Mm4Kcmdc27BJDyULmQ5Y1pVW8xungclAxNZtRSNdJGIT-qE&sai=AMfl-YTVcQnvfUEIJ_zayzPJxxcWw7SQ6LaXMrAj4YZxh0iBt52PrbJYjuTl8Nr5Rw_N8frzMsdMQDDs3i7RzVgVzxLBTkwLZf-2Le7QAcn8OU01ETVhcQvgZUCqbqo2yB5Tx1fmXJ8EFkQd0pRd_P5uVbHqfsa6wNN6qDv3RcSYNFaY9qu_z1NgWi3TEb5hSJUX8ujpCRf0AFBpLscDnZUARs1OZlwoWLFOh_9toJeVnOaw0_lQe-BF0nPrWuzDGgTYpyPrmeqyOHoZswXOvWK8OEzoJTUXyHmY8xxW3Uh8xy7Vi6wlPnYUC6ud47dNGxeTYWOhCHr2pvx2TcjdzBdgHO1zsEEf9ZIhOdUV6NbkSIkz1AK8L3VXy08xiYIH2OvJqpci0ZCaj0vdPjqgctNOXNuQALgPWs3VkpBFYGNfH3bTxbhEX8IGE-kfbheFF1e8G0VEypbb3lHqQRF-TWgJW4jwSsI23WwpeC8aoBB3z6JTErShLPpqnO1G1i-aeroXRszYCTU&sig=Cg0ArKJSzORarlFM0zz0EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=376&vt=11&dtpt=222&dett=3&cstd=149&cisv=r20231207.88609&arae=0&ftch=1&adurl=

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 main.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame E47C 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=FdAeKvGml6&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=FdAeKvGml6&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:06:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 568
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1100
x-xss-protection: 0
last-modified: Fri, 05 May 2023 10:07:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Dec 2023 20:21:55 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E47C 8 KB
6 KB 63ms
63ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd7a5ff258c5f2e314e87b2799a84591c2f915632d6a6db98d1d414b1ca7cb83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5864
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 15D8 0
20 B 60ms
60ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BTMb6l9eNZfjsDvX9x_AP166buAoAAAAAOAHgBAI&bg=!u7iluPfNAAY3kmNgF5I7ADQBe5WfOCGe0RgV9kr0esgM6JoYgSJZovcNDYu28RFgaYLRhXhPAH5a6IT4Qst9ACkEEDwfAgAAAJlSAAAAAWgBB5kDXTFO4JycdFJg4dZyuTxfrjmzHTSXg72pgeUmCB2qNj_r5wyEnWImSp36MW-rd6rt1TbU9xdeyI0efZE-WlEzzPFgWXcRG82aVuLNvfwsZyJadRtPiIB89qWDtDSR9oAw-LDNRzW8nkyFFr1JY1Vn7XkxxGFKufcNNkW-v6InH3tDDRpmySPI03OravqTJg8EZ6N_El_K11iF2Art7sVqT5l-P6uLnBccHhbn56T9OxUzvC_upynGCDDbr4UHJvegDhAt7vsrIN8pR5C8-lt4NtDqIpTNf_rE5e4cZsUgXFnoWCPgjnLtKpphmDCL02SRifbFdNxpynq6gCjHXuzEnefsTfR08Ts5RocYtTKcDPNUogFXR-4AfbORAD6uESYIgY5_1ne8_OXcNqLxRGJdfGCe7G_xR3rsuTftwrs5s5DeZZWmbN69hBL9KOdMUzuH_t9jUXmjO0Ma4rR4TQE87PGxj21Ovr4EqWEUg5kMTw3mCWS9J3L9oeFLPopPv07wRNg5GuMXNhuUntdQz0cn2kG_Nao2jg_lXzWkQkz2QSvuzIa1eeiXjZucnkspFVqqtYqfatz_HCbujNYfudD4olPLXgQm_kDtn_lJxWAYtSDxIYXHkRAmmv-mDUqt1Y24ySvIR03Wi8-w_cmCZqSWDb_PDWBWtJNP0pgx7YDMV_9jwIiMOZ1eqfoZDuSZcLCrt7CftXIOqEatlyO5GoR8SLen2U-Nm3U7YOueubnVFWXK750sYP3uGUxFT0A29NKziykpCFW_22VN4b6lqvJHkWBx_a9QWM3yDRWu91w1c5t5-9NFz-R55s4t4PkffcgzdOTjgN8btTDehe8xL1xtJJHZO79r0-0Nykj30tpj6tjcU_0joAY-1rhoZltRJFwe18pc8je74FmAUxzLtISFqEcDcuq6n-6Avw36Y8VOOqZwHhJBu_tZOxowXCegqWPEjZOYMercP9bzKj06m9TT-jzBQKz02BvtXz80f58r5i90X6qbf9Yw28P82aEC5OOtsZVHnT7UeMLJDX7xiXG-zkf93Ca_1XUEAKVA2N90PFWw3FNOJdkdNMSZFSjyBpCRLjDXfkD8I7KS-BgJkdzu4_7scE-Vr-xyCLpJqQYQQe7OU3RX9qLzzQXG2A8eOA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 7292
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634098/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-1452786187751943&ias_chanId=1&ias_placementId=20338656462&bidurl=http://kolikoweb.com/&ias...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_l9eNZfjsDvX9x_AP166buAo&cbFunctionName=goog_wrapCb_l9eNZfjsDvX9x_AP166buAo&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...

1 KB
1 KB

36ms
36ms

Script
application/javascript

2600:9000:2450:e000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_l9eNZfjsDvX9x_AP166buAo&cbFunctionName=goog_wrapCb_l9eNZfjsDvX9x_AP166buAo&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1452786187751943&output=html&h=600&slotname=7445820166&adk=2820190190&adf=655374624&pi=t.ma~as.7445820166&w=200&lmt=1692457865&format=200x600&url=http%3A%2F%2Fkolikoweb.com%2F&ea=0&wgl=1&dt=1703794582004&bpp=1&bdt=261&idt=213&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4938427060681&frm=20&pv=1&ga_vid=531812364.1703794582&ga_sid=1703794582&ga_hid=195356343&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1290&ady=391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31079715%2C42531705%2C44795922%2C95320885&oid=2&pvsid=4442861223456727&tmod=2107438823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=214
Protocol: H2
Server: 2600:9000:2450:e000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: vKEhI2DDF7x4y1d6KCleNAEq1uB6J8K1
content-encoding: gzip
via: 1.1 8bdbe34841dae048e23c3b85d9dccfca.cloudfront.net (CloudFront)
date: Wed, 27 Dec 2023 19:37:41 GMT
x-amz-cf-pop: CDG50-P4
age: 501213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 13 Dec 2023 19:37:39 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: EmE8WPnlf_8kwplJpWtbNg8NIqbNA4AhhcjPvv4WYYwTgYIYUZkeTQ==

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:23 GMT
server: nginx
x-server-name: app12.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_l9eNZfjsDvX9x_AP166buAo&cbFunctionName=goog_wrapCb_l9eNZfjsDvX9x_AP166buAo&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 79CD 91 KB
23 KB 99ms
35ms Script
application/javascript 2600:9000:2450:e000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1452786187751943&output=html&h=600&slotname=7445820166&adk=2820190190&adf=655374624&pi=t.ma~as.7445820166&w=200&lmt=1692457865&format=200x600&url=http%3A%2F%2Fkolikoweb.com%2F&ea=0&wgl=1&dt=1703794582004&bpp=1&bdt=261&idt=213&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4938427060681&frm=20&pv=1&ga_vid=531812364.1703794582&ga_sid=1703794582&ga_hid=195356343&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1290&ady=391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31079715%2C42531705%2C44795922%2C95320885&oid=2&pvsid=4442861223456727&tmod=2107438823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=214
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2450:e000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 8bdbe34841dae048e23c3b85d9dccfca.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
age: 8539633
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: YemuDXFlUbHWAisalW_LwAkgj_YisAnEWDmmQiV9GEEdkDyd7GQ5AA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7292 43 B
216 B 555ms
178ms Image
image/gif 2600:1f13:800:7781:11d0:480:b485:ee7c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1f75056f-42d4-04e6-f453-ef5134057d9d&tv=%7Bc:y814Lz,pingTime:-3,time:34,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:34,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B30~0%5D,as:%5B30~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZLCrdV+11%7C12%7C131%7C141*.990511-61634098%7C1411%7C1412%7C1413%7C1511%7C1512%7C1611%7C1612%7C1613,idMap:141*,rmeas:1,rend:0,renddet:na,siq:12%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1452786187751943&output=html&h=600&slotname=7445820166&adk=2820190190&adf=655374624&pi=t.ma~as.7445820166&w=200&lmt=1692457865&format=200x600&url=http%3A%2F%2Fkolikoweb.com%2F&ea=0&wgl=1&dt=1703794582004&bpp=1&bdt=261&idt=213&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4938427060681&frm=20&pv=1&ga_vid=531812364.1703794582&ga_sid=1703794582&ga_hid=195356343&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1290&ady=391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31079715%2C42531705%2C44795922%2C95320885&oid=2&pvsid=4442861223456727&tmod=2107438823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=214
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:11d0:480:b485:ee7c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:24 GMT
server: nginx
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7292 43 B
215 B 554ms
180ms Image
image/gif 2600:1f13:800:7781:11d0:480:b485:ee7c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1f75056f-42d4-04e6-f453-ef5134057d9d&tv=%7Bc:y814LB,pingTime:-6,time:36,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:36,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B32~0%5D,as:%5B32~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZLCrdV+11%7C12%7C131%7C141*.990511-61634098%7C1411%7C1412%7C1413%7C1511%7C1512%7C1611%7C1612%7C1613,idMap:141*,rmeas:1,rend:0,renddet:na,siq:12%7D&tpiLookup=ao:kolikoweb.com%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1452786187751943&output=html&h=600&slotname=7445820166&adk=2820190190&adf=655374624&pi=t.ma~as.7445820166&w=200&lmt=1692457865&format=200x600&url=http%3A%2F%2Fkolikoweb.com%2F&ea=0&wgl=1&dt=1703794582004&bpp=1&bdt=261&idt=213&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4938427060681&frm=20&pv=1&ga_vid=531812364.1703794582&ga_sid=1703794582&ga_hid=195356343&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1290&ady=391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31079715%2C42531705%2C44795922%2C95320885&oid=2&pvsid=4442861223456727&tmod=2107438823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=214
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:11d0:480:b485:ee7c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:24 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7292 43 B
215 B 550ms
179ms Image
image/gif 2600:1f13:800:7781:11d0:480:b485:ee7c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1f75056f-42d4-04e6-f453-ef5134057d9d&tv=%7Bc:y814LE,pingTime:-2,time:39,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:576,beZ:577,mfA:579,cmA:579,inA:580,inZ:582,prA:582,prZ:585,si:588,poA:589,poZ:602,cmZ:602,mfZ:602,loA:612,loZ:613,ltA:615,ltZ:615%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:39,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B35~0%5D,as:%5B35~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZLCrdV+11%7C12%7C131%7C141*.990511-61634098%7C1411%7C1412%7C1413%7C1511%7C1512%7C1611%7C1612%7C1613,idMap:141*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:12,sinceFw:25,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1452786187751943&output=html&h=600&slotname=7445820166&adk=2820190190&adf=655374624&pi=t.ma~as.7445820166&w=200&lmt=1692457865&format=200x600&url=http%3A%2F%2Fkolikoweb.com%2F&ea=0&wgl=1&dt=1703794582004&bpp=1&bdt=261&idt=213&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4938427060681&frm=20&pv=1&ga_vid=531812364.1703794582&ga_sid=1703794582&ga_hid=195356343&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1290&ady=391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31079715%2C42531705%2C44795922%2C95320885&oid=2&pvsid=4442861223456727&tmod=2107438823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=214
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:11d0:480:b485:ee7c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:24 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 728x90_de-de_performance.js Show response
s0.2mdn.net/creatives/assets/4703545/ Frame E47C 80 KB
19 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e44e8a9cf91c3d915be31bc1d006e1df1cd438c981b592f966c059739694ad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=FdAeKvGml6&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:07:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 529
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19263
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 14:40:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Dec 2023 20:22:34 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E47C 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 20:16:23 GMT

GET
H3 200 star_alliance.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame E47C 6 KB
2 KB 23ms
22ms Fetch
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=FdAeKvGml6&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2334
x-xss-protection: 0
last-modified: Thu, 29 Jun 2023 11:06:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Dec 2023 20:21:43 GMT

GET
H3 200 lh_logotype_single.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame E47C 5 KB
2 KB 23ms
23ms Fetch
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=FdAeKvGml6&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2151
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Dec 2023 20:27:45 GMT

GET
H3 200 lh_crane.svg Show response
s0.2mdn.net/creatives/assets/4689654/ Frame E47C 2 KB
1 KB 24ms
23ms Fetch
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=FdAeKvGml6&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:13:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1311
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 09:41:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Dec 2023 20:28:59 GMT

GET
H3 200 NH_D_EU_Germany-Windows-European_728x90.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame E47C 44 KB
44 KB 24ms
24ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4703548/NH_D_EU_Germany-Windows-European_728x90.jpg

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c6282b043a74b1d92d9edee077e30492ec94b17b7dd9735be93b93b6118db54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=FdAeKvGml6&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:11:41 GMT
x-content-type-options: nosniff
age: 282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45135
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 08:39:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Dec 2023 20:26:41 GMT

GET
H3 200 LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame E47C 50 KB
50 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2

Requested by

Host: kolikoweb.com
URL: http://kolikoweb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15415463092317913147/index.html?e=69&leftOffset=0&topOffset=0&c=FdAeKvGml6&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:08:15 GMT
x-content-type-options: nosniff
age: 488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51548
x-xss-protection: 0
last-modified: Fri, 18 Nov 2022 11:46:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Dec 2023 20:23:15 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame BA89 39 KB
15 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15393
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Dec 2024 15:59:50 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7292 43 B
215 B 193ms
193ms Image
image/gif 2600:1f13:800:7781:11d0:480:b485:ee7c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1f75056f-42d4-04e6-f453-ef5134057d9d&tv=%7Bc:y814RR,pingTime:-10,time:424,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1703794584019%7C%7Cff24aa1b74ef6098323b16fd9778914f%7C%7Cf5ef61ca1e560a2377dfd6c236fd3eb9%7C%7Cb95a9a69c7107abb10e90c40088ec1fa%7C%7C976a41042bc5e878bb32c2ad94d46f7a%7C%7Ca88ac322d61b0f76c83a637b54d35522%7C%7Cff1e9c558a0674ba1941d0566db6ac3c%7C%7Cbccd6454f1dbc2ef5ebfde4b4ec255c9%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1452786187751943&output=html&h=600&slotname=7445820166&adk=2820190190&adf=655374624&pi=t.ma~as.7445820166&w=200&lmt=1692457865&format=200x600&url=http%3A%2F%2Fkolikoweb.com%2F&ea=0&wgl=1&dt=1703794582004&bpp=1&bdt=261&idt=213&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=4938427060681&frm=20&pv=1&ga_vid=531812364.1703794582&ga_sid=1703794582&ga_hid=195356343&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1290&ady=391&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95320239%2C31079715%2C42531705%2C44795922%2C95320885&oid=2&pvsid=4442861223456727&tmod=2107438823&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=214
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:11d0:480:b485:ee7c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:24 GMT
server: nginx
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BF20 42 B
64 B 60ms
59ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_66FYW1zb2cS_kh-8otTFjqKDPvcAwWqopaFxRhnCCAny7zzikQbRsnAWeXSWIwjwRjOmgueaEtLCuaqRbogSMWxctqgOBaAr320INbrpGQmWJmWuea0Zoeh7_90Va1AWjSetl2zxrvuqvezKO1bfAoKbrlgg2uDdho4jMK6CPkVl-WcMSFc&sai=AMfl-YSyRAj6--9fBTJDUBjMDh5ThJqPhPOtEO7uFSbFGTH3ZYf74wqxiM0brPAlu6VP1Ry4fNgnPhMiRhulqdExAG-k2J177ANgupT8MQzWLcm1jSPK8qr_oxFzQzSTQ2k2NvrNd8FHyymbOAAZHqQw&sig=Cg0ArKJSzNUzbkJxCaUNEAE&cid=CAQSTgAvHhf_77Oio4bPv74ZxAhZApRoTK_OBWiSsyPKsYBuuInQf7QblPM6jXfGF2GvubbKsk98sGH0kpFQhYTthzPzocaNHd-BUztxsHQSNBgB&id=lidar2&mcvt=1001&p=0,0,280,1200&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4092579444&rs=2&la=1&cr=0&vs=4&r=v&rst=1703794582214&rpt=827&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 76ms
74ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bdddcc7ac7f762ce6b9e1914d309d4a1ddbf30f685725c5d8e0574583eefffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://kolikoweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12371
x-xss-protection: 0

GET
H2 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 121 B
292 B 142ms
140ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6194e1ea6885f60a50bc3571/1fkmp50aj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://kolikoweb.com/
Origin: http://kolikoweb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:24 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
content-encoding: br
etag: W/"da5bb1dc647470204df0e49f5afac2de"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 83cc7b17697b916a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 81 KB
29 KB 258ms
256ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6194e1ea6885f60a50bc3571/1fkmp50aj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://kolikoweb.com/
Origin: http://kolikoweb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:24 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
content-encoding: br
etag: W/"ce3014b09c6dfbd6f92bc585fd840580"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 83cc7b17697c916a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 212 KB
62 KB 383ms
381ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6194e1ea6885f60a50bc3571/1fkmp50aj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcd1fa4d2007137da13dd581c678acfda42358cbdbda0f0204874fbe2e2c4663

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://kolikoweb.com/
Origin: http://kolikoweb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:24 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
content-encoding: br
etag: W/"86b32a04921a039ace69980bacd1b639"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 83cc7b17697e916a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 219 KB
43 KB 378ms
377ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6194e1ea6885f60a50bc3571/1fkmp50aj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

252458ca95d1b4ebb463113ddaf8be2331453431243c0ef8196eef04da4dcf1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://kolikoweb.com/
Origin: http://kolikoweb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:24 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
content-encoding: br
etag: W/"7cb04588da7fac9195cf9fcf0a9cd695"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 83cc7b17697f916a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 2 KB
1 KB 154ms
152ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6194e1ea6885f60a50bc3571/1fkmp50aj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

221f1816ebb7a87ef915cd7a2e091cb0a14082b7ac494039d4e28d29ce384e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://kolikoweb.com/
Origin: http://kolikoweb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:24 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
content-encoding: br
etag: W/"8a62145a771f178a2f2776bd2b72d0d5"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 83cc7b176982916a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 151 B
206 B 147ms
146ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6194e1ea6885f60a50bc3571/1fkmp50aj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://kolikoweb.com/
Origin: http://kolikoweb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:24 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
content-encoding: br
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 83cc7b176983916a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7292 43 B
215 B 180ms
180ms Image
image/gif 2600:1f13:800:7781:11d0:480:b485:ee7c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1f75056f-42d4-04e6-f453-ef5134057d9d&tv=%7Bc:y814Vx,time:652,type:e,im:%7Bpci:%7Btdr:613%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:652,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B648~0%5D,as:%5B648~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:196,fm:tZLCrdV+11%7C12%7C131%7C141*.990511-61634098%7C1411%7C1412%7C1413%7C1511%7C1512%7C1611%7C1612%7C1613,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:12,sis:129%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:11d0:480:b485:ee7c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:24 GMT
server: nginx
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://kolikoweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 20:16:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0E95 13 KB
5 KB 21ms
21ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kolikoweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15297
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 16:01:27 GMT
expires: Fri, 27 Dec 2024 16:01:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B3CD 829 B
997 B 32ms
31ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

861c210b94b1a8d41eab50057da143233b50840a9d84a1106e074b22889bf3ff

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rVurp0ubIRf3WseP62LW6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://kolikoweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rVurp0ubIRf3WseP62LW6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 20:16:24 GMT
expires: Thu, 28 Dec 2023 20:16:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 0E95 39 KB
15 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 15:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Dec 2024 15:59:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B3CD 0
0 56ms
56ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=4442861223456727&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0E95 0
10 B 22ms
21ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0L1ykw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7292 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWHDSjk5VPGxI_rnF8G9jy9HNxQXkBYTWUcdmbwrILrnin-bYEDH7psUgz7s9x_7s9M2kzz-zBJ3dhEnZZ3oCGHNTO73onmHnViNobxe3Y0_GhYIA9uMEiE8ujHvQ-BglO9HzvJxHrmeRhiV3FVnpQ8cdT&sai=AMfl-YRcnEt485uXkl-rbN7Sk5QNr56Bu1stVBanFHE97nuPYHWVciUNJzE7ur2ykq2BXoLQSRpf3pKk1qid_labjucK88TXmRQCjesUVT76c9EsDqeCxMCyF7kPujVBdGb0WVHc6hIwo7-hTh6i7oH5&sig=Cg0ArKJSzKjoPYJ_XnGOEAE&cid=CAQSTgAvHhf_W298XMgIYMZvPZxTSQV2U27nBnEcyJ-2hhTfR-SUFaHmODXWXMaWG_f3ehD_4HfUx66puRHtm-E9zx614745pzITz_Hsn01uQBgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2820190190&rs=2&la=0&cr=0&vs=4&r=v&rst=1703794583019&rpt=419&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 074B 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunOeXX1uNs-tIQoS0mQKdbS30soZ_0rGPuMK5d8VK6cXvtYQybBE9fe0A3AzPABJE8ltapNjHIjZCOD6ABFKeLr6n9ex3Kun6tcNvVM9JjcbyJkDU_KXBBDAsRl_dWPJLUcNB3ZjQ9L_G-3lPL2yPlaDW5&sai=AMfl-YRHXWaJ6i8IEiY919P80sI2rKn9sNTnSajGBMokdJ99rZEcitk3LPh6pHxQD2EuZWzUVqRHnYdtAY_OVl4x18tC2yEOxr84NKLkFHFcviwF0BheKrSNl0lkXg8pwlZMPw7zNKpB-x2mgAj7EJIG&sig=Cg0ArKJSzKjsJmcwCBZ9EAE&cid=CAQSTgAvHhf_z6-OyJzt6QsaIYyjw3okkHBlqGAcAu45UqdNw0jIaYKhl_s4fyXwDIlQJGlh32mmIm1iu4XYVE_xKd5JT7K-FYSiTlO31nzYnBgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=318,814,1000,1010,1010&tos=318,496,186,10,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1703794583197&rpt=288&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 146ms
146ms Preflight 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://kolikoweb.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: http://kolikoweb.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83cc7b1a2d11916a-FRA
date: Thu, 28 Dec 2023 20:16:24 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-zvqc

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 497ms
496ms Fetch
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=6194e1ea6885f60a50bc3571&widgetId=1fkmp50aj&sv=null

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

724babe8cff7b4604c44583b0594439af75f4ffaf74d555be36b0a450e775fe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://kolikoweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:25 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-4xrr
server: cloudflare
etag: W/"2-2-0"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 83cc7b1a2d09916a-FRA
access-control-allow-headers: content-type,x-tawk-token

POST
H3 200 start Show response
va.tawk.to/v1/session/ 1022 B
1 KB 361ms
336ms Fetch
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83dce73362df73cbcaae30f659a8c2d39a319aa42cd9e7b91005048bbef6243f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://kolikoweb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 28 Dec 2023 20:16:25 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: http://kolikoweb.com
access-control-allow-credentials: true
cf-ray: 83cc7b1b3c9a2ba8-FRA
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-wqcm

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7292 43 B
215 B 179ms
179ms Image
image/gif 2600:1f13:800:7781:11d0:480:b485:ee7c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1f75056f-42d4-04e6-f453-ef5134057d9d&tv=%7Bc:y8152f,pingTime:0,time:1068,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:12%7D,%7Bpiv:100,vs:i,r:,t:1068%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1068,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1064~0,0~100%5D,as:%5B1064~160.600%5D%7D%7D,%7Bsl:i,t:1068,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1064~0,0~100%5D,as:%5B1064~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:190,fm:tZLCrdV+11%7C12%7C131%7C141*.990511-61634098%7C1411%7C1412%7C1413%7C1511%7C1512%7C1611%7C1612%7C1613,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:12,sis:129%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:11d0:480:b485:ee7c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:24 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
61ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=4442861223456727&bg=!FBelF1jNAAY3kmNgF5I7ADQBe5WfOPhHdsnXX63QwturBVSmcI6sTLLDv_idHygbIdGpb6fDsusgOpQz7G0Gn2_aXolQAgAAAD5SAAAAA2gBBwoAGQEHx1I8oXa6nTHd48CtbBp0StxLtVRwqy2ZAwU5ESJg_3TLsGGlJrQkuzLebiWK96DEVjl7VlYGrM8lLckggMEK-ycabpRTl02gkucZj3yKbi4bhIiPPUJyFev-shN4vzc9hZ2eqgrDGqjiaUpZA5Mu7FIk3rDg_ChY58PXcxSiY1HZtpvQ5xm00ARVBXohoZeQZdrci518Bi4W5qhQd_xiA34c_Ex3esZzRkOYXw_mMLOkUIhLs5PLN9A_OICrM5Bi7JRFTk5AWJCHMGBhI6RPrfukurqCbrslymipv9TuAI2t7ycxYfJgwCoMnNo6amS2RYOo4Yi9BfDAm8tmdahPsxZAKUmqM5yyeWkjscvCoe17Cj3l_LonrxNfKw0RmDsvp4inGWZ_uTFrgMu2pnN9EYRKV5KHXUxG9NsWJUG1jlwWeuKctBm_5X57WlhLOvQMF7FKrft3GlCXezJuAsRqw1V0ATu-ofAYRiZ5ZuyinsUjjP_p1lb8kshgUs9UMZkZCHosF9RQtdCSX8trrZc8RE1tZmJl4m4p0RSuNI8DGqOBf4JB1TG1Fp6vp9EfP1d3xGL_LddXoNxGk63EtaRGxKGAFwh45FZ0eYieBld1oGk-GE2ApoXwf95c9072BxdcHKPly6-Ft_KJH3NvIQYA1f_02fybrXQWOtFd6VyIo8zmjKSCzPzLxbubvlAi0dUgz81Qg2ChmM1oJdmP2SmL_o8qrXRQyxh5FLY9bdaPeIK5yVnM1enxnhHnmogTMA6hmuo5gJaS4AqSYFRQYl_3vPJxAVGIq6mo1AaDctTb7mUysaFtjsWpTe9isPisv4LS3Pv6fsLyMrwuftcGbmSuRag9_dUVHZoT8FkG_joJ7ZjB2Ri48J7jW2UwAdu-wkIheXfcehdIhufQSHN0rNyNzWKnvQ_qnNE8O2LJQkx6OcOv3Y64xl2sCXwJdII1UAAW7_uaQ9HZlgc_IxpdHOHmoaOdRrBgCCsEA3o2EUKr359bJgsznGbwB-b0CtWRNAbATrSjMt6xPwBeL-h1j-hCAa7cj-XUsrHDs8nQ18byvw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://kolikoweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/65839862293/languages/ 17 KB
4 KB 34ms
34ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://kolikoweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:25 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 665901
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"7f37a030886ec7fce1d065ec482789ee"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 83cc7b1d4fea2ba8-FRA

GET
H3 200 twk-chunk-2c776523.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 10 KB
3 KB 54ms
54ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://kolikoweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:25 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 665900
x-cache-status: STALE
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"70aec2dd89cac4933594c25b71d61f46"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 83cc7b1d98a92ba8-FRA

GET
H3 200 twk-chunk-9294da6c.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 18 KB
5 KB 52ms
51ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-9294da6c.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea2c7fe5b9f379bd51bc7a9d6016ddc2f445164a3dd5738a319fbcc23402fa1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://kolikoweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:25 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 665900
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"398211e86ba1f74c4421bde7a06fc780"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 83cc7b1d98ad2ba8-FRA

GET
H3 200 twk-chunk-f1565420.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 11 KB
4 KB 71ms
71ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-f1565420.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c88641b9f42816d463a74a4af860951637774fc17ae6280b3189c212aa949c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://kolikoweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:25 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 665900
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"5e67f0f8c4d17726b853e1e19578021e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 83cc7b1d98b02ba8-FRA

GET
H3 200 twk-chunk-2d0b383d.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 699 B
676 B 52ms
52ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2d0b383d.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://kolikoweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:25 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 665900
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"838903127a65ec440893b4945c40ca4a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 83cc7b1d98b12ba8-FRA

GET
H3 200 twk-chunk-48f3b594.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 19 KB
6 KB 56ms
56ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-48f3b594.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

171130288b9912be9b602fe27afeed79e4ecdf6ea7997ce8c97b0d5f5aba2359

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://kolikoweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:25 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 665900
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"d1392466f248728bc183c96015db868c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 83cc7b1d98b32ba8-FRA

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 906 B
662 B 54ms
54ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://kolikoweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:25 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 665900
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 83cc7b1d98b42ba8-FRA

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 535 B
574 B 72ms
72ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://kolikoweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:25 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 665900
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"c506281367048d4a134c9affbc68c8c6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 83cc7b1d98b72ba8-FRA

GET
H3 200 twk-chunk-24d8db78.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 110 KB
24 KB 73ms
73ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-24d8db78.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0db3a997bf0303354210ecb224dc7b4bb1f81d34aa95fd06cdf13498c265339d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://kolikoweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:25 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 665900
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"1eaf1603955ff543fb810fe5edc51e58"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 83cc7b1d98b92ba8-FRA

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7292 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=904203574675&version=m202309260101&ct=76&x=1&cor=13185964485049248000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/65839862293/css/ Frame 650A 24 KB
5 KB 32ms
32ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:25 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 665900
cf-polished: origSize=24831
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 21 Dec 2023 01:45:13 GMT
server: cloudflare
etag: W/"5742a34aaab2a5983c7c11cdeef1c0ee"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 83cc7b1de9262ba8-FRA

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/65839862293/css/ Frame 6451 40 KB
8 KB 31ms
31ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bd9666b0959d868276da481746b74e6a76fbc19f7957e528b8fb022367980bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:25 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 665900
cf-polished: origSize=40832
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 21 Dec 2023 01:45:13 GMT
server: cloudflare
etag: W/"cf4a08d496f49489af30571e3cbb48f3"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 83cc7b1e19642ba8-FRA

GET
H3 200 bubble-widget.css
embed.tawk.to/_s/v4/app/65839862293/css/ Frame F185 13 KB
3 KB 31ms
31ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/css/bubble-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:25 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 665900
cf-polished: origSize=13594
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 21 Dec 2023 01:45:13 GMT
server: cloudflare
etag: W/"ce7913b80c763449b3895d46419f7a6b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 83cc7b1e19782ba8-FRA

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/65839862293/css/ Frame 9C0A 76 KB
15 KB 38ms
37ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799596c2833003b4bd92b1454ba52de29fb4fd07edb07648d64e567b0d293f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:25 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 665899
cf-polished: origSize=78180
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 21 Dec 2023 01:45:13 GMT
server: cloudflare
etag: W/"0ab357443b798b4a1db6c4f22b1590f4"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 83cc7b1e29962ba8-FRA

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
39 KB 94ms
47ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://kolikoweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2392388
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230050-FRA
server: cloudflare
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VG13grwqBbDMQ5typjqABEe%2Bm0K5nL5%2BPHVsORvzCboc%2FU4H7RF9Ke59RIZfwLkIDmkqORcxMuUhGuw7aptP4%2F%2FDFZiHAtOeHn4jI1K3dc%2FLNMR%2BZwGQdv5Og18IEtySSbw%2F1r2D2zDcycYH2xY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 83cc7b1e9b959c07-FRA

GET
H3 200 168-r-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame F185 22 KB
6 KB 33ms
33ms Image
image/svg+xml 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 20:16:25 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2467671
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 May 2021 07:25:19 GMT
server: cloudflare
etag: W/"f66e029841759471d2ec78b86760dca7"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 83cc7b1e59cf2ba8-FRA

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7292 43 B
215 B 179ms
179ms Image
image/gif 2600:1f13:800:7781:11d0:480:b485:ee7c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1f75056f-42d4-04e6-f453-ef5134057d9d&tv=%7Bc:y815io,pingTime:1,time:2069,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:12%7D,%7Bpiv:100,vs:i,r:,t:1068%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1001,o:1068,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1064~0,0~100%5D,as:%5B1064~160.600%5D%7D%7D,%7Bsl:i,t:1068,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:181,fm:tZLCrdV+11%7C12%7C131%7C141*.990511-61634098%7C1411%7C1412%7C1413%7C1511%7C1512%7C1611%7C1612%7C1613,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:12,sis:129%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:11d0:480:b485:ee7c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:25 GMT
server: nginx
x-server-name: dt27.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7292 43 B
215 B 180ms
180ms Image
image/gif 2600:1f13:800:7781:11d0:480:b485:ee7c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1f75056f-42d4-04e6-f453-ef5134057d9d&tv=%7Bc:y815io,pingTime:1,time:2069,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:12%7D,%7Bpiv:100,vs:i,r:,t:1068%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1001,o:1068,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1064~0,0~100%5D,as:%5B1064~160.600%5D%7D%7D,%7Bsl:i,t:1068,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:181,fm:tZLCrdV+11%7C12%7C131%7C141*.990511-61634098%7C1411%7C1412%7C1413%7C1511%7C1512%7C1611%7C1612%7C1613,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:12,sis:129,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:11d0:480:b485:ee7c Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 20:16:25 GMT
server: nginx
x-server-name: dt28.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 147ms
147ms Preflight 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://kolikoweb.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: http://kolikoweb.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83cc7b20e96f1c13-FRA
date: Thu, 28 Dec 2023 20:16:25 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-qkk1

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
258 B 183ms
183ms Fetch
text/html 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://kolikoweb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Thu, 28 Dec 2023 20:16:26 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: http://kolikoweb.com
access-control-allow-credentials: true
cf-ray: 83cc7b21caa21c13-FRA
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-ljnc

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kolikoweb.com/	1970-01-21 02:38:10	Name: __gads Value: ID=3d716abbc1e7d39b:T=1703794582:RT=1703794582:S=ALNI_MbBwF7JhI57WCoakGDNe3CCmXcXlw
.kolikoweb.com/	1970-01-21 02:38:10	Name: __gpi Value: UID=00000ce91099c3dc:T=1703794582:RT=1703794582:S=ALNI_MaHKsdYoSGxxett-_cnsu1RhmWtsg
.doubleclick.net/	1970-01-21 02:38:10	Name: IDE Value: AHWqTUlRcSNbSOgZZ2dO8CKlBUVTZwk9DL_2XcrbotEMYY86ARkneU-0E0c4T18ts0Y
.doubleclick.net/	1970-01-20 21:35:46	Name: APC Value: AfxxVi6DIpOO-veQcUmmH8KAgnjBpZFOwsUS10T9iV7tGwEzFfYc-g
.adnxs.com/	1970-01-20 19:26:10	Name: uuid2 Value: 812567139105019850
.casalemedia.com/	1970-01-20 19:26:10	Name: CMPS Value: 5267
.googleadservices.com/	1970-01-20 19:26:10	Name: ar_debug Value: 1
.adnxs.com/	1970-01-20 19:26:10	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVUmVfcm!]tbPl1M>e)ZlrFUfJ+tGXxoX>7beISdMx/a?zaNT.0%6[14M`[82(zl]n_%3If)y3KL9D3I?+f@BPZv
.doubleclick.net/	1970-01-20 17:16:38	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-21 02:02:10	Name: CMID Value: ZY3Xl0D8vhVdHFGq-PSOXQAA
.casalemedia.com/	1970-01-20 19:26:10	Name: CMPRO Value: 5267
m.exactag.com/	1970-01-20 19:26:10	Name: exactag_new_gk Value: 9eac15df16d242ed8655db34db6987a4%7C26.02.2024%2020%3A16%3A23
m.exactag.com/	1970-01-20 21:35:46	Name: exactag_new_uk Value: 771a820ac9d745fc914ff4d7fa978948%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 31014d921eb7455e95243cee
kolikoweb.com/	1969-12-31 23:59:59	Name: twk_idm_key Value: V-s1IJ9DF-CMpJttJDZUO
kolikoweb.com/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.kolikoweb.com/	1970-01-20 21:35:46	Name: twk_uuid_6194e1ea6885f60a50bc3571 Value: %7B%22uuid%22%3A%221.1vX2XAcQvbsaDPQaM73vqizCq7zGPPijg1CFiysNnaaSTDooy9Q6faxWhnrsi0T3DLHvKGqWm66SUlWfAapQ0TJMKaHe6DfRrunU84ifzgnF6TEdS5EEHew%22%2C%22version%22%3A3%2C%22domain%22%3A%22kolikoweb.com%22%2C%22ts%22%3A1703794585190%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cdn.jsdelivr.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
kolikoweb.com
m.exactag.com
pagead2.googlesyndication.com
s0.2mdn.net
static.adsafeprotected.com
tpc.googlesyndication.com
va.tawk.to
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
142.250.184.226
142.250.186.34
172.217.16.134
172.64.151.101
213.202.235.9
216.58.212.162
2600:1f13:800:7781:11d0:480:b485:ee7c
2600:9000:2450:e000:8:48e:53c0:93a1
2606:4700:10::6816:1883
2606:4700:10::6816:1983
2606:4700::6810:5514
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:830::2006
2a00:1450:4001:831::2003
37.252.171.52
94.136.170.143
99.80.24.194
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db3a997bf0303354210ecb224dc7b4bb1f81d34aa95fd06cdf13498c265339d
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
171130288b9912be9b602fe27afeed79e4ecdf6ea7997ce8c97b0d5f5aba2359
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c88641b9f42816d463a74a4af860951637774fc17ae6280b3189c212aa949c4
1d439dc3208ae77f3e35048084730a1a0c7134a0e685a1bc57fff0b043889ff3
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
221f1816ebb7a87ef915cd7a2e091cb0a14082b7ac494039d4e28d29ce384e83
252458ca95d1b4ebb463113ddaf8be2331453431243c0ef8196eef04da4dcf1d
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
277ee42098cf65f9ff4e350a523bb1f0e6958f3a1a2faac0170758afdd24a7ee
2ab6793dc8e7ecc84e623176376fac17df0d4513fc68ab392d3850200da5f13b
2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3b5da78867230965f7ff85a94ee12107a826e89479b85ef7475ee83f0520f181
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
3ef59049e3faf826e42c35dc2d998f7126d0a71c286c34ec9de015846cdc99e5
41448ce4891ad73962363ab2f22c05a38d45c057a987752611ae74cbb29b49e6
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bdddcc7ac7f762ce6b9e1914d309d4a1ddbf30f685725c5d8e0574583eefffc
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d977f2e123c0a98ba3312d919a44f700610b1563d7df607ca0d07b8479663a5
4fc65e436756cddb5fdfe98535eb5c0dadda31f81801a21fa4c0839d45daebd9
4fd1b9f82ac7a5415d73ec1144770b89242c46469aeb3d99045ecc877de041a8
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d0ab9915087fb52455cc3783891afcbd720bdae148cb768b87f6d946825490c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6e44e8a9cf91c3d915be31bc1d006e1df1cd438c981b592f966c059739694ad2
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
724babe8cff7b4604c44583b0594439af75f4ffaf74d555be36b0a450e775fe4
751869c0b7ed492fd1092fc0a93ed075e1e321857f1cd68ab6de9b8dbce16b3f
75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e
799596c2833003b4bd92b1454ba52de29fb4fd07edb07648d64e567b0d293f85
7bd9666b0959d868276da481746b74e6a76fbc19f7957e528b8fb022367980bc
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
83dce73362df73cbcaae30f659a8c2d39a319aa42cd9e7b91005048bbef6243f
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
861c210b94b1a8d41eab50057da143233b50840a9d84a1106e074b22889bf3ff
89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3
8c6282b043a74b1d92d9edee077e30492ec94b17b7dd9735be93b93b6118db54
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d6d8aa9116c8538da4416d44de1532dcf9f5ec4ddc85f4d524714e8ed918ee2
8f281b9e96b576688d25ad98ede875be30dd5828459a6d820cdb85875220545d
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
964cc009d8dd7a47c29d8ab48496fbef1ebb2c7d61196b1edcff96487bb49b66
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b11981cd32054bfea7caae6253fd067cee1c59a21ba2e890f015efe40b3b98c2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9b65da49808d902df196c5d66cd0fd348e352ec0b29a073b48b30119d47ce74
bc1ab6d17de6a7f53e8c7c4d642f5e16875437e5824dd90e7bc732940e2988df
bd7a5ff258c5f2e314e87b2799a84591c2f915632d6a6db98d1d414b1ca7cb83
be142fda1953af62ec53073b4f73a6ea5a8354f1966071271d1c930176946b2c
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c69976cd568b69a76e60900676f5e45c901c66b2cd4b0181e1ac468bc28c986c
c857980841f706811ab24d5a44632e05602c69283aab30da92fcfc7634d73ff6
cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd
cdb9b4abba43ee2f0d1a417746b1f8dd2117bb108f81298fedb7b22b1da3ef83
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea2c7fe5b9f379bd51bc7a9d6016ddc2f445164a3dd5738a319fbcc23402fa1d
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed4f54431105084a31a3a495352d6976751d6645dc7ab5cfd388a6a03c79f13a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a0c6031a717d60e2bf3e1eff250678510af8b68af2f27aab5f9c7eb3969ec4
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
fcd1fa4d2007137da13dd581c678acfda42358cbdbda0f0204874fbe2e2c4663

kolikoweb.com Open in urlscan Pro 94.136.170.143 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

156 Requests

90 %HTTPS

61 %IPv6

15 Domains

23 Subdomains

24 IPs

4 Countries

2003 kBTransfer

5840 kBSize

17 Cookies

0 Outgoing links

Redirected requests

156 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

kolikoweb.com Open in urlscan Pro
94.136.170.143 Public Scan

Screenshot
Live screenshot

Full Image

156
Requests

90 %
HTTPS

61 %
IPv6

15
Domains

23
Subdomains

24
IPs

4
Countries

2003 kB
Transfer

5840 kB
Size

17
Cookies

156 HTTP transactions
3 data transactions