altin.in Open in urlscan Pro
2606:4700:10::ac43:2824 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://altin.in/
Effective URL:
https://altin.in/
Submission: On November 26 via api (November 26th 2022, 7:47:31 pm UTC) from IE — Scanned from DE

Summary HTTP 179 Redirects Links 57 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 17 domains to perform 179 HTTP transactions. The main IP is 2606:4700:10::ac43:2824, located in United States and belongs to CLOUDFLARENET, US. The main domain is altin.in. The Cisco Umbrella rank of the primary domain is 212238.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 5th 2022. Valid for: a year.

This is the only time altin.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:148	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2606:4700:10:... 2606:4700:10::ac43:2824	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
9 12	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
4 10	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4 7	185.89.211.132 185.89.211.132	29990 (ASN-APPNEX) (ASN-APPNEX)
22	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 2	3.73.210.71 3.73.210.71	16509 (AMAZON-02) (AMAZON-02)
3 4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	34.240.46.197 34.240.46.197	16509 (AMAZON-02) (AMAZON-02)
5	108.138.5.230 108.138.5.230	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	108.138.36.110 108.138.36.110	16509 (AMAZON-02) (AMAZON-02)
4	52.17.68.86 52.17.68.86	16509 (AMAZON-02) (AMAZON-02)
3	18.66.112.110 18.66.112.110	16509 (AMAZON-02) (AMAZON-02)
179	27

1 2606:4700:10::6816:148 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

altin.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:10::ac43:2824 (United States)

ASN13335 (CLOUDFLARENET, US)

altin.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
grafik.altin.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analiz.altin.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kural.altin.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.162 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.89.211.132 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.73.210.71 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-210-71.eu-central-1.compute.amazonaws.com

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.240.46.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-46-197.eu-west-1.compute.amazonaws.com

as.euw1.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.138.5.230 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-5-230.fra56.r.cloudfront.net

playercdn.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.36.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-110.muc50.r.cloudfront.net

assets.euw1.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.17.68.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-68-86.eu-west-1.compute.amazonaws.com

evs.euw1.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net

cdn.euw1.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 182	860 KB
36	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 248 cm.g.doubleclick.net — Cisco Umbrella Rank: 271 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 356	215 KB
22	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 332	444 KB
19	altin.in 1 redirects altin.in — Cisco Umbrella Rank: 212238 grafik.altin.in — Cisco Umbrella Rank: 379730 analiz.altin.in — Cisco Umbrella Rank: 495186 kural.altin.in — Cisco Umbrella Rank: 287100	164 KB
17	jivox.com as.euw1.jivox.com — Cisco Umbrella Rank: 102768 playercdn.jivox.com — Cisco Umbrella Rank: 6257 assets.euw1.jivox.com — Cisco Umbrella Rank: 109977 evs.euw1.jivox.com — Cisco Umbrella Rank: 103400 cdn.euw1.jivox.com — Cisco Umbrella Rank: 116464	355 KB
10	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 705	8 KB
7	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 276	7 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	284 KB
6	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 121 www.google.com — Cisco Umbrella Rank: 16	2 KB
3	gstatic.com www.gstatic.com	15 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107	3 KB
2	adtriba.com 1 redirects d.adtriba.com — Cisco Umbrella Rank: 37680	757 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 5200	914 B
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1615	63 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 961	695 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1166	342 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 106	75 KB
179	17

	Domain	Requested by
30	tpc.googlesyndication.com	3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
30	pagead2.googlesyndication.com	altin.in pagead2.googlesyndication.com 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
22	s0.2mdn.net	altin.in s0.2mdn.net 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com altin.in googleads.g.doubleclick.net
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
12	altin.in	1 redirects altin.in
10	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
7	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	www.googletagservices.com	3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com googleads.g.doubleclick.net
5	playercdn.jivox.com	as.euw1.jivox.com
4	evs.euw1.jivox.com	as.euw1.jivox.com 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
4	www.google.com	3 redirects tpc.googlesyndication.com
4	googleads4.g.doubleclick.net	altin.in
4	3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com	pagead2.googlesyndication.com
3	cdn.euw1.jivox.com	as.euw1.jivox.com
3	assets.euw1.jivox.com	as.euw1.jivox.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	securepubads.g.doubleclick.net	pagead2.googlesyndication.com
3	grafik.altin.in	altin.in
3	fonts.googleapis.com	altin.in googleads.g.doubleclick.net
2	kural.altin.in	altin.in
2	as.euw1.jivox.com	3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com as.euw1.jivox.com
2	d.adtriba.com	1 redirects 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	analiz.altin.in	altin.in
1	code.createjs.com	as.euw1.jivox.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	altin.in
179	30

This site contains links to these domains. Also see Links.

Domain
yorum.altin.in
kur.altin.in
www.facebook.com
twitter.com
grafik.altin.in
vagonmedya.com

Subject Issuer	Validity	Valid
*.altin.in Go Daddy Secure Certificate Authority - G2	`2022-10-05` - `2023-11-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.app.euw1.jivox.com Amazon	`2022-11-16` - `2023-12-15`	a year	crt.sh
*.jivox.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-13` - `2023-06-13`	a year	crt.sh
tls.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-30`	a year	crt.sh
euw1.jivox.com Amazon	`2022-11-11` - `2023-12-11`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://altin.in/
Frame ID: DD456A31168792EB301D4D42E7CB23BE
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: C815A6AC1FFD220637D9D7A7C0E6E871
Requests: 1 HTTP requests in this frame

Frame: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 31170E488A41E635FA756C9C7FCC7C36
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7180771993103993&output=html&adk=1812271804&adf=3025194257&lmt=1669492045&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Faltin.in%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669492045162&bpp=6&bdt=493&idt=199&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8183849617817&frm=20&pv=2&ga_vid=184454585.1669492045&ga_sid=1669492045&ga_hid=1646676090&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070969&oid=2&pvsid=3899033722871889&tmod=1096374779&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=214
Frame ID: BF539179C439D7274CB8F8B100CCE1F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2813963760383841&output=html&h=280&slotname=9325183355&adk=3298560337&adf=3945879369&pi=t.ma~as.9325183355&w=1074&fwrn=4&fwrnh=100&lmt=1669492045&rafmt=1&format=1074x280&url=https%3A%2F%2Faltin.in%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669492045168&bpp=3&bdt=499&idt=214&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8183849617817&frm=20&pv=2&ga_vid=184454585.1669492045&ga_sid=1669492045&ga_hid=1646676090&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=263&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070969&oid=2&pvsid=3899033722871889&tmod=1096374779&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=m5cvHWbeqv&p=https%3A//altin.in&dtd=220
Frame ID: 2BC8CDC8B06A1E12E4A28E39E0D0AE24
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2813963760383841&output=html&h=280&slotname=4895059715&adk=681411742&adf=1238588369&pi=t.ma~as.4895059715&w=336&fwrn=4&fwrnh=100&lmt=1669492045&rafmt=1&format=336x280&url=https%3A%2F%2Faltin.in%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669492045171&bpp=2&bdt=502&idt=227&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1074x280&nras=1&correlator=8183849617817&frm=20&pv=1&ga_vid=184454585.1669492045&ga_sid=1669492045&ga_hid=1646676090&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070969&oid=2&pvsid=3899033722871889&tmod=1096374779&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=CPS55hGvRp&p=https%3A//altin.in&dtd=230
Frame ID: 87B45820B37C4B6A4786A76A84A444FA
Requests: 9 HTTP requests in this frame

Frame: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5F145C336EADD40632EF374FC85A3DFC
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYybOm1AEwAQ&v=APEucNVmVvcE_A-dc1gp9AV0ezp1z8hpCjSl6Yk9Sff8e0H2Ebeoa3ReN7VnD8HdP_NLHdFHTSv___7hbOav6MslRm2rwvz24dWLkClpexZKJjGrggpBrZV573hcFz1vvLPAvIj0vyMtv9-rU4uDzBIBeCyNvUmx1ko9v91gh9T_DYOTJJ0Jz3E
Frame ID: F81D6B7A33EA9CF67F904984C11A0467
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0D5F1F650734F9EE957A414E812B6371
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 0DE1BE0DB327031C1B2886A6A33B83CF
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/114511209851478027/index.html
Frame ID: 568587F96B30AD1AFA5F0448BC4A13B4
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1D072C621899A54933570F220E9F3359
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8C84FB87F161EC4C2EE23FEBEF5E9CED
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C09B0F6567711643A45DBEE21EC89049
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B382DCCC027DDDA7D5A4F72445836657
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Frame ID: 025D7C4C68A1108792D5B21C4D83E308
Requests: 1 HTTP requests in this frame

Frame: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 83AB7D44FA968964B261734766BFC683
Requests: 14 HTTP requests in this frame

Frame: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C364DF5DA4717FA2B2AEDF0526C8895C
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjsvtW9ATAB&v=APEucNXWqdlprvfZ_DPKfFNnbyFbrVNYFW2YK5bpA2__iwNWegi2C_EnX68Y1UzZ4CpZq8sr7umRWgw8lWlk81RKGJFi0qYMnWBwCGxads5KxTvbjt-k1Duij6gIDVFkpEd8hzrj5iD4os1PEMF2YEe05HmiLIfWuQdaEtjVlI566pOnQIMB0h0
Frame ID: C632CE42906D98345FFD99F18C5365ED
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOG639MBMAE&v=APEucNWZJHJ6U1o_18wcEi3PJXH5fDZOtMNoY1t1Rs8sujRAJ8ZuZ8DUY5BQPZlnT_p9mVYxvgXRfhm6hSh5nFjOD6oq4C9lSW4GXJaum8aaZ1_pFgFvbkJdneV8C_WlL291-jXoVbLIhVHNnfbwxWWVTRlrdMBPEE-OFqyAn94RwIVQhjjadk0
Frame ID: E9DD2B9D30456AB500435530C5A895DA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Frame ID: 8CDE434E68A10244D9B78EC5BCEE4AF9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js
Frame ID: 0EA406C8358575EF26CA9DD8A988C606
Requests: 1 HTTP requests in this frame

Frame: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669492046817081&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSAgoTm2CY7nvMbvD7_UP_-6U-AGInrzIbZChy9vdEN_kor3AARABIMz4sy5gleKQgqAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBNkBT9CDoD-dURtkwuR_S767ceDv5l3fv9dDbwEDVsOpjHUwqxO6fMvoYeIZFD9KltafrWNhVmhXBj-1ZWx0giLFeUH9b1h5g-tOrAL1e404mI8Tl8xVj5nwwk6Qxp7UOEnsHwbl8ooJeG_5X2AwvIfJguGxOXWGDRYS32WKVFQtY1GvIlU8pGQj4uhxFu0qtk-IpYnUK9xs4d15HIAd_noW4heNUZ4TEFlwBaiUG8g_m7CNpaelRVZcFaqG0VxM5SnDMl7YmUgy8_qT0RCA7tRb1McMyE9GRe_I0MAEkdWLvZIE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbAT6M-fEdATANgTDdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSTADq26N97XhDFYy2_5VY3LgqiPClaEiyCLP_XOMgSbd1IWYP0eJiLOjisVYePcWAegDp04nPYUpGNVBmUUJpLdClRIA04EDSA_K79fEYASAT%26sig%3DAOD64_3dlIvquWYHP1d_NDh0Skuf9yyt5A%26client%3Dca-pub-2813963760383841%26dbm_c%3DAKAmf-AITh0KXE8i_Y84Y7XqIEDleeC4xBaGpPV79BZfOig45k4NX9BNEbdU9FgmOVHv3jtfpE8wLAsYeyWWp9b026bFnWgZKLBKErr_QVOkOqLxzBhnZO1Bg-BagSA9UWzGd7iNcCucRr9E13u-7n19VMuBK9WO-rchOxQD8tJpubpIOIm8PbU%26cry%3D1%26dbm_d%3DAKAmf-CvwdsUV9M_0_g0qzI_oJM9MPGI-Kbc89eLJiLJxugwgaNrtk-wdjkuve0q1RsEDMydZxFg6vMcz6vEBaGj1II2FCLQNmoL9qW8Rp22mC7M9zcIayGO_FoynewgEDXCLTGo4RNww90BBjVFiLcGgu_hNZyFjLzinAFMkregJWY6-skNV2VN9CQfRHy7g7svLkiTkEXtC8kSKMYYIS4k9ptpajMe11Jvl2518XMpDJ3fpdWEa6S_L29cLKh1CpnFXNaHUOtiifcjG2h1oEyQsNkvX0wm3JPKPxLQ9GF6LfYjQ3yHasoy3hNaz0qIn-9U8vGfVbJdpR2pehhWeCJ5AxyM786x1spA1EHkiINUQDgA8CIdVP6rEpCx_-FEe4lYib6HP9Z-hAN6ptTg5zmITH3Q8nNcFcYSss1pkriC8u0HGfT_CxcD9hrx0rABwqPPwiJlbI6g-lhdTgx7Sp2EzxQwswVr4-I2ajDYM-7mYlRcGDf_SsXplrxU89ajAcVhfkCVIUpXOortFcPjIWtShv1fYZNyEQ%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63826d4f64dc1&adUnitId=2900&jvxSessionId=1669492047.9767&base=1&creativeResolveBeginTime=1669492047000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Frame ID: D90A56B24BE585B2A013E809D527D5F1
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4A86188491DCBAE1B31F4D7C6F6787C8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 59B24C1A77302914C32CB8288E798DFC
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2695385840103718912/index.html
Frame ID: B40735A812585818502C25B9CAEF4FA1
Requests: 10 HTTP requests in this frame

Frame: https://playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/jivoxWidgetApiV2.min.js
Frame ID: 9C1EEBA041E3F3362456E60C5DC027DE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 79633362D29F6F04582E04ED6B240152
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 49F1B9587F50EF9CC34391AD481D0970
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Altin.in › Ons $1754.77 › Canlı Altın fiyatları, Döviz, Altın arşivi

Page URL History Show full URLs

http://altin.in/ HTTP 301
https://altin.in/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

179
Requests

93 %
HTTPS

63 %
IPv6

17
Domains

30
Subdomains

27
IPs

4
Countries

2486 kB
Transfer

6387 kB
Size

15
Cookies

57 Outgoing links

These are links going to different origins than the main page.

URL: https://yorum.altin.in/tum/ons
Title: ALTIN ONS$1754.7650Güncel: 00:59:52

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/tum/dolar
Title: DOLAR18.586300:59:58

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/tum/euro
Title: EURO19.324300:59:58

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/tum/euro-dolar-parite
Title: PARİTE1.039000:59:58

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/tum/sterlin
Title: STERLİN22.479500:59:58

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/tum/gumus
Title: GÜMÜŞ12.825700:59:50

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/tum/platin
Title: PLATİN590.999300:59:50

Search URL Search Domain Scan URL

URL: https://kur.altin.in/banka
Title: Döviz

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/tum/gram-altin
Title: GRAM

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/tum/bist
Title: Bist

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/tum/bitcoin
Title: Bitcoin

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Faltin.in%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/home?status=https%3A%2F%2Faltin.in%2F

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/tum/ceyrek-altin
Title: tüm yorumlar›

Search URL Search Domain Scan URL

URL: https://grafik.altin.in/grafik/uyeler/299282/299282_GR202211253g9g01.png

Search URL Search Domain Scan URL

URL: https://grafik.altin.in/grafik/uyeler/299282/299282_GR20221125825nnf.png

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/tum/cumhuriyet-altini
Title: tüm yorumlar›

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/tum/22-ayar-bilezik
Title: tüm yorumlar›

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/tum/tam-altin
Title: tüm yorumlar›

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/tum/yarim-altin
Title: tüm yorumlar›

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/tum/14-ayar-altin
Title: tüm yorumlar›

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/tum/18-ayar-altin
Title: tüm yorumlar›

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/tum/resat-altin
Title: tüm yorumlar›

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/tum/gremse-altin
Title: tüm yorumlar›

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/tum/hamit-altin
Title: tüm yorumlar›

Search URL Search Domain Scan URL

URL: https://kur.altin.in/banka/akbank#altin
Title: Akbank

Search URL Search Domain Scan URL

URL: https://kur.altin.in/banka/albaraka#altin
Title: Albaraka

Search URL Search Domain Scan URL

URL: https://kur.altin.in/banka/denizbank#altin
Title: Denizbank

Search URL Search Domain Scan URL

URL: https://kur.altin.in/banka/enpara#altin
Title: Enpara

Search URL Search Domain Scan URL

URL: https://kur.altin.in/banka/finansbank#altin
Title: Finansbank

Search URL Search Domain Scan URL

URL: https://kur.altin.in/banka/garanti#altin
Title: Garanti

Search URL Search Domain Scan URL

URL: https://kur.altin.in/banka/halkbank#altin
Title: Halkbank

Search URL Search Domain Scan URL

URL: https://kur.altin.in/banka/hsbc#altin
Title: HSBC

Search URL Search Domain Scan URL

URL: https://kur.altin.in/banka/ing#altin
Title: ING

Search URL Search Domain Scan URL

URL: https://kur.altin.in/banka/isbank#altin
Title: İşbank

Search URL Search Domain Scan URL

URL: https://kur.altin.in/banka/kuveyt-turk#altin
Title: Kuveyt Türk

Search URL Search Domain Scan URL

URL: https://kur.altin.in/banka/seninbankan#altin
Title: Senin Bankan

Search URL Search Domain Scan URL

URL: https://kur.altin.in/banka/sekerbank#altin
Title: Şekerbank

Search URL Search Domain Scan URL

URL: https://kur.altin.in/banka/teb#altin
Title: TEB

Search URL Search Domain Scan URL

URL: https://kur.altin.in/banka/turkiye-finans#altin
Title: Türkiye Finans

Search URL Search Domain Scan URL

URL: https://kur.altin.in/banka/vakifbank#altin
Title: Vakıfbank

Search URL Search Domain Scan URL

URL: https://kur.altin.in/banka/vakifkatilim#altin
Title: Vakıf Katılım

Search URL Search Domain Scan URL

URL: https://kur.altin.in/banka/yapikredi#altin
Title: Yapı Kredi

Search URL Search Domain Scan URL

URL: https://kur.altin.in/banka/ziraat#altin
Title: Ziraat

Search URL Search Domain Scan URL

URL: https://kur.altin.in/banka/ziraatkatilim#altin
Title: Ziraat Katılım

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/konu/32089482-ateks-dursun-burada
Title: Ateks dursun burada2

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/konu/32197502-ons
Title: Ons2

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/konu/32196224-maalt
Title: Maalt56

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/konu/32197411-ons
Title: Ons2

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/konu/32191859-kthseker
Title: Kthseker18

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/konu/32196606-sasa-asagi-yukari-9-usd-dan-sonra-son-hali
Title: Sasa aşağı yukarı 9 usd ? dan sonra son hali4

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/konu/32195598-xau-xpt-ratio-4h
Title: xau/xpt (ratio) 4h...2

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/konu/32185213-naten-agir-agir-cikarsin-bu-merdivenleri
Title: Naten ağır ağır çıkarsın bu merdivenleri :))6

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/konu/32193180-gumus-r-wycoff-canak-ve-tobo-mal-toplama-calismasi
Title: Gümüş R. Wycoff Çanak ve TOBO Mal Toplama Çalışması64

Search URL Search Domain Scan URL

URL: https://yorum.altin.in/konu/32175866-fed-ve-dolarin-deger-kaybi
Title: fed ve doların değer kaybı2

Search URL Search Domain Scan URL

URL: https://kur.altin.in/kur/amerikan-dolari
Title: Dolar Kuru

Search URL Search Domain Scan URL

URL: https://vagonmedya.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://altin.in/ HTTP 301
https://altin.in/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8P1gA0aCgkJpZnUEx9KfQ&google_cver=1

Request Chain 46

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4JtTqRU6iWhaVW2hpkrPgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdUST-YdnPPlxfLAzeEivQ&google_cver=1

Request Chain 47

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOsfeQTk2PUSY00j9R2jI-0&google_cver=1

Request Chain 48

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU1MTI5OTkzNzA2Mzk4NDg4MQ%3D%3D

Request Chain 82

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202210_es_hunger_dv_pros_347626341&atb_dpuid=di_dv&gdpr=&gdpr_consent= HTTP 302
https://d.adtriba.com/px.gif

Request Chain 92

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 94

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 95

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdUST-YdnPPlxfLAzeEivQ&google_cver=1

Request Chain 121

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4JtTqRU6iWhaVW2hpkrPgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdUST-YdnPPlxfLAzeEivQ&google_cver=1

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECQAVXrKfxnqc4_0Mprk4NA&google_cver=1

Request Chain 123

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU1MTI5OTkzNzA2Mzk4NDg4MQ%3D%3D

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdUST-YdnPPlxfLAzeEivQ&google_cver=1

Request Chain 125

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4JtTqRU6iWhaVW2hpkrPgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdUST-YdnPPlxfLAzeEivQ&google_cver=1

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECQAVXrKfxnqc4_0Mprk4NA&google_cver=1

Request Chain 127

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU1MTI5OTkzNzA2Mzk4NDg4MQ%3D%3D

179 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
altin.in/
Redirect Chain

http://altin.in/
https://altin.in/

84 KB
21 KB

145ms
107ms

Document
text/html

2606:4700:10::ac43:2824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://altin.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 984b41505d399e23a35464a3b20687130760209264e35b7c057edf3a83e313db

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache
cf-cache-status: BYPASS
cf-ray: 770522be8da99104-FRA
content-encoding: gzip
content-type: text/html; Charset=iso-8859-9
date: Sat, 26 Nov 2022 19:47:24 GMT
expires: Fri, 25 Nov 2022 19:47:24 GMT
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-powered-by: ASP.NET
x-ua-compatible: IE=EmulateIE10

Redirect headers

CF-RAY: 770522be2ae49193-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 26 Nov 2022 19:47:24 GMT
Expires: Sat, 26 Nov 2022 20:47:24 GMT
Location: https://altin.in/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 default.css
altin.in/css/ 83 KB
22 KB 34ms
33ms Stylesheet
text/css 2606:4700:10::ac43:2824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://altin.in/css/default.css?v=5.8011392
Requested by: Host: altin.in
URL: https://altin.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f49b30cda22443f9b3afa532272ed42bf211927801931bb884808803c87cd9a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 03 Nov 2022 16:36:25 GMT
server: cloudflare
age: 1249263
etag: "80ca66aa2efd81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 770522bf3edd9104-FRA
content-length: 22004

GET
H2 200 piyasa.js Show response
altin.in/js/ 91 KB
50 KB 26ms
26ms Script
application/javascript 2606:4700:10::ac43:2824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://altin.in/js/piyasa.js?v=7.000500
Requested by: Host: altin.in
URL: https://altin.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7bde685766b1401ef1a0ba148c13f66fd7ab02189150c91bd9fc9ceb0a04e4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 12 Nov 2022 08:35:30 GMT
server: cloudflare
age: 742711
etag: "2efd52b971f6d81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 770522bf3edf9104-FRA
content-length: 50574

GET
H2 200 graf.js Show response
altin.in/js/ 9 KB
6 KB 25ms
25ms Script
application/javascript 2606:4700:10::ac43:2824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://altin.in/js/graf.js?v=1.21
Requested by: Host: altin.in
URL: https://altin.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a922ea5db92a5ca9789c9558dc6d6a952c1a8e56b9c97778607dbb6251e19e44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 19 Jan 2022 22:18:54 GMT
server: cloudflare
age: 1249224
etag: "68b99d8b82dd81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 770522bf7f4d9104-FRA
content-length: 5941

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 162ms
49ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans+Display:400,500|Roboto:300,400&display=swap

Requested by

Host: altin.in
URL: https://altin.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79f5d96f151348171246df7bba1881d02dc3f1b73ce4ad387edc43c7b638a2b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 26 Nov 2022 19:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Nov 2022 19:34:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Nov 2022 19:47:24 GMT

GET
H2 200 logo.svg
altin.in/grafik/ 1 KB
828 B 24ms
23ms Image
image/svg+xml 2606:4700:10::ac43:2824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://altin.in/grafik/logo.svg?1.2533153
Requested by: Host: altin.in
URL: https://altin.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 01f507e83684e82a1b8d8c018c7c20e106d3b266fbd1fa058ccedaa8137631be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 14 Aug 2021 12:49:06 GMT
server: cloudflare
age: 1249045
etag: W/"7c466fc4a91d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 770522bfafa19104-FRA

GET
H2 200 gpt.js Show response
pagead2.googlesyndication.com/tag/js/ 78 KB
27 KB 136ms
49ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/tag/js/gpt.js

Requested by

Host: altin.in
URL: https://altin.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27210
x-xss-protection: 0
server: sffe
etag: "1404 / 691 of 1000 / last-modified: 1669244741"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 26 Nov 2022 19:47:24 GMT

GET
H2 200 02_N349577_GR202211257nxeye.jpg
grafik.altin.in/grafik/uyeler/349577/ 9 KB
10 KB 45ms
31ms Image
image/jpeg 2606:4700:10::ac43:2824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grafik.altin.in/grafik/uyeler/349577/02_N349577_GR202211257nxeye.jpg
Requested by: Host: altin.in
URL: https://altin.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4e51b22d9b5d12f0703d890d9cd9d8f59dd08b7363a4ce6328ce8fc2fd0493c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:24 GMT
cf-cache-status: HIT
age: 102158
x-powered-by: ASP.NET
content-length: 9642
x-powered-by-plesk: PleskWin
last-modified: Fri, 25 Nov 2022 15:39:44 GMT
server: cloudflare
etag: "1f668424e40d91:0"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 770522c058fd9104-FRA
access-control-allow-headers: Content-Type

GET
H2 200 02_N299282_GR202211253g9g01.png
grafik.altin.in/grafik/uyeler/299282/ 6 KB
6 KB 40ms
28ms Image
image/png 2606:4700:10::ac43:2824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grafik.altin.in/grafik/uyeler/299282/02_N299282_GR202211253g9g01.png
Requested by: Host: altin.in
URL: https://altin.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8bceab02cf9b649d65de0b07dc85759110a7ac1d7dd2d1923637f551026220cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:24 GMT
cf-cache-status: HIT
age: 104661
x-powered-by: ASP.NET
content-length: 5812
x-powered-by-plesk: PleskWin
last-modified: Fri, 25 Nov 2022 14:10:23 GMT
server: cloudflare
etag: "5325e3a8d70d91:0"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 770522c058f49104-FRA
access-control-allow-headers: Content-Type

GET
H2 200 02_N299282_GR20221125825nnf.png
grafik.altin.in/grafik/uyeler/299282/ 8 KB
8 KB 49ms
37ms Image
image/png 2606:4700:10::ac43:2824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grafik.altin.in/grafik/uyeler/299282/02_N299282_GR20221125825nnf.png
Requested by: Host: altin.in
URL: https://altin.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4319ce72ef232e2bd3bcd6b48bfba7f179a340799a899a343c040ac7530755d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:24 GMT
cf-cache-status: HIT
age: 104661
x-powered-by: ASP.NET
content-length: 8190
x-powered-by-plesk: PleskWin
last-modified: Fri, 25 Nov 2022 14:10:53 GMT
server: cloudflare
etag: "37d5c6bad70d91:0"
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 770522c058ff9104-FRA
access-control-allow-headers: Content-Type

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 154ms
73ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7180771993103993

Requested by

Host: altin.in
URL: https://altin.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7eb2ab7af91528473a87e2a48b94c9d1bb89cdc87c1e8afa4a8d0f119131ffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://altin.in/
Origin: https://altin.in
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49352
x-xss-protection: 0
server: cafe
etag: 17840766119509721990
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 19:47:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
75 KB 130ms
46ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GRD9HD6XEV

Requested by

Host: altin.in
URL: https://altin.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9372fb2e167a46b5df506ca8593206762d814ae705616ec2b6d8a02370430de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75947
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 26 Nov 2022 19:47:24 GMT

GET
H2 200 topico.png
altin.in/grafik/ 4 KB
4 KB 40ms
39ms Image
image/png 2606:4700:10::ac43:2824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://altin.in/grafik/topico.png
Requested by: Host: altin.in
URL: https://altin.in/css/default.css?v=5.8011392
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 35eae0300d6391ba136415824122286b4249ee4319c7d77bb66323d7fcbecd89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/css/default.css?v=5.8011392
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:24 GMT
cf-cache-status: HIT
last-modified: Thu, 17 Apr 2014 21:51:28 GMT
server: cloudflare
age: 1249263
etag: "2e4f830875acf1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 770522c058eb9104-FRA
content-length: 3887

GET
H2 200 altinin.png
altin.in/grafik/ 23 KB
23 KB 29ms
29ms Image
image/png 2606:4700:10::ac43:2824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://altin.in/grafik/altinin.png?v=2
Requested by: Host: altin.in
URL: https://altin.in/css/default.css?v=5.8011392
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 63000f9ac942b75daec772bb01db9789eee4a01f6c89da9a6d553f06e775a767

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/css/default.css?v=5.8011392
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:24 GMT
cf-cache-status: HIT
last-modified: Mon, 30 Mar 2020 15:10:52 GMT
server: cloudflare
age: 1249224
etag: "9cd967a56d61:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 770522c0691e9104-FRA
content-length: 23652

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fed56d5fca8828106447665247d9bfb8feb806aa35299fb385ead8fc9468a478

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 osm.png
altin.in/grafik/ 9 KB
9 KB 23ms
23ms Image
image/png 2606:4700:10::ac43:2824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://altin.in/grafik/osm.png
Requested by: Host: altin.in
URL: https://altin.in/css/default.css?v=5.8011392
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2df92541c60f3ca4096f106e901f2b4ab11161745ec3fc1095c3917e1758becc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/css/default.css?v=5.8011392
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:24 GMT
cf-cache-status: HIT
last-modified: Fri, 12 Oct 2018 18:05:09 GMT
server: cloudflare
age: 1249262
etag: "acac4d1d5662d41:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 770522c0d9e79104-FRA
content-length: 8738

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7778113e7bd41406d1b6434c188f2a518ff397904a7e379ac2566638e3121c09

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a98f99051c970840c61fb4af716a8445a483c787461a95b151e821db0d13774

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 yukleniyor-2.gif
altin.in/grafik/ 404 B
537 B 46ms
45ms Image
image/gif 2606:4700:10::ac43:2824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://altin.in/grafik/yukleniyor-2.gif
Requested by: Host: altin.in
URL: https://altin.in/css/default.css?v=5.8011392
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 14a65ee4a5fb40eab34351996f8ee7a4b1b721170608934f756ac6b022c6c2da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/css/default.css?v=5.8011392
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:24 GMT
cf-cache-status: HIT
last-modified: Sat, 22 May 2010 12:10:54 GMT
server: cloudflare
age: 1249224
etag: "01bb2d3a7f9ca1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 770522c10a0e9104-FRA
content-length: 404

GET
H2 200 0_ons.js Show response
altin.in/grafikler/ 6 KB
984 B 140ms
140ms Script
application/javascript 2606:4700:10::ac43:2824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://altin.in/grafikler/0_ons.js?g=1&time=26.11.2022+19:47:24
Requested by: Host: altin.in
URL: https://altin.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1f97a46fd9b928a5581f1ee03b3352452cac962b08080e8de2db1815d4202eb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 26 Nov 2022 19:46:54 GMT
server: cloudflare
etag: W/"0bbed5cf1d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 770522c10a0f9104-FRA
content-length: 840

GET
H2 200 1_dolar.js Show response
analiz.altin.in/grafikler/ 8 KB
1 KB 198ms
187ms Script
application/javascript 2606:4700:10::ac43:2824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analiz.altin.in/grafikler/1_dolar.js?g=1&time=26.11.2022+19:47:24
Requested by: Host: altin.in
URL: https://altin.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 50e88b473971d821aaa711a0030993316867cd4e7be5a4a542c0d41fd7218c15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 26 Nov 2022 19:47:03 GMT
server: cloudflare
etag: "80551bdbcf1d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 770522c10a299104-FRA
content-length: 1318

GET
H2 200 1_euro.js Show response
analiz.altin.in/grafikler/ 8 KB
2 KB 181ms
170ms Script
application/javascript 2606:4700:10::ac43:2824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analiz.altin.in/grafikler/1_euro.js?g=1&time=26.11.2022+19:47:24
Requested by: Host: altin.in
URL: https://altin.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 188d2690809e008146e4d0cb07bed8f89bcee1aece5455e15b4b234a18a37bf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 26 Nov 2022 19:46:53 GMT
server: cloudflare
etag: W/"807425d5cf1d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 770522c10a2b9104-FRA
content-length: 1637

GET
H2 200 grafikur.asp Show response
altin.in/ 333 B
550 B 100ms
99ms Script
text/javascript 2606:4700:10::ac43:2824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://altin.in/grafikur.asp?did=flash_grafik&ca=1&islem=gunluk&gun=10&kur=GA&banka=altin&k=
Requested by: Host: altin.in
URL: https://altin.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fb1989ae99576b0adc89244f89fd038685cf8afc1d32c7394b1868dadd4b9f7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:25 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Sat, 26 Nov 2022 19:27:55 GMT
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript; Charset=iso-8859-9
cache-control: private, max-age=120
accept-ranges: bytes
cf-ray: 770522c10a109104-FRA
content-length: 316
expires: Fri, 25 Nov 2022 19:47:24 GMT

GET
H2 200 pubads_impl_2022111501.js Show response
pagead2.googlesyndication.com/gpt/ 381 KB
129 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gpt/pubads_impl_2022111501.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 17:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132177
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 09:35:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 26 Nov 2023 17:25:37 GMT

GET
H2 200 ppub_config Show response
pagead2.googlesyndication.com/pagead/ 61 B
184 B 66ms
66ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ppub_config?ippd=altin.in

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b2693165191257cc393def17118aa421c254bf6258caebd967a66968bec4b31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53
x-xss-protection: 0
expires: Sat, 26 Nov 2022 19:47:24 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 354 KB
116 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7180771993103993&plah=altin.in&bust=31070969

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7180771993103993

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4a4326209997a077d9078967eb02c86ac6dd7780d0871ae7739c5e49f21526f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119174
x-xss-protection: 0
server: cafe
etag: 7046955651309407837
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 19:47:25 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame C815 10 KB
5 KB 120ms
36ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7180771993103993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://altin.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32718
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 10:42:07 GMT
etag: 10353107486223812946
expires: Sat, 10 Dec 2022 10:42:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 135ms
47ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=altin.in

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 149ms
50ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=altin.in

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 1591ms
1502ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3899033722871889&correlator=1478807006084494&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=181567372%2Cca-pub-2813963760383841-tag%2C4895059715&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C728x90%7C468x60%7C320x50%7C320x100&fluid=height&ifi=4&adks=644483462&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1669492045251&lmt=1669492045&dlt=1669492044669&idt=550&adxs=264&adys=661&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Faltin.in%2F&frm=20&vis=1&psz=728x101&msz=728x0&fws=4&ohw=1074&ga_vid=184454585.1669492045&ga_sid=1669492045&ga_hid=1646676090&ga_fc=false

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0562ce42b901e5503a00a47c4a8f04c731ae3153f7f310c1cd77d330ea8a23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8237
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://altin.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
9 KB 593ms
505ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3899033722871889&correlator=1478807006084494&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=181567372%2Caltin_in_right_two_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C336x280%7C300x600%7C300x250&fluid=height&ifi=5&adks=3255069981&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1669492045258&lmt=1669492045&dlt=1669492044669&idt=550&adxs=1001&adys=1610&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Faltin.in%2F&frm=20&vis=1&psz=336x3123&msz=336x0&fws=4&ohw=1074&ga_vid=184454585.1669492045&ga_sid=1669492045&ga_hid=1646676090&ga_fc=false

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65a189489f8c3fac274f74175e7b0d287dba4fa0a5799f32d0d2ace73311b9a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8302
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://altin.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 1863ms
1775ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3899033722871889&correlator=1478807006084494&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=181567372%2Caltin_in_bottom_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C1074x280%7C970x250%7C970x90%7C930x180%7C728x90%7C468x60&fluid=height&ifi=6&adks=2327508261&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1669492045260&lmt=1669492045&dlt=1669492044669&idt=550&adxs=263&adys=4014&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Faltin.in%2F&frm=20&vis=1&psz=1600x11&msz=1074x11&fws=4&ohw=1074&ga_vid=184454585.1669492045&ga_sid=1669492045&ga_hid=1646676090&ga_fc=false

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240fdbd22dfb9c9b36903268fcec2fc2dd094441ccbd0aeb12b4bbe69850b1ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9157
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://altin.in
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3117 6 KB
3 KB 167ms
47ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/gpt/pubads_impl_2022111501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://altin.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 19:47:25 GMT
expires: Sun, 26 Nov 2023 19:47:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
342 B 121ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-GRD9HD6XEV&gtm=2oeb90&_p=1646676090&cid=184454585.1669492045&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669492045&sct=1&seg=0&dl=https%3A%2F%2Faltin.in%2F&dt=Altin.in%20%E2%80%BA%20Ons%20%241754.77%20%E2%80%BA%20Canl%C4%B1%20Alt%C4%B1n%20fiyatlar%C4%B1%2C%20D%C3%B6viz%2C%20Alt%C4%B1n%20ar%C5%9Fivi&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GRD9HD6XEV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://altin.in
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
695 B 143ms
46ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=altin.in&callback=_gfp_s_&client=ca-pub-7180771993103993&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7180771993103993&plah=altin.in&bust=31070969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e99a11737fd1a2634c21e73a18a1f18f5efe0b16ca6483fff422751ad0de3743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BF53 161 KB
45 KB 483ms
406ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7180771993103993&output=html&adk=1812271804&adf=3025194257&lmt=1669492045&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Faltin.in%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669492045162&bpp=6&bdt=493&idt=199&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8183849617817&frm=20&pv=2&ga_vid=184454585.1669492045&ga_sid=1669492045&ga_hid=1646676090&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070969&oid=2&pvsid=3899033722871889&tmod=1096374779&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=214

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69df1b93a8e2fc6982e05f21d3d639683b811e2e83a31e9201c99ddcf45673f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://altin.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46303
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 19:47:25 GMT
expires: Sat, 26 Nov 2022 19:47:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2BC8 59 KB
24 KB 808ms
743ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2813963760383841&output=html&h=280&slotname=9325183355&adk=3298560337&adf=3945879369&pi=t.ma~as.9325183355&w=1074&fwrn=4&fwrnh=100&lmt=1669492045&rafmt=1&format=1074x280&url=https%3A%2F%2Faltin.in%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669492045168&bpp=3&bdt=499&idt=214&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8183849617817&frm=20&pv=2&ga_vid=184454585.1669492045&ga_sid=1669492045&ga_hid=1646676090&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=263&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070969&oid=2&pvsid=3899033722871889&tmod=1096374779&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=m5cvHWbeqv&p=https%3A//altin.in&dtd=220

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd07c4b54b6b66b44893e9a228f04f251eb4c31455373c08a9eb6292be7ab357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://altin.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 24637
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 19:47:26 GMT
expires: Sat, 26 Nov 2022 19:47:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 87B4 59 KB
24 KB 739ms
687ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2813963760383841&output=html&h=280&slotname=4895059715&adk=681411742&adf=1238588369&pi=t.ma~as.4895059715&w=336&fwrn=4&fwrnh=100&lmt=1669492045&rafmt=1&format=336x280&url=https%3A%2F%2Faltin.in%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669492045171&bpp=2&bdt=502&idt=227&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1074x280&nras=1&correlator=8183849617817&frm=20&pv=1&ga_vid=184454585.1669492045&ga_sid=1669492045&ga_hid=1646676090&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070969&oid=2&pvsid=3899033722871889&tmod=1096374779&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=CPS55hGvRp&p=https%3A//altin.in&dtd=230

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4ef375af853cb507d64cafd2fe2b71c2e03c62e6ead0aad8548cc2760345ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://altin.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 24706
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 19:47:26 GMT
expires: Sat, 26 Nov 2022 19:47:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5F14 6 KB
3 KB 113ms
37ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://altin.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 19:47:25 GMT
expires: Sun, 26 Nov 2023 19:47:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 150 KB
51 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/reactive_library_fy2021.js?bust=31070969

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da1279e938d0e82b3ce0b9328d8559be8a0141819099d658b4808a8e67f83184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52280
x-xss-protection: 0
server: cafe
etag: 8973423435934870572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 26 Nov 2022 19:47:25 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F81D 624 B
246 B 49ms
48ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYybOm1AEwAQ&v=APEucNVmVvcE_A-dc1gp9AV0ezp1z8hpCjSl6Yk9Sff8e0H2Ebeoa3ReN7VnD8HdP_NLHdFHTSv___7hbOav6MslRm2rwvz24dWLkClpexZKJjGrggpBrZV573hcFz1vvLPAvIj0vyMtv9-rU4uDzBIBeCyNvUmx1ko9v91gh9T_DYOTJJ0Jz3E

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 19:47:26 GMT
expires: Sat, 26 Nov 2022 19:47:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5F14 80 KB
34 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B68sshYc0mEhS_4G954bq7mEGX2Sp37t27xI-VyXnaXTXNX7_1nXwt9AYG4qKxVlJTqF514gsQgYHdH50uVsiclNtqffy0zSQm5sUbemEvXpRDESmK8IlBIxL49KYUDZPeye67lRv59jOEb12FwsR_wq_SKuaMcd5umlTOyGdmEjd7q2Q&dbm_d=AKAmf-DCpXWwUU1udmXKPP9mLQIZ_5QROp_q_FLHMzNkUr8mCSkn6GtSJETEsT306DTn64K2hC7ASmoXUpJ-jGbltebMdUQTNPE5ROZob2moor1uMtM6FrOqiOuhfNi4XbFlKbzO0lEdiFHgUI_1xN9tSXkN4n3j5EK-tgv__xeZcupW2nQWMPLUNOVU6adH3GeHMw0igyqtb8NeWr9WFzUOYYDuk49ucBUffLtTu7Ev4ZniAqrZgJOE4n7NQPL14EhEwBFJdfnqi_QPfof1eZSMLLwjIvnoTNZ8V7U1MzUB5kKDMJGMCxCRIIKBmYtkuv79s1E8lgqtBlr8oiSXB_pryv1I8iCHhX35d_yd63nWJ7H-9rxKSxpLL_eEwZhjHBxRXw_V9vlGuy4KVDztrJagHT91_nWiiwRk-vlCezYIWlA94IfT30U7FLhiOTf__VXRiPvGr29zCpCpX8pM0IYokm49_x3vu6gbVDYRPV3ptc350dZ7upG4VgI-c0CZ4wyBLeDYED5S9-xU22tkMqnteAQ9cc4LQr3JQOtijf3ig8ebWEEO-wNINklMNDGDE3rKQGxS1MLMn25Y-X0i6fUGxG_Sih0gn0BeIHDu7waF_b3Kw7G5n7GY8hXQIrhYNPf_Nl6ftdaxlv6XWk5H3FwOK-a0XSkQRhqKbVndo72sxHxUcUqScVH1tKt6OE_tDeM-IPpRgsRdRiZudRe7HqQZxRB6ao6gJiBZI7M9Gc7LC72naa8jaspTSsGVgVAizzNmU8wdTyk2kKn00J8n6EDEUBn36GBmH8jOPzBqVnpA3k7ck082PQxmnK5KYBYSrgNgFeY6E1I5ZClTOun0NLQ4onch3cCJbr-_MqMF-Y91XB_HMxvyvX23AQJTPLAnHaaVi9OKcGkeVrt789rKFuXdFDiBVIulT18_KLYV-hKcmkRu_DoXBiLxW2LnhU-JTAZsghQAzSL-So9Ioxt2YrmuQWYkTT_aWRMKqXkxPClF5YFz2w3zk6OWPsDYelNQuQHhLV0xn09fcJsIrpXrKdS4pO0pNuO8SvvrHXQsmWuXfrKNNnwjceaZv2hgONMEEatyEVRJM8irMIkGHmwtdpW8iikUkvBBhTuvCPg_AjJ4ij6eyYabQACo6axqdCatrE7Na1uT4vUITAT5oj-eK-FEWp2v_ErZa26_LjS2pUowqn5Fnw0JHDnn61PfmoHZCfu8ftCSJizbHs3nOw-J5fMq7ChqJM0mW33NeLfhvRzQGWamD4LPFjFdguy8ENqJx7yYf1fbh6mrI2tFhCIaQzwE8L8JO9x8YUIDPnIp1bSCKk7G-moK_8Ex_Xvo1yr2YPEoQSXDrzTxegiGe4RtqD5GNaX5OaX4QiAhRvalJIBNRiuBPsnZqlt6mf3lu4l9JiMHUU9gt0wnRI2xjaowy7i5Z0Hv1DBAudEN_ggq-kDlnQZgF7_DgwZDS4QA21FHZDUDiyGhpkNDTDdsRqWIzOQqQuJKyJ8-k9YgJl6PQ0ppfcFionaRsAwSyrRtAwA0GQrxNNre7m9OA7IzpVPyBs7i23rt4tk0dAfz-A-C2GrOboyUOJHfPrViLdWO59cmMeiInQcLE3uPeZb5j6s1xYTwyYaU3EHEWGdLVlpKc9GhODj1kBJDCpkxvdX5uQ-FnYeFbT17AbC1sxBQXeMtiOQUo9gt5ABqInKhWkwzHTFfyWHPYxNbwao_HHdclv7Dvsr2Z1MwPCkXhP_HvZOxA7WHHgjGvYywXm3JTaYKMtWx_7Y3bJjtn-tVIsmTYp63b1Dn461vOeX6B64sgNHyly6XTnuOb12G6G5P-IvZArb-pY0si3H3e_UUFkcF0ZxffSRfQcLtrEKv6_djiqnDD4-m_GssWZZWQoFGp1BX7ONSYyWwrytX5RisalJKDDV7DIcmc-0GUGvVbH5bKb_hQ3NT_VdfYZK7vzOGz0LT_hj2YrK9BX_YFXM_e0EgO5IxaCPjRexWUfhtK4Gwl5AOkhvGBZ_f3hJg51ZWylBPtyLUwxqmFomWk6j_O2eRh4f3gvP1_l5SACeDRDxh6L5wBXRnohGux3KMctA6D8IBzIFmRdP9AsN1nl1cUHIWVAIuvufKQ1fBfT7jpGDGm7IIuVhsaIJSZWop1PS_I7SgokUzbBd5jH6OL4Bxpak7I6jjzHbjAERB19RL7af5yv8H8Jo84Eptb8ANN2O5apsO51CQvuuvhzOZZYWGvT5dyelx1UR60dcLjTqqSZpRvAMxu9eCdk__LCKQNciGyQnFBFjlwpnaodAMG4wAkfMPjrhhJdG9FC_farkUW83y20F1--0zGCyF7RWxvmcMip8YoW2WZhGM0J-nXBfRYSrARAWFnpONewPIjrQY1fqDzg1KfEjK0hUaPhn86ckNVa-Nw-CLbvywPszDS_zmaVYJnlpvbaAiQjcI3vVngAzlRzqh6YmvDK8UX-bTbPG_fslweABJ9-z60C8NUtpKYH2dkWk2SJwQVDweHKKFXpLIDcTmIcd2OCuCS6J6s5ZZ-DtSHJoOsarIif-JLGHsR90S4FIIJ94zT-N83vMPHIcsRhYm9PwacI6mB1aFbm8lc6hyFg1otskmr_WfQ9v5QCH2RFqHs2svQc0nxD0Mvw0BfmgH8EuDKoLSAqhNnQz5Kqw0iyKDL9Wv7d_CIZpr5rrt8kUtDXIiDJAh8MBg39qkibcBgDDMyUJAozpnjd2sqMbNI_FK16INRsgEly_nF78z_n_1ntz_FpAPe8ueBqvYo5cp1Kk_Bw2QXl3BR3Y4MlHbMlb6u2Ak1C5qAsSsXarKSXnWSrZclCvHT4nDn2tXJ8t53XSxHBBH4gC3eNQX2cehEPuFE1g5BWz4LdpmQyOv9PEqEKhEhOy2qNZuv6sKPsMn3KsiLAjQLMIAvu7QqnQpv2cZnsOuUSVSFEpQyIhVWat4HGsWMeQW4vDCwFE11zxorCsuHO6jTnAQkMXci2asTAz_CbRm532wfuiM72f9-Ge9aCME0cGzhpz2UCnWRA-onn5G3eLQHUR7eTPQ05q7Vp1_VAQfys4IYt4lqfk_6k-M8VlhoKZcBviQt7MhHiF-PE-pw3H1o1EefWSq1kwClAg7rqHyEWePZpmXO7m0E8xfi0Vq87PxdvtITD61BnFEtWVEbRraMPE1E1XJ7EnW9mIdilOfwLKXMmzCqSdAH5Yn6KdLFtEsoIVqU-y9luTfjb9NIk_N19dfUPfoHjvV7EJgJxYII1xsVALn4CsL05C55JBS7J_ANA4pMf6m75BvGkSwtGCcQBtQaJmQ_S5fgYCtWqDEerNOfGVEWBKp1NaPIk-oEpKTXONPW63CZtXg7t9V4PFyEIqFooUO52salydK4jQV06AzM-DYyiBG_fx8ELnruuwX3tv8YETWabXwBsNupLRBQ96Inzo6i0LEwtiI5hYSl7HEoT-33zR_aqGWpxDapxVpjsJd&cid=CAQSSwDq26N9UR3obYuDIDdBSguO6FQpTfthT-sjuj8gIT_5yztRE1-Vpt8EQU8V7Lz2Rj900oWh0m2fCnH3RGsPINHHVh6aoEvCUgHSshgBIBM&rfl=1%2Chttps%253A%252F%252Faltin.in%252F%240

Requested by

Host: altin.in
URL: https://altin.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

784932e5f33f06283e70e211805a9569b1684ba80f661489b1c2956f44c07ac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34511
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F14 42 B
63 B 72ms
72ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A5lifo9wf85-maEAu3UilwtTq2KQFiu-tcmrFyzWGxP9Mp-IUm71oKOg8wmKJPwO0v7guOKZrvM35c61JifzaUdQjx7h5bO1raX_Swq1ptj7wrqI8

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5F14 3 KB
1 KB 130ms
40ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 17:59:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 17:59:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 5F14 18 KB
8 KB 126ms
37ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 12:23:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5F14 154 KB
48 KB 157ms
69ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 19:47:26 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F81D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8P1gA0aCgkJpZnUEx9KfQ&google_cver=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8P1gA0aCgkJpZnUEx9KfQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYybOm1AEwAQ&v=APEucNVmVvcE_A-dc1gp9AV0ezp1z8hpCjSl6Yk9Sff8e0H2Ebeoa3ReN7VnD8HdP_NLHdFHTSv___7hbOav6MslRm2rwvz24dWLkClpexZKJjGrggpBrZV573hcFz1vvLPAvIj0vyMtv9-rU4uDzBIBeCyNvUmx1ko9v91gh9T_DYOTJJ0Jz3E
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 19:47:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8P1gA0aCgkJpZnUEx9KfQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F81D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4JtTqRU6iWhaVW2hpkrPgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdUST-YdnPPlxfLAzeEivQ&google_cver=1

43 B
766 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdUST-YdnPPlxfLAzeEivQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYybOm1AEwAQ&v=APEucNVmVvcE_A-dc1gp9AV0ezp1z8hpCjSl6Yk9Sff8e0H2Ebeoa3ReN7VnD8HdP_NLHdFHTSv___7hbOav6MslRm2rwvz24dWLkClpexZKJjGrggpBrZV573hcFz1vvLPAvIj0vyMtv9-rU4uDzBIBeCyNvUmx1ko9v91gh9T_DYOTJJ0Jz3E
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 19:47:26 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdUST-YdnPPlxfLAzeEivQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F81D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOsfeQTk2PUSY00j9R2jI-0&google_cver=1

43 B
1020 B

18ms
14ms

Image
image/gif

185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOsfeQTk2PUSY00j9R2jI-0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLfi9QIQ0YXj8wEYybOm1AEwAQ&v=APEucNVmVvcE_A-dc1gp9AV0ezp1z8hpCjSl6Yk9Sff8e0H2Ebeoa3ReN7VnD8HdP_NLHdFHTSv___7hbOav6MslRm2rwvz24dWLkClpexZKJjGrggpBrZV573hcFz1vvLPAvIj0vyMtv9-rU4uDzBIBeCyNvUmx1ko9v91gh9T_DYOTJJ0Jz3E

Protocol

HTTP/1.1

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 19:47:26 GMT
AN-X-Request-Uuid: 7b882f57-01a7-4887-a55e-855b20ecf0ea
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOsfeQTk2PUSY00j9R2jI-0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F81D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU1MTI5OTkzNzA2Mzk4NDg4MQ%3D%3D

170 B
243 B

56ms
41ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU1MTI5OTkzNzA2Mzk4NDg4MQ%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 19:47:26 GMT
AN-X-Request-Uuid: 318f7d82-4ee8-44ec-b0ec-64fe443cee23
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU1MTI5OTkzNzA2Mzk4NDg4MQ%3D%3D
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 124ms
47ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=altin.in

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 125ms
48ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=altin.in

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame 0D5F 10 KB
4 KB 37ms
37ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://altin.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32609
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 10:43:57 GMT
etag: 10353107486223812946
expires: Sat, 10 Dec 2022 10:43:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 5F14 106 KB
38 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: altin.in
URL: https://altin.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
Origin: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28326
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Nov 2022 11:55:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 5F14 8 KB
3 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B68sshYc0mEhS_4G954bq7mEGX2Sp37t27xI-VyXnaXTXNX7_1nXwt9AYG4qKxVlJTqF514gsQgYHdH50uVsiclNtqffy0zSQm5sUbemEvXpRDESmK8IlBIxL49KYUDZPeye67lRv59jOEb12FwsR_wq_SKuaMcd5umlTOyGdmEjd7q2Q&dbm_d=AKAmf-DCpXWwUU1udmXKPP9mLQIZ_5QROp_q_FLHMzNkUr8mCSkn6GtSJETEsT306DTn64K2hC7ASmoXUpJ-jGbltebMdUQTNPE5ROZob2moor1uMtM6FrOqiOuhfNi4XbFlKbzO0lEdiFHgUI_1xN9tSXkN4n3j5EK-tgv__xeZcupW2nQWMPLUNOVU6adH3GeHMw0igyqtb8NeWr9WFzUOYYDuk49ucBUffLtTu7Ev4ZniAqrZgJOE4n7NQPL14EhEwBFJdfnqi_QPfof1eZSMLLwjIvnoTNZ8V7U1MzUB5kKDMJGMCxCRIIKBmYtkuv79s1E8lgqtBlr8oiSXB_pryv1I8iCHhX35d_yd63nWJ7H-9rxKSxpLL_eEwZhjHBxRXw_V9vlGuy4KVDztrJagHT91_nWiiwRk-vlCezYIWlA94IfT30U7FLhiOTf__VXRiPvGr29zCpCpX8pM0IYokm49_x3vu6gbVDYRPV3ptc350dZ7upG4VgI-c0CZ4wyBLeDYED5S9-xU22tkMqnteAQ9cc4LQr3JQOtijf3ig8ebWEEO-wNINklMNDGDE3rKQGxS1MLMn25Y-X0i6fUGxG_Sih0gn0BeIHDu7waF_b3Kw7G5n7GY8hXQIrhYNPf_Nl6ftdaxlv6XWk5H3FwOK-a0XSkQRhqKbVndo72sxHxUcUqScVH1tKt6OE_tDeM-IPpRgsRdRiZudRe7HqQZxRB6ao6gJiBZI7M9Gc7LC72naa8jaspTSsGVgVAizzNmU8wdTyk2kKn00J8n6EDEUBn36GBmH8jOPzBqVnpA3k7ck082PQxmnK5KYBYSrgNgFeY6E1I5ZClTOun0NLQ4onch3cCJbr-_MqMF-Y91XB_HMxvyvX23AQJTPLAnHaaVi9OKcGkeVrt789rKFuXdFDiBVIulT18_KLYV-hKcmkRu_DoXBiLxW2LnhU-JTAZsghQAzSL-So9Ioxt2YrmuQWYkTT_aWRMKqXkxPClF5YFz2w3zk6OWPsDYelNQuQHhLV0xn09fcJsIrpXrKdS4pO0pNuO8SvvrHXQsmWuXfrKNNnwjceaZv2hgONMEEatyEVRJM8irMIkGHmwtdpW8iikUkvBBhTuvCPg_AjJ4ij6eyYabQACo6axqdCatrE7Na1uT4vUITAT5oj-eK-FEWp2v_ErZa26_LjS2pUowqn5Fnw0JHDnn61PfmoHZCfu8ftCSJizbHs3nOw-J5fMq7ChqJM0mW33NeLfhvRzQGWamD4LPFjFdguy8ENqJx7yYf1fbh6mrI2tFhCIaQzwE8L8JO9x8YUIDPnIp1bSCKk7G-moK_8Ex_Xvo1yr2YPEoQSXDrzTxegiGe4RtqD5GNaX5OaX4QiAhRvalJIBNRiuBPsnZqlt6mf3lu4l9JiMHUU9gt0wnRI2xjaowy7i5Z0Hv1DBAudEN_ggq-kDlnQZgF7_DgwZDS4QA21FHZDUDiyGhpkNDTDdsRqWIzOQqQuJKyJ8-k9YgJl6PQ0ppfcFionaRsAwSyrRtAwA0GQrxNNre7m9OA7IzpVPyBs7i23rt4tk0dAfz-A-C2GrOboyUOJHfPrViLdWO59cmMeiInQcLE3uPeZb5j6s1xYTwyYaU3EHEWGdLVlpKc9GhODj1kBJDCpkxvdX5uQ-FnYeFbT17AbC1sxBQXeMtiOQUo9gt5ABqInKhWkwzHTFfyWHPYxNbwao_HHdclv7Dvsr2Z1MwPCkXhP_HvZOxA7WHHgjGvYywXm3JTaYKMtWx_7Y3bJjtn-tVIsmTYp63b1Dn461vOeX6B64sgNHyly6XTnuOb12G6G5P-IvZArb-pY0si3H3e_UUFkcF0ZxffSRfQcLtrEKv6_djiqnDD4-m_GssWZZWQoFGp1BX7ONSYyWwrytX5RisalJKDDV7DIcmc-0GUGvVbH5bKb_hQ3NT_VdfYZK7vzOGz0LT_hj2YrK9BX_YFXM_e0EgO5IxaCPjRexWUfhtK4Gwl5AOkhvGBZ_f3hJg51ZWylBPtyLUwxqmFomWk6j_O2eRh4f3gvP1_l5SACeDRDxh6L5wBXRnohGux3KMctA6D8IBzIFmRdP9AsN1nl1cUHIWVAIuvufKQ1fBfT7jpGDGm7IIuVhsaIJSZWop1PS_I7SgokUzbBd5jH6OL4Bxpak7I6jjzHbjAERB19RL7af5yv8H8Jo84Eptb8ANN2O5apsO51CQvuuvhzOZZYWGvT5dyelx1UR60dcLjTqqSZpRvAMxu9eCdk__LCKQNciGyQnFBFjlwpnaodAMG4wAkfMPjrhhJdG9FC_farkUW83y20F1--0zGCyF7RWxvmcMip8YoW2WZhGM0J-nXBfRYSrARAWFnpONewPIjrQY1fqDzg1KfEjK0hUaPhn86ckNVa-Nw-CLbvywPszDS_zmaVYJnlpvbaAiQjcI3vVngAzlRzqh6YmvDK8UX-bTbPG_fslweABJ9-z60C8NUtpKYH2dkWk2SJwQVDweHKKFXpLIDcTmIcd2OCuCS6J6s5ZZ-DtSHJoOsarIif-JLGHsR90S4FIIJ94zT-N83vMPHIcsRhYm9PwacI6mB1aFbm8lc6hyFg1otskmr_WfQ9v5QCH2RFqHs2svQc0nxD0Mvw0BfmgH8EuDKoLSAqhNnQz5Kqw0iyKDL9Wv7d_CIZpr5rrt8kUtDXIiDJAh8MBg39qkibcBgDDMyUJAozpnjd2sqMbNI_FK16INRsgEly_nF78z_n_1ntz_FpAPe8ueBqvYo5cp1Kk_Bw2QXl3BR3Y4MlHbMlb6u2Ak1C5qAsSsXarKSXnWSrZclCvHT4nDn2tXJ8t53XSxHBBH4gC3eNQX2cehEPuFE1g5BWz4LdpmQyOv9PEqEKhEhOy2qNZuv6sKPsMn3KsiLAjQLMIAvu7QqnQpv2cZnsOuUSVSFEpQyIhVWat4HGsWMeQW4vDCwFE11zxorCsuHO6jTnAQkMXci2asTAz_CbRm532wfuiM72f9-Ge9aCME0cGzhpz2UCnWRA-onn5G3eLQHUR7eTPQ05q7Vp1_VAQfys4IYt4lqfk_6k-M8VlhoKZcBviQt7MhHiF-PE-pw3H1o1EefWSq1kwClAg7rqHyEWePZpmXO7m0E8xfi0Vq87PxdvtITD61BnFEtWVEbRraMPE1E1XJ7EnW9mIdilOfwLKXMmzCqSdAH5Yn6KdLFtEsoIVqU-y9luTfjb9NIk_N19dfUPfoHjvV7EJgJxYII1xsVALn4CsL05C55JBS7J_ANA4pMf6m75BvGkSwtGCcQBtQaJmQ_S5fgYCtWqDEerNOfGVEWBKp1NaPIk-oEpKTXONPW63CZtXg7t9V4PFyEIqFooUO52salydK4jQV06AzM-DYyiBG_fx8ELnruuwX3tv8YETWabXwBsNupLRBQ96Inzo6i0LEwtiI5hYSl7HEoT-33zR_aqGWpxDapxVpjsJd&cid=CAQSSwDq26N9UR3obYuDIDdBSguO6FQpTfthT-sjuj8gIT_5yztRE1-Vpt8EQU8V7Lz2Rj900oWh0m2fCnH3RGsPINHHVh6aoEvCUgHSshgBIBM&rfl=1%2Chttps%253A%252F%252Faltin.in%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 16:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11775
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 16:31:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 5F14 29 KB
11 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 13:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 13:36:26 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 0D5F 4 KB
636 B 125ms
47ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 26 Nov 2022 19:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Nov 2022 18:57:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Nov 2022 19:47:26 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0D5F 205 B
294 B 129ms
40ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:21:09 GMT
x-content-type-options: nosniff
age: 1577
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 26 Nov 2023 19:21:09 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0D5F 604 B
1 KB 128ms
39ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 18:04:46 GMT
x-content-type-options: nosniff
age: 6160
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 26 Nov 2023 18:04:46 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 0D5F 19 KB
8 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28331
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8086
x-xss-protection: 0
server: cafe
etag: 7427986489964165156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 11:55:15 GMT

GET
H3 200 1306149353264073067
tpc.googlesyndication.com/simgad/ Frame 87B4 55 KB
55 KB 146ms
58ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1306149353264073067?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qksVnAHV84jARFSVONl3YQgHeESyA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2813963760383841&output=html&h=280&slotname=4895059715&adk=681411742&adf=1238588369&pi=t.ma~as.4895059715&w=336&fwrn=4&fwrnh=100&lmt=1669492045&rafmt=1&format=336x280&url=https%3A%2F%2Faltin.in%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669492045171&bpp=2&bdt=502&idt=227&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1074x280&nras=1&correlator=8183849617817&frm=20&pv=1&ga_vid=184454585.1669492045&ga_sid=1669492045&ga_hid=1646676090&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070969&oid=2&pvsid=3899033722871889&tmod=1096374779&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=CPS55hGvRp&p=https%3A//altin.in&dtd=230

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4e80c44f63d394723959349a94267dfdc1386ad33245c473fc7e14fc1ff6d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 08:47:21 GMT
x-content-type-options: nosniff
age: 126005
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55898
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:04:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 25 Nov 2023 08:47:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 87B4 23 KB
9 KB 133ms
45ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 07:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 07:15:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 87B4 3 KB
1 KB 213ms
130ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 17:59:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 17:59:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 87B4 18 KB
7 KB 128ms
45ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 12:23:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 87B4 154 KB
47 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 19:47:26 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 87B4 34 KB
13 KB 223ms
139ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac67eba217cc24846f0d650dbf24e7e1f96928839f20a70ddeba99bfa284ca23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 17:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7465
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: cafe
etag: 7011066814545187240
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 17:43:01 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5F14 41 KB
15 KB 201ms
130ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 23:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74105
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 23:12:21 GMT

GET
DATA 200
OK truncated
/ Frame 5F14 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: afa44cd4765cacf12bb426d7ce6dc945fa073d4379290bab1c24c1901bd89733

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 12507901477320583610
tpc.googlesyndication.com/simgad/ Frame 2BC8 66 KB
66 KB 170ms
145ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12507901477320583610?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmF8IvGETMr8JO_ZeYdfPmXlh_eaQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2813963760383841&output=html&h=280&slotname=9325183355&adk=3298560337&adf=3945879369&pi=t.ma~as.9325183355&w=1074&fwrn=4&fwrnh=100&lmt=1669492045&rafmt=1&format=1074x280&url=https%3A%2F%2Faltin.in%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669492045168&bpp=3&bdt=499&idt=214&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8183849617817&frm=20&pv=2&ga_vid=184454585.1669492045&ga_sid=1669492045&ga_hid=1646676090&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=263&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070969&oid=2&pvsid=3899033722871889&tmod=1096374779&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=m5cvHWbeqv&p=https%3A//altin.in&dtd=220

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c6fa8db95889fc6a637cec7ce36edb2f7e428a412ced261f5105447a6a4a381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 09:06:42 GMT
x-content-type-options: nosniff
age: 384044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67324
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 15:07:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 22 Nov 2023 09:06:42 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 2BC8 23 KB
9 KB 75ms
49ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 07:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 07:15:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2BC8 3 KB
1 KB 53ms
39ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 17:59:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 17:59:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2BC8 18 KB
7 KB 128ms
112ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 12:23:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2BC8 154 KB
47 KB 303ms
220ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 19:47:26 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2BC8 34 KB
13 KB 148ms
134ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac67eba217cc24846f0d650dbf24e7e1f96928839f20a70ddeba99bfa284ca23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 17:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7465
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: cafe
etag: 7011066814545187240
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 17:43:01 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0DE1 8 KB
895 B 46ms
46ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 26 Nov 2022 19:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 26 Nov 2022 18:59:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 26 Nov 2022 19:47:26 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0DE1 2 KB
765 B 72ms
72ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28331
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 11:55:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 0DE1 23 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 07:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 07:15:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0DE1 3 KB
1 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 17:59:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 17:59:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0DE1 18 KB
7 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 12:23:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0DE1 154 KB
47 KB 219ms
217ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 19:47:26 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame 0DE1 34 KB
14 KB 123ms
40ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 15:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 15:56:11 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/114511209851478027/ Frame 5685 4 KB
1 KB 115ms
38ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/114511209851478027/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc48c466917b97c66484c9785b6df4889940c4cfa18ae314ea2b2a577547fd5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 358821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1503
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 16:07:05 GMT
expires: Wed, 22 Nov 2023 16:07:05 GMT
last-modified: Wed, 26 Oct 2022 05:46:35 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5F14 0
0 194ms
80ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstkJ53D50Y8dKptXZeZ_FRArSEeN2mQF0Y3HvmyaboxTQa31wvVANUte22EH3DYo5RGnxDTP1O64uWPO9t32hTMowBBB3GsMJcFn4gqgqS4LKMIHLK_QB9lrMpSgw3-R-ME-Z61nr-lQAjHbrSw_xvmaqynMZFt8ZT3kFhvt6QFiXILixTDNISiWrygROF42uxo7CvAy3rC4TYhFGBgkDx8xkUxF7GN34KAlIQ4JLMDpYcacqhZZgXY9o82Z7vUM_ydVBCajjZBZ228X7o4aFU81nWbPWMjwb0I7lks0M8pTcn9EadYSn0qdtCEoDYXzZYBereaHvR04hlf5ph3ql14e6ISm0do8aelnxDotpLHozfnxBaZhXACaQL45FRQb4pqikSwc4daVCFAjO6qz7dKfoL2X0Av9g6BaJhODnTXOHcluDfBws21FyBjnCbPra_EZLJrITa-jaTrMzBctaE1-6PA0J0S6iik7VYB4SbUsiA5GRGMY4PFb01fS-ejuXsbzR9L9joclyYF0jh-z4IedFbze-3X5MMOqYjOBYyA2d1RvC-na841l_b8d2ChZ-INJorivX72BN__FeoBwhTDF0Zmj4YL-Xhb7Y1G212fr8j2X2J1T4h0qUjYaZda3_39W4uFgmsPPoquJlj2Ys-Hirjqu9mZQnpZHv4aAlC5zkvIUUef-jz8zHTjVxyYyvxf7KGwaGYJGC8t_8U7t1UNF-moa9gySbP8HKQJqGGjbMJ8MEAOqMO7EazXBVnucOftIvh10K5A6NzagV-AJzC_iuqC_lXzNeccbPz39F2czHnSozuuC-jQ2r_k56Qgjf1dwenYjFpJ7pPuw3EyN93FqLQ4nfgl4kWatTo-qAmxtljOke0FWkFOZZaXlxOAd1Lbq3wIXJ8RQ8WQo8UFZS62KhX_OcbTKzJUxmV3nCzmYOX_zPE34AYhIEmjUG4Rl3GUwENWQFM20wPpOD0h9Ce6h2GrdssuQJfBIXgLogJMqek-N0txkvs2W-HBCfeuLTlsGxnlvylt5mPgmPQFhZubGYJeqG2ktAwMWfr7Gl5qlYSm56BJMKyt9KWoMEw1KnNSkcFVHx7HNl_balnhkkqemborqBhldNtw8wl4CCNEcHwYtoDbDbxOBeM_mo6BJS1R-f0h_dOrxLzYsSSKtzxIDj-dGo7kTRoZDWeOGys8dRZ7VPqrXJhtjmZ8hXGcujNbCl3rA15iO0-HNqTMn7E&sai=AMfl-YQgrlwN3lJjIswV1NNfGyZA9rPp4knz_NSlE45_9zTjvR4vE66noxccq_jnxHwbxImxlOYaIb-058MdN5qZAAO64stODu_kLcvhG5Q19AXdGymCaN4ukxjTJREwuV-ggA_60VYbgiVIDxB9g_xis-939vQXCWaMwNXLS1Ed7lU4FMi-iW4xTjYqCnaL1DqQYIC7EQtZfD3lA_fUJg6NPk4mlpn7WQIQCeGv25aayxRkSgi0y8CQncA93cbn6gYVHKt8l9P3AuHPJgZTWPYz-CA0Z4irOx72YaT95Fs&sig=Cg0ArKJSzEKpUTGJQw74EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=230&cbvp=1&cstd=226&cisv=r20221110.27492&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: altin.in
URL: https://altin.in/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 26 Nov 2022 19:47:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Nov 2022 19:47:26 GMT

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame 5F14
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=f65079e0&atb_dcaid=202210_es_hunger_dv_pros_347626341&atb_dpuid=di_dv&gdpr=&gdpr_consent=
https://d.adtriba.com/px.gif

42 B
227 B

8ms
7ms

Image
image/gif

3.73.210.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 3.73.210.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-73-210-71.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Sat, 26 Nov 2022 19:47:26 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Sat, 26 Nov 2022 19:47:26 GMT
Last-Modified: Sat, 26 Nov 2022 19:47:26 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1D07 143 B
166 B 39ms
37ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2813963760383841&output=html&h=280&slotname=4895059715&adk=681411742&adf=1238588369&pi=t.ma~as.4895059715&w=336&fwrn=4&fwrnh=100&lmt=1669492045&rafmt=1&format=336x280&url=https%3A%2F%2Faltin.in%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669492045171&bpp=2&bdt=502&idt=227&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1074x280&nras=1&correlator=8183849617817&frm=20&pv=1&ga_vid=184454585.1669492045&ga_sid=1669492045&ga_hid=1646676090&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=459&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070969&oid=2&pvsid=3899033722871889&tmod=1096374779&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=CPS55hGvRp&p=https%3A//altin.in&dtd=230
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1122
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 19:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8C84 143 B
166 B 39ms
37ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2813963760383841&output=html&h=280&slotname=9325183355&adk=3298560337&adf=3945879369&pi=t.ma~as.9325183355&w=1074&fwrn=4&fwrnh=100&lmt=1669492045&rafmt=1&format=1074x280&url=https%3A%2F%2Faltin.in%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669492045168&bpp=3&bdt=499&idt=214&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8183849617817&frm=20&pv=2&ga_vid=184454585.1669492045&ga_sid=1669492045&ga_hid=1646676090&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=263&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070969&oid=2&pvsid=3899033722871889&tmod=1096374779&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=m5cvHWbeqv&p=https%3A//altin.in&dtd=220
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1122
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 19:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 87B4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c9d2bfca129473e62b225652cac5af6dde4e5bdf021dcce9a5d7fe69ccb2e6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C09B 143 B
166 B 37ms
37ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1122
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 19:28:44 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B382 22 KB
8 KB 43ms
40ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 113015
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 12:23:51 GMT
expires: Sat, 25 Nov 2023 12:23:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2BC8 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 172254059ca6046495167df0acda0d719a5e6ccbf6ee3f8aa0f40b3fdea50baf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 styles.css
s0.2mdn.net/sadbundle/114511209851478027/ Frame 5685 788 B
424 B 38ms
37ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/114511209851478027/styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/114511209851478027/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

526e5fb6edf6e32bf819f03036bd59f3c762ae211db67076c1605271d2e96db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/114511209851478027/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 11:48:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115133
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 395
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:46:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Nov 2023 11:48:33 GMT

GET
H3 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 5685 109 KB
37 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/114511209851478027/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/114511209851478027/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Nov 2022 19:47:26 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/114511209851478027/ Frame 5685 4 KB
1 KB 39ms
38ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/114511209851478027/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/114511209851478027/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44d7c0eb92d298eaed96bddf8948d71e77e84c8398f9d6131db0d58b58198c0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/114511209851478027/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 09:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37077
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1388
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:46:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 Nov 2023 09:29:29 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1D07
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
54ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 19:47:27 GMT
expires: Sat, 26 Nov 2022 19:47:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 19:47:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 025D 36 KB
16 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 22:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 22:14:36 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8C84
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

58ms
56ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 19:47:27 GMT
expires: Sat, 26 Nov 2022 19:47:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 19:47:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C09B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

52ms
52ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 19:47:27 GMT
expires: Sat, 26 Nov 2022 19:47:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 19:47:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame B382 36 KB
16 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 22:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 22:14:36 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/114511209851478027/ Frame 5685 18 KB
18 KB 38ms
37ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/114511209851478027/bg.jpg

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1f4dc5c109d175a84c65edff828c092cf5b38dcb8cb9473d804d4e73acf386e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/114511209851478027/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 08:53:12 GMT
x-content-type-options: nosniff
age: 212054
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17996
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:46:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 08:53:12 GMT

GET
H3 200 band.png
s0.2mdn.net/sadbundle/114511209851478027/ Frame 5685 5 KB
5 KB 43ms
40ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/114511209851478027/band.png

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c63e9b64e7eb93ec590c9bbd69b4acadf34d73324caf8aa17ce16bae6d9c4b58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/114511209851478027/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 21:56:21 GMT
x-content-type-options: nosniff
age: 337865
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5036
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:46:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 21:56:21 GMT

GET
H3 200 text2.png
s0.2mdn.net/sadbundle/114511209851478027/ Frame 5685 9 KB
9 KB 47ms
44ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/114511209851478027/text2.png

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3417fdb5e707c098dd11ea7e5cd80451c6ec9e28d98ff13fcc340e49af4b956c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/114511209851478027/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:36:47 GMT
x-content-type-options: nosniff
age: 198639
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9071
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:46:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 12:36:47 GMT

GET
H3 200 text3.png
s0.2mdn.net/sadbundle/114511209851478027/ Frame 5685 11 KB
11 KB 50ms
47ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/114511209851478027/text3.png

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7ccbe563527b822b1581d11c0ad435824a714bac0b99c43ab60aca577e74691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/114511209851478027/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:33:08 GMT
x-content-type-options: nosniff
age: 166458
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10890
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:46:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 21:33:08 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/114511209851478027/ Frame 5685 3 KB
3 KB 57ms
55ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/114511209851478027/cta.png

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3c833d8cdeb548d8e816479488bae23c71c68a6e51dca5dc16e3f44a128edbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/114511209851478027/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 12:33:56 GMT
x-content-type-options: nosniff
age: 198810
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3398
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:46:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 12:33:56 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/114511209851478027/ Frame 5685 4 KB
4 KB 59ms
57ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/114511209851478027/logo.png

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fa5afeffe1961425079979dfc28ad6f3e03a8c168db0c6325913c98fde9bbe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/114511209851478027/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 01:10:34 GMT
x-content-type-options: nosniff
age: 326212
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4528
x-xss-protection: 0
last-modified: Wed, 26 Oct 2022 05:46:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 Nov 2023 01:10:34 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5F14 0
0 151ms
75ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstkJ53D50Y8dKptXZeZ_FRArSEeN2mQF0Y3HvmyaboxTQa31wvVANUte22EH3DYo5RGnxDTP1O64uWPO9t32hTMowBBB3GsMJcFn4gqgqS4LKMIHLK_QB9lrMpSgw3-R-ME-Z61nr-lQAjHbrSw_xvmaqynMZFt8ZT3kFhvt6QFiXILixTDNISiWrygROF42uxo7CvAy3rC4TYhFGBgkDx8xkUxF7GN34KAlIQ4JLMDpYcacqhZZgXY9o82Z7vUM_ydVBCajjZBZ228X7o4aFU81nWbPWMjwb0I7lks0M8pTcn9EadYSn0qdtCEoDYXzZYBereaHvR04hlf5ph3ql14e6ISm0do8aelnxDotpLHozfnxBaZhXACaQL45FRQb4pqikSwc4daVCFAjO6qz7dKfoL2X0Av9g6BaJhODnTXOHcluDfBws21FyBjnCbPra_EZLJrITa-jaTrMzBctaE1-6PA0J0S6iik7VYB4SbUsiA5GRGMY4PFb01fS-ejuXsbzR9L9joclyYF0jh-z4IedFbze-3X5MMOqYjOBYyA2d1RvC-na841l_b8d2ChZ-INJorivX72BN__FeoBwhTDF0Zmj4YL-Xhb7Y1G212fr8j2X2J1T4h0qUjYaZda3_39W4uFgmsPPoquJlj2Ys-Hirjqu9mZQnpZHv4aAlC5zkvIUUef-jz8zHTjVxyYyvxf7KGwaGYJGC8t_8U7t1UNF-moa9gySbP8HKQJqGGjbMJ8MEAOqMO7EazXBVnucOftIvh10K5A6NzagV-AJzC_iuqC_lXzNeccbPz39F2czHnSozuuC-jQ2r_k56Qgjf1dwenYjFpJ7pPuw3EyN93FqLQ4nfgl4kWatTo-qAmxtljOke0FWkFOZZaXlxOAd1Lbq3wIXJ8RQ8WQo8UFZS62KhX_OcbTKzJUxmV3nCzmYOX_zPE34AYhIEmjUG4Rl3GUwENWQFM20wPpOD0h9Ce6h2GrdssuQJfBIXgLogJMqek-N0txkvs2W-HBCfeuLTlsGxnlvylt5mPgmPQFhZubGYJeqG2ktAwMWfr7Gl5qlYSm56BJMKyt9KWoMEw1KnNSkcFVHx7HNl_balnhkkqemborqBhldNtw8wl4CCNEcHwYtoDbDbxOBeM_mo6BJS1R-f0h_dOrxLzYsSSKtzxIDj-dGo7kTRoZDWeOGys8dRZ7VPqrXJhtjmZ8hXGcujNbCl3rA15iO0-HNqTMn7E&sai=AMfl-YQgrlwN3lJjIswV1NNfGyZA9rPp4knz_NSlE45_9zTjvR4vE66noxccq_jnxHwbxImxlOYaIb-058MdN5qZAAO64stODu_kLcvhG5Q19AXdGymCaN4ukxjTJREwuV-ggA_60VYbgiVIDxB9g_xis-939vQXCWaMwNXLS1Ed7lU4FMi-iW4xTjYqCnaL1DqQYIC7EQtZfD3lA_fUJg6NPk4mlpn7WQIQCeGv25aayxRkSgi0y8CQncA93cbn6gYVHKt8l9P3AuHPJgZTWPYz-CA0Z4irOx72YaT95Fs&sig=Cg0ArKJSzEKpUTGJQw74EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=462&vt=11&dtpt=232&dett=3&cstd=226&cisv=r20221110.27492&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: altin.in
URL: https://altin.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Nov 2022 19:47:26 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B382 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuIBcTm2CY9XfAYen3gOvy4awDQAAAAA4AeAEAg&bg=!OTqlOn7NAAbvMpMzzzI7ACkAdvg8WgZi4cEmva2VuHwFe3Y7zUQoWapI8BVieW92BGmEuJQfRq9JPQIAAABSUgAAAANoAQeZAudqZy3kwFyopKrtBTQ3N8hUJe-dXrYqT35WjPr89qGN5VgeMOt26_t_9c7jR7yilyM7_dQamD1Kd3EeTHoK4_seIK_XZuU2DG3Aowq8D2OUzw0mIDJMwppjIS30HX5EblpZ0nUJpI4e4BCRPW-sTY7b6ul39FwFrARh7Iwf7DhUAdQULKIsSMvFioAIALFVcAKiOMmqJRUnuEhRuK4IpYhAR3mfhsEW4wsUFHlrxC7lZb9dKPvRXLqaSRzxr7zXt2BCc2bNnd-pn8Hp3d334VBRLPscHBNDuVOHyzqe_kS0KoHKRmaVOn_6Joec32ZNHluIvoIU_cze454L5_I3qaU6Enlpk5ylg-E0mNWoE_olqPmN-9qLavtrLK9_GM8FZP8BSDtZoFqdRi4kuSUE5s6AB6F451LibOkiP_lmfDXqyaxCueN3G_Cr3HSFz0WDi9jQnffmccjWLREqnQrip5MmerpaCOiaUXR0fRCyxiueSz11Be1D_j8hkAVDQ3JbJxAX6ONJDYE8fmLUZHpXmHNVs-gD3HqfpKfvNNqx1k-NAQ0AnSp-dSqygBYK72-QxyBJ-aMCXhByQG84nXHmpBCVslmAYRNZcvThzmImKIpDD7yEgVHS5hChP0a6AVL8QLYxDvfo0sE1cawvpTPZS-oAO9hsga359MVeN3CPqHD4dWFh75ob2Plba-lI-nlszZln8RaixPfdTL9UnZVgE--UdePqSMrD1vRVxiXGRj_ofsnZbHV19GZ5pP_Mii_JVbEXBHh2l_OOHWjyLcq97tBCW5Lk6iKS9ZIaUj7SfA4VPgRKPpUlk3J2DhN2kJUg9vCmb8EccHxAf1MCuCBEVCMD1bNlL3rayYDAD6QSc8lZeFPQCbIwWfsEsb1LnVL988Uq-Te77WfwrORWjvBRcUpfCLQcNWvpGAkMmes7JUBVyPpUOUSjb21du6XtQ9g86j716amGuuOuWrDFrY78NWp5BkwdeaHmnw

Requested by

Host: altin.in
URL: https://altin.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 83AB 6 KB
3 KB 42ms
37ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://altin.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 19:47:25 GMT
expires: Sun, 26 Nov 2023 19:47:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C364 6 KB
3 KB 42ms
38ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://altin.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 19:47:25 GMT
expires: Sun, 26 Nov 2023 19:47:25 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C632 624 B
245 B 51ms
50ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjsvtW9ATAB&v=APEucNXWqdlprvfZ_DPKfFNnbyFbrVNYFW2YK5bpA2__iwNWegi2C_EnX68Y1UzZ4CpZq8sr7umRWgw8lWlk81RKGJFi0qYMnWBwCGxads5KxTvbjt-k1Duij6gIDVFkpEd8hzrj5iD4os1PEMF2YEe05HmiLIfWuQdaEtjVlI566pOnQIMB0h0

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 19:47:27 GMT
expires: Sat, 26 Nov 2022 19:47:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 83AB 80 KB
34 KB 79ms
77ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRG6GAJjQrLS1vsKU87Xv5CW7d6l9tZpkO4wUFxmQ5S7gLnYsKEBC4RM9GqU__Pa9JOIsVBdjuHg-yE7jEWxYRdwjliQ&cry=1&dbm_d=AKAmf-DRS5WBRdg13lv1Ng7a4oziVhzurAvGApGl03n8EBeDtwiDH8d35XJK-3AzZbXyfe3CiWsOVsU1_1HuruJS4tRp72aIcXRm4jSXNVpTJOZNOVNNUTf3QcYJ55G8XnRvNV4FWTCIqyncO-898yQz-wepnAYgi8w-KHwW6HQtgk6IklUVYS9DgcX3JTZGJpLgqMVPx4v_7h8yw5lplRiPVz8663PFHPgcuLzWeHOkNlCaOk9kWT62hl5-LCmJpNCGdmo6GKmeHyFhvTvza9G1zoLCzINgC8KusLiUVDda8xDYgW-zFp_J0TjELT-N0GrcGU_jud3Attj7BiWEA1uo7egyvvbNurGSSFyW6cRYEPbZvw8cFiMpMja2jqDqcIWgjjhvvqeSj4PnwxXsAxVr1eCnLKgUOm0vhme4tgavjubTQPjLB0o5uvhfzAPHnEUnWQEcy4yOy7oo6_j1hJrA7buUSdjOV223b25VgiHYjHNumkJNj6CRRQBPd6QviSntHfpWgkrmlAZVbBUpn7hIvOl5FdUXQlB3ex60YOu3n8Mvyt9bWA8Pwaf0dLBEascwFmCNeW7PUGjCPclSYJIz5cEbyncZeTtOv1yuxus6OGz-o3E3VYF2rUsIdEgNtICj6XTCoIHBHDqQGeeCNGv5gOJ3dR7veZW8jBlKbDnCX3zRx8OCjKmf6xeReV2Yzs3XxY-qIHpJQoe7hEl9Gx4qajjGhIcxbvaNw-FNwXOqwupqGKSH-pa81a9NHY9HNKG6CHRr1fexoPbFBqlcpqSBIL1OfX3zD_X1FDFtwjrey_-ihdS4W4nzJEQP1q96o8Z4RhXRwvu8AlekqBv-xNkepbyT1EbpdaE5ljce_1HCtS4WYPgdUcJ84jInltt6Da93gv2Pq-X_Pdz_6uARljNmH63HoRS6o-s3JyeosMQ885kdOvL5QlKAJKLO90HVxvB5vfGxiAQG3GJrWa7SBqGKM8fGmDzMwW8CDTILXo-bCCQfDZDfGClMclTiZx8difxDzZXmJKKuvpoZxHclzVhlwZCjplBwdG8ESvVKg2HypOUpXwrsK_4EWuIBVVFS5mm5T6cKWcvxC1d7ctHI2E3wgw985J0OA4He8KUetQrQOaE8ierFEMR14tq0KGyTd_AB9owBLz1k-bQBHLjlXpbWVZy04VqvDBY0mGZNfSqi0JIcZbU-AESl-h31dLLyHBrS1cSJ9fcrtEGebSPao5H0qfh6s0zuKWVIaWNBsy7I2rTTuXKgKGhK2WvQpvVziORT-je9irby0y30Ymk-MmRTbSn7t_4ythE9CyDKn7GawJpqsRrS8LodEjPegQcoDnUEW4EQAE7OGjk4wFYficIE0rU2rIc8wmsFdefKJbGZBQu-aa-1WUn6fbwiCFio16BkKYCgj9ZF3udcPwlRi-UOvr_UeWGrkYLSjAYaf9AppW24DcSoE-HyaJtGW1DcM2hVK69NA8p-oTZ5IRYntMzkHVKkjK_L-HrB_EqYl0eg-CWjTtjyYYFrUlph8IEfoGi3SQPP7VtnJLNfSvkkmoaz5LzLn5rWtwqFsXBxEMb4yQYtzeBMbmn-fLEtaiRJhuMIc0disVJzwYXSVmr3DT_BBm3XWutIVSTHy3uD8fBfOTQgeIWhHMCRLswLf1YTUt33dpkQW1d2AtF5qzA2QBvQzKbjQRD76tfTgWmxf6Cs13YqI0LbVdyLf2df70hbrPE1r7HHPMLO6t98zBc_kaGbTrHOA2a3gh91trEozYED7j9MYZKv58A6K1qY_q_eQsgaZA58VVUWhpK3013xqNvawuLbLxYdxuPVWs08FsN8FyUXrglT0WS_7uicUPIYm3AHRYDNKUaF-tY-w694umg6TT7rulV1sGdFPytH52J2RT37dvPTp4Lvcr8YvREzVMBhgRFqNfDeHcoY1vMfj_hsJc-w8_-MN13gh_KN4AfPzJj9TdWXXlx8NZTnn4yvNada0uUeQfUxji5OPSFZpMA7rSy6G0yGmAuCJPNAlRK-qIR-qGOYsxqdtAIdY9p5aZKCoYcBAD139Jp9iLjNrH2Rj8lsTwFv5BRwVA6xI5nYO-JedRlcwVJjvy5TLOGdkCraY0DML2v4Cb7gGwqr_kl49esddmnjmzdSGdomaxqjfQ_IfpqChxRZm9db6eTbERx73nNy16w0ky7REqKTf5xRJ1oDez7PmY22UfaDDF9PJfGTn5LK5bnJsGR33ELZpiAPlT2J2j891LL5niMJUcxcAw1-Q3_HFVn-EyDwHDWlEs7c1V9RVQaSEW6-ntOsXbw2mMP-I0nNP0uONu3URhWM9rthu_AsiyPXl3wO3gPZW3tvZPsjW2mNb4ScKEaCQ1jZDQQxFOPssHW7zaJUYWFp9i_BA9tCAvAmMmEZcthNICBDgGDBoRMoymyUlK98OPRHb2I5Fm11h_OQCw1oVknap8XLj7bhtpRYfUMdL6ooCvUXOxRlW6AGTIgIQ5HoeZ4vM3oZ0OUM6dhXv6A4aBKwL-Qc6H1Kz-chHmQfURtNZp1d_koI9J27ksUMG1swNkParrheND1jnC5sjrGyDlvU_dEAII9AI-Fxq5ReNf7luOTHVtiJFrstAiSE1-HWlaBNCAS76vRf8SQSD1UYiM_wO74__dNXf5BoKWjMvgi6Fgx3s9oUJHo3u3GXS43zJc4AI5SEuIUZnIwYXDRuYiLviRk6FAmhnih_sftD_TzACG_2H4jk92MB9WGBgDUCrhFQnIOHQ6mfqxn4E-tqJ4uTopcyqSK0yxaSBTSaqLc-Bze1p8FyB9FZcLiD52UU5Dw3574iT1Yg8TSJMd3lpwECJDUPm-8ciQlVKBO6VxOGK8TfhM6dWoBjZc6mGRk1NFOpjyJ2RXodBqnmjiMtRgVAbsmOafF6EFDRqdkc_2dz3kBeEJh2nTcwiT8_HG35e8cOU65t3m8oLOybpw_q72VJgPF-vkVpc2szqKMYRjDuZx6Xycj8QenxzptECTjYxO2eXFNQBWudN-6_SXatoN9ULlc5bG8c_Vi6CkSxVfiidk6uXTacKlSEXL4izFKj-sl6vfBIXE0bvWnRR1eZlYkPTiXwVWUyWynfjjBYIcEzga3i3khualwbGK-pSrih9MNIDJ-CkcTMXv_Pomga-vSQpr1gx00PWfuJNvR0kbjxc4D3iELeRSI-WF24np_41EIM0FDKWc1K-nUJrApPlN_q8yiCPXhlSmyDu_-xpAbiCTMKo5WY_BvSLjPSh0bqFwBdqDxkWq9c4Gz9HT5Wg_aT4aoFfNMulyywTEGIIeiwXnimkxr5aBOSYuHW3eQyD2pDFoIj8R4nM-5JidYfZBXjOmR0UfdNOA&cid=CAQSSwDq26N91BJTU8jx0CvcIrIu_h7WFs93AVWQmg37D21nrCzYAL36Alo7EU3cU9z4_QBc9HdJYGGTmThQiaLEBTs6nVm_Op9ksYmKJRgBIBM&rfl=1%2Chttps%253A%252F%252Faltin.in%252F%240

Requested by

Host: altin.in
URL: https://altin.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72cadedb282844f857a8035f238c98132579495f6c73ecb0344616f7d36de697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34445
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 83AB 42 B
63 B 74ms
72ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ANSoMU9wFFbsoGpxqZI1BOX5Yd5X8BSY3AvJ4eEyq4sELTrIIuoPtMn9VjKj3pKyuS453gntXnvToQbJ_ODlkH2NJvNPmHKIPXvMmh1dO_XbLRBD0

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 83AB 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 17:59:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 17:59:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 83AB 18 KB
7 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 12:23:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 83AB 154 KB
47 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 19:47:27 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E9DD 624 B
245 B 52ms
51ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOG639MBMAE&v=APEucNWZJHJ6U1o_18wcEi3PJXH5fDZOtMNoY1t1Rs8sujRAJ8ZuZ8DUY5BQPZlnT_p9mVYxvgXRfhm6hSh5nFjOD6oq4C9lSW4GXJaum8aaZ1_pFgFvbkJdneV8C_WlL291-jXoVbLIhVHNnfbwxWWVTRlrdMBPEE-OFqyAn94RwIVQhjjadk0

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 19:47:27 GMT
expires: Sat, 26 Nov 2022 19:47:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C364 28 KB
16 KB 89ms
87ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A1gYSLicuUR-1tDl9OYqW4h_G-DBNekX2eElqYIAmuRSdVE5CRLJZQc_00lcjlteJvxRdCSvUlIx1OxEIUJsNu-JxenJs_5wwFDI5aMT5x9gBCV_NLPOltRhHYexGvUjimVJ-TAgO_JQwlKo22HM-h9PPThpj6RiYuxqmmJCSNseaXMHw&cry=1&dbm_d=AKAmf-DUmTGjgQ6PlAH6HcCaWg9WQhfjew_8KQcyvjXrSk6N9MrzEoefj9P9rSvg_Fv7UgcL55VPB9f5NQFn0qMJGrlnVw2_jnMsrLR_srel_5Styy_8AAc9Mpuxfotnz4caWHSI6CXHnHUOOZnmGdRRgcLjOttG_jNkUXCHrsshVD2NaYpzeZxjtIOLk4R7WJnncc7b0PC0-AlK_8ddwCEjT0obkRpCBVovLFeIylsDgzbaiXCeRPrcYS_qtdmqHJiRNbDbY-mXjSBlapI8cIoNYUqHPhkfW76XpSd9TmUa9enXMrvOHX6A29Fv8rdZyNDcwiuoy-HUUd39XgVjkMstUmCDLC1tlsW9x3589bQyWHU7sLDaLftKT2rMS7AE8z1HTMGpcNv-Q8U86FfSxc5yTfO6EG4YkYeYOLE75APU1hv3MSgJGlIDire72DAR_bPbwLDe8wc9zU_3aEJNFZPxVxz-Rwn04TWFy6oZTEMA6L2AVx2ebOF6WoQIMbSdENKR4YaupnZeudmRo1qtJLTsMLoylSEgbZ9LWHNEW8k38GUA1sqctXqTPkKMZ-h2eMwsumDGOBfcr49YN4HjUuzuTT9Iv8Oowy4dtwVky9dgZ_UePf9uwHYBrk0xlY5xdOaRQMVM2b4fI6TgvDzn94P3mohXmVcQr-7r0fAFHHaN8-NPC_tAjxRTpHDlHRs_69k0ws7T2znw4deKqUTKtvj-WLA5uBg5WLe6Pya7d-WluKp6A4zxhpqAfvu87yfw8HztcwaCalZCQMTJjxdOJx7z3HUP4ayrOGJTxAA_ENvLP_cM-IFWRBCON1A1OS-kvM0r9hkzdzveGy7WFKeje-vuHN_gz_dY3uu55cPKBcDdyFjC6A6J4E-gC2NvqeHnKSbOqMrFSgEZCUztcnnl4kmgoW7_bURQHAWQbbFScoypzJ4xqzSlEpPaWpIP9j8dDYW5ijfL8sG6ikFI4wXB8po4lgY2zkKTu8sL7Qnj_zmvSim3hIjWkP3RXIkfC47AXPrfI-Apr2EfCLQ96nFBgCZWS5cqSMljxcK_FVvdbLpuL-GCRnXYDhfcoZ9cuNLxNeGzAQkZv-mfTb-r0rB-ZScKTFnASOCWYZviKmvVn5N6_vGmtsuMQbl2usKhUbMMTXiUTR57MXF-YBKjFbbSDZXo4gDEkaW0TZaL2NIO4WOJAVfVbzTJ2NTh_UUke_FpbQxlS1aEAO6tKbHvp6dbQjC_Oxu_f8daL12un5Hn9w4izAFkTq4NbJdvQlrPsAZVzraPBkkM1eaPjtDm4T6yeSTTQ6n7rBncPrSKdtdSalxGqiiYQx7lUaoL4vGCyKATD0-zHY4rPw8sv5SP5zSfr7oz-5yd3WnKShp9w0aCSNfFKmYT0A5FlBB_VmY3dXyZTksfzOrISmtaHvcadRxbM5fhMip5F_cwbBrbq3WC7NlmX0vY6WOAepoutjIlU6WoeAL211K5APdcvyUmRyIEhmCNvgLhzZhxg5cB1uoVeZeb0RC7hF6vV87P5N9M4tTQm1U86O-Jh2ekk7KzG_vt3w_4YL7folupJYAUxsjSA8_x4KO2_RRjH-3eypM8PuxwLNkeAqkDok_Mt0lxHIFG76B6oIm9hW0dBXiJ4MshkQT7Y57jeNPtLsL6K-X2epQ4398qWmZPQcd8lMUvUIKzdYDVhHI4LQBVBquDc9hGj7xoCJo7OuHdgrazokPrAD9zEf5fNjJl9IgdX4yMsfNhzY3do4N_ZGuFlpyvEPc3zDH8GhY_-1ahBkWBsuNR8YIqoAIOxSg0apVvo7ZPmZIZchSAh-hxczAB6UVB1uiyY_zzRjmcguKLviKr-3bNjQyuCrH0VB-YxSjmo_TRokh9AIUdHS7Vdk-MN9vEyZAO4tQ1mZJvNhdrYDRkJO_A3HoM8JYSawy1NYbzkCbfLMYmGScR5aa-bzFUNDeHTpCnA8AKGKOp7DYodRpuAhH0Nlq4v_luricgvKLa5hDHmckemlk0JlUg5Vm4Tf7ReWC6RIR6LwOGmx8ijc9GsFSXre6J-6iFS3GWZ-GojGdiCZ6w_vPpr7zGdtT2wgRkkXcIUXj2jQRySZPwRfMB75riEB722CaVMIBZkE-hsh9PwbXl5wPz32WmlA6EuEBr3Yf8xfmCmkfh3bWYKoeqBCo3OTC4YfmA7S9QysnxqIn6sC53EtCWGqGa31c33sKnmI5LjCnf5Xw2EST56GMyoh4kCzX8oMbrTpCNObRHFblwWkh61egTTO3_em-O-FdZS_Z72sJL5B31EmFridUb619qrRE35vtgCgXxnMRTZlFkDAUmbOkAtCcU2LtGEU6pxGB9mgNClOrJ8umFhJJX1zHdLgA4C-1fsXr32DyP2rE5y69pC-ERZYkjuaRc-ATfAJChLw3DBgEmgXmU8l0iCh7RD28vYgIgTTZBlbTvbIXqP603XynicbuYFDuBVbH3Izdv2V733RQAy5EAHM41yIXs0ednF14VQXpqWxtN0c_mIqKiGFI6KvP0cquSQzHzAMpi_1FNN_U-TGPpcz1SVnUjy5iWDamDI_qnZoxMwyYSfTugnYs4ygu0bN6ZSR5M9SLoqBgT1C_O4OzPIjSu0m5ctstg5J8z3mqTw_0eum7aQRv8ErRWCMmdwAK7uJ_evLWFWIr0wOJpyueAyLRnoiUx59L_kh787appo6MZrec7ZkxXS5SjZ5PZfMPVRKMbKAEzM4Q6hgblZ6TRN95ln5wdv42ihNO03c2mOhQ8doFclJaMuQ7Lt5DVYvFgwtBb9L0X2q54HRRGfeSlZDBeQAmG9vADOQtzXF7b9hOzt4WSyrbT4FjSsEUkGQCTC8G-QKNJc---lHJygQjl781cs2qhW56yLHjcoMMsbXGdldjg24EytsozvpKkvUYI2OpLYplIrFnS32n9vilwXcVWFehkg2m6d_OwI6Ta3FTbVVbQLrt3tDtCJiBR86BThu5xItezTetuVRBYH1KotaKnML-EatqbkGuplY1KE78U_tqOb1LmMLdYHHGkvnYlRCe-bZ_bK5r-BDv2pXxjiUrkGu8gUUjiatMxbUvERBSP5EJ3BQ9aVZszFq4jWLcolbFPZgNB5OHSXaZYEgX23LqxZpUBFgcaZnqys9A7dbFmVRUlfKlFBmS2UEReqyFTUQ6N9uVU_Qa0Rs5TW3simXBja6ppX60i2l-eE8qgz1ooSqX81ZszO8WP8tS_4y6ecyUZiV274YG8tg3TkNvsHp5UZReEAdKvG0a7qUPT4Inm3ZiDaNc_gMsZNKAVdqbpa1j6eFrQuOv7ylPHRI-lCw1jgWzgeZKUcQFGdI89SYV9Itlrb8-Pm4iMJXDCOKrtww&cid=CAQSTADq26N97XhDFYy2_5VY3LgqiPClaEiyCLP_XOMgSbd1IWYP0eJiLOjisVYePcWAegDp04nPYUpGNVBmUUJpLdClRIA04EDSA_K79fEYASAT&rfl=1%2Chttps%253A%252F%252Faltin.in%252F%240

Requested by

Host: altin.in
URL: https://altin.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44520c964e210bf9547693ef40b363f0e3078287389b592c0824ccb9c79be643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16735
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C364 42 B
63 B 73ms
71ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DU0nsYAL46oz6L3SdKxEb523mulYJSDCJa5W6QaUWKA2wxGta25vQ6V8V0kpNNni2z88dJPzRVyURw4AJkxblKRp-sfs0800X1t6EdeSnIkn7_vDo

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK unit_renderer.php Show response
as.euw1.jivox.com/unit/ Frame C364 96 KB
26 KB 157ms
85ms Script
application/javascript 34.240.46.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://as.euw1.jivox.com/unit/unit_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669492046817081&cMacro=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCSAgoTm2CY7nvMbvD7_UP_-6U-AGInrzIbZChy9vdEN_kor3AARABIMz4sy5gleKQgqAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBNkBT9CDoD-dURtkwuR_S767ceDv5l3fv9dDbwEDVsOpjHUwqxO6fMvoYeIZFD9KltafrWNhVmhXBj-1ZWx0giLFeUH9b1h5g-tOrAL1e404mI8Tl8xVj5nwwk6Qxp7UOEnsHwbl8ooJeG_5X2AwvIfJguGxOXWGDRYS32WKVFQtY1GvIlU8pGQj4uhxFu0qtk-IpYnUK9xs4d15HIAd_noW4heNUZ4TEFlwBaiUG8g_m7CNpaelRVZcFaqG0VxM5SnDMl7YmUgy8_qT0RCA7tRb1McMyE9GRe_I0MAEkdWLvZIE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbAT6M-fEdATANgTDdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSTADq26N97XhDFYy2_5VY3LgqiPClaEiyCLP_XOMgSbd1IWYP0eJiLOjisVYePcWAegDp04nPYUpGNVBmUUJpLdClRIA04EDSA_K79fEYASAT%26sig%3DAOD64_3dlIvquWYHP1d_NDh0Skuf9yyt5A%26client%3Dca-pub-2813963760383841%26dbm_c%3DAKAmf-AITh0KXE8i_Y84Y7XqIEDleeC4xBaGpPV79BZfOig45k4NX9BNEbdU9FgmOVHv3jtfpE8wLAsYeyWWp9b026bFnWgZKLBKErr_QVOkOqLxzBhnZO1Bg-BagSA9UWzGd7iNcCucRr9E13u-7n19VMuBK9WO-rchOxQD8tJpubpIOIm8PbU%26cry%3D1%26dbm_d%3DAKAmf-CvwdsUV9M_0_g0qzI_oJM9MPGI-Kbc89eLJiLJxugwgaNrtk-wdjkuve0q1RsEDMydZxFg6vMcz6vEBaGj1II2FCLQNmoL9qW8Rp22mC7M9zcIayGO_FoynewgEDXCLTGo4RNww90BBjVFiLcGgu_hNZyFjLzinAFMkregJWY6-skNV2VN9CQfRHy7g7svLkiTkEXtC8kSKMYYIS4k9ptpajMe11Jvl2518XMpDJ3fpdWEa6S_L29cLKh1CpnFXNaHUOtiifcjG2h1oEyQsNkvX0wm3JPKPxLQ9GF6LfYjQ3yHasoy3hNaz0qIn-9U8vGfVbJdpR2pehhWeCJ5AxyM786x1spA1EHkiINUQDgA8CIdVP6rEpCx_-FEe4lYib6HP9Z-hAN6ptTg5zmITH3Q8nNcFcYSss1pkriC8u0HGfT_CxcD9hrx0rABwqPPwiJlbI6g-lhdTgx7Sp2EzxQwswVr4-I2ajDYM-7mYlRcGDf_SsXplrxU89ajAcVhfkCVIUpXOortFcPjIWtShv1fYZNyEQ%26adurl%3D&us_privacy=${US_PRIVACY}&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29
Requested by: Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.46.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-46-197.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: f2f6b60bd26c0537be31dfaf2beed3ed6c9d26dcc73e62401895463cd911bcaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 19:47:27 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 26168

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C364 3 KB
1 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 17:59:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6452
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 17:59:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C364 18 KB
7 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 12:23:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 12:23:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C364 154 KB
47 KB 63ms
61ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 19:47:27 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C632
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdUST-YdnPPlxfLAzeEivQ&google_cver=1

43 B
766 B

12ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdUST-YdnPPlxfLAzeEivQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjsvtW9ATAB&v=APEucNXWqdlprvfZ_DPKfFNnbyFbrVNYFW2YK5bpA2__iwNWegi2C_EnX68Y1UzZ4CpZq8sr7umRWgw8lWlk81RKGJFi0qYMnWBwCGxads5KxTvbjt-k1Duij6gIDVFkpEd8hzrj5iD4os1PEMF2YEe05HmiLIfWuQdaEtjVlI566pOnQIMB0h0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 19:47:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdUST-YdnPPlxfLAzeEivQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C632
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4JtTqRU6iWhaVW2hpkrPgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdUST-YdnPPlxfLAzeEivQ&google_cver=1

43 B
766 B

10ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdUST-YdnPPlxfLAzeEivQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjsvtW9ATAB&v=APEucNXWqdlprvfZ_DPKfFNnbyFbrVNYFW2YK5bpA2__iwNWegi2C_EnX68Y1UzZ4CpZq8sr7umRWgw8lWlk81RKGJFi0qYMnWBwCGxads5KxTvbjt-k1Duij6gIDVFkpEd8hzrj5iD4os1PEMF2YEe05HmiLIfWuQdaEtjVlI566pOnQIMB0h0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 19:47:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdUST-YdnPPlxfLAzeEivQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C632
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECQAVXrKfxnqc4_0Mprk4NA&google_cver=1

43 B
1020 B

20ms
15ms

Image
image/gif

185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECQAVXrKfxnqc4_0Mprk4NA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjsvtW9ATAB&v=APEucNXWqdlprvfZ_DPKfFNnbyFbrVNYFW2YK5bpA2__iwNWegi2C_EnX68Y1UzZ4CpZq8sr7umRWgw8lWlk81RKGJFi0qYMnWBwCGxads5KxTvbjt-k1Duij6gIDVFkpEd8hzrj5iD4os1PEMF2YEe05HmiLIfWuQdaEtjVlI566pOnQIMB0h0

Protocol

HTTP/1.1

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 19:47:27 GMT
AN-X-Request-Uuid: 896925f6-dc0c-426c-8de5-17f0290b654d
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECQAVXrKfxnqc4_0Mprk4NA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C632
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU1MTI5OTkzNzA2Mzk4NDg4MQ%3D%3D

170 B
188 B

45ms
44ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU1MTI5OTkzNzA2Mzk4NDg4MQ%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 19:47:27 GMT
AN-X-Request-Uuid: cef5caf1-3498-451a-a93d-38a385fa08de
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU1MTI5OTkzNzA2Mzk4NDg4MQ%3D%3D
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E9DD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdUST-YdnPPlxfLAzeEivQ&google_cver=1

43 B
766 B

10ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdUST-YdnPPlxfLAzeEivQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOG639MBMAE&v=APEucNWZJHJ6U1o_18wcEi3PJXH5fDZOtMNoY1t1Rs8sujRAJ8ZuZ8DUY5BQPZlnT_p9mVYxvgXRfhm6hSh5nFjOD6oq4C9lSW4GXJaum8aaZ1_pFgFvbkJdneV8C_WlL291-jXoVbLIhVHNnfbwxWWVTRlrdMBPEE-OFqyAn94RwIVQhjjadk0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 19:47:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdUST-YdnPPlxfLAzeEivQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E9DD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4JtTqRU6iWhaVW2hpkrPgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdUST-YdnPPlxfLAzeEivQ&google_cver=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdUST-YdnPPlxfLAzeEivQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOG639MBMAE&v=APEucNWZJHJ6U1o_18wcEi3PJXH5fDZOtMNoY1t1Rs8sujRAJ8ZuZ8DUY5BQPZlnT_p9mVYxvgXRfhm6hSh5nFjOD6oq4C9lSW4GXJaum8aaZ1_pFgFvbkJdneV8C_WlL291-jXoVbLIhVHNnfbwxWWVTRlrdMBPEE-OFqyAn94RwIVQhjjadk0
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 19:47:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEdUST-YdnPPlxfLAzeEivQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E9DD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECQAVXrKfxnqc4_0Mprk4NA&google_cver=1

43 B
1020 B

14ms
14ms

Image
image/gif

185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECQAVXrKfxnqc4_0Mprk4NA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOG639MBMAE&v=APEucNWZJHJ6U1o_18wcEi3PJXH5fDZOtMNoY1t1Rs8sujRAJ8ZuZ8DUY5BQPZlnT_p9mVYxvgXRfhm6hSh5nFjOD6oq4C9lSW4GXJaum8aaZ1_pFgFvbkJdneV8C_WlL291-jXoVbLIhVHNnfbwxWWVTRlrdMBPEE-OFqyAn94RwIVQhjjadk0

Protocol

HTTP/1.1

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 19:47:27 GMT
AN-X-Request-Uuid: 418a5f78-21ec-425d-b92a-a1fa32e13cf8
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECQAVXrKfxnqc4_0Mprk4NA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E9DD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU1MTI5OTkzNzA2Mzk4NDg4MQ%3D%3D

170 B
188 B

61ms
59ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU1MTI5OTkzNzA2Mzk4NDg4MQ%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 26 Nov 2022 19:47:27 GMT
AN-X-Request-Uuid: f5712dc3-c678-42ed-ab01-1ea0c1509f57
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU1MTI5OTkzNzA2Mzk4NDg4MQ%3D%3D
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 83AB 106 KB
37 KB 119ms
37ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: altin.in
URL: https://altin.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
Origin: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28327
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Nov 2022 11:55:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 83AB 8 KB
3 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRG6GAJjQrLS1vsKU87Xv5CW7d6l9tZpkO4wUFxmQ5S7gLnYsKEBC4RM9GqU__Pa9JOIsVBdjuHg-yE7jEWxYRdwjliQ&cry=1&dbm_d=AKAmf-DRS5WBRdg13lv1Ng7a4oziVhzurAvGApGl03n8EBeDtwiDH8d35XJK-3AzZbXyfe3CiWsOVsU1_1HuruJS4tRp72aIcXRm4jSXNVpTJOZNOVNNUTf3QcYJ55G8XnRvNV4FWTCIqyncO-898yQz-wepnAYgi8w-KHwW6HQtgk6IklUVYS9DgcX3JTZGJpLgqMVPx4v_7h8yw5lplRiPVz8663PFHPgcuLzWeHOkNlCaOk9kWT62hl5-LCmJpNCGdmo6GKmeHyFhvTvza9G1zoLCzINgC8KusLiUVDda8xDYgW-zFp_J0TjELT-N0GrcGU_jud3Attj7BiWEA1uo7egyvvbNurGSSFyW6cRYEPbZvw8cFiMpMja2jqDqcIWgjjhvvqeSj4PnwxXsAxVr1eCnLKgUOm0vhme4tgavjubTQPjLB0o5uvhfzAPHnEUnWQEcy4yOy7oo6_j1hJrA7buUSdjOV223b25VgiHYjHNumkJNj6CRRQBPd6QviSntHfpWgkrmlAZVbBUpn7hIvOl5FdUXQlB3ex60YOu3n8Mvyt9bWA8Pwaf0dLBEascwFmCNeW7PUGjCPclSYJIz5cEbyncZeTtOv1yuxus6OGz-o3E3VYF2rUsIdEgNtICj6XTCoIHBHDqQGeeCNGv5gOJ3dR7veZW8jBlKbDnCX3zRx8OCjKmf6xeReV2Yzs3XxY-qIHpJQoe7hEl9Gx4qajjGhIcxbvaNw-FNwXOqwupqGKSH-pa81a9NHY9HNKG6CHRr1fexoPbFBqlcpqSBIL1OfX3zD_X1FDFtwjrey_-ihdS4W4nzJEQP1q96o8Z4RhXRwvu8AlekqBv-xNkepbyT1EbpdaE5ljce_1HCtS4WYPgdUcJ84jInltt6Da93gv2Pq-X_Pdz_6uARljNmH63HoRS6o-s3JyeosMQ885kdOvL5QlKAJKLO90HVxvB5vfGxiAQG3GJrWa7SBqGKM8fGmDzMwW8CDTILXo-bCCQfDZDfGClMclTiZx8difxDzZXmJKKuvpoZxHclzVhlwZCjplBwdG8ESvVKg2HypOUpXwrsK_4EWuIBVVFS5mm5T6cKWcvxC1d7ctHI2E3wgw985J0OA4He8KUetQrQOaE8ierFEMR14tq0KGyTd_AB9owBLz1k-bQBHLjlXpbWVZy04VqvDBY0mGZNfSqi0JIcZbU-AESl-h31dLLyHBrS1cSJ9fcrtEGebSPao5H0qfh6s0zuKWVIaWNBsy7I2rTTuXKgKGhK2WvQpvVziORT-je9irby0y30Ymk-MmRTbSn7t_4ythE9CyDKn7GawJpqsRrS8LodEjPegQcoDnUEW4EQAE7OGjk4wFYficIE0rU2rIc8wmsFdefKJbGZBQu-aa-1WUn6fbwiCFio16BkKYCgj9ZF3udcPwlRi-UOvr_UeWGrkYLSjAYaf9AppW24DcSoE-HyaJtGW1DcM2hVK69NA8p-oTZ5IRYntMzkHVKkjK_L-HrB_EqYl0eg-CWjTtjyYYFrUlph8IEfoGi3SQPP7VtnJLNfSvkkmoaz5LzLn5rWtwqFsXBxEMb4yQYtzeBMbmn-fLEtaiRJhuMIc0disVJzwYXSVmr3DT_BBm3XWutIVSTHy3uD8fBfOTQgeIWhHMCRLswLf1YTUt33dpkQW1d2AtF5qzA2QBvQzKbjQRD76tfTgWmxf6Cs13YqI0LbVdyLf2df70hbrPE1r7HHPMLO6t98zBc_kaGbTrHOA2a3gh91trEozYED7j9MYZKv58A6K1qY_q_eQsgaZA58VVUWhpK3013xqNvawuLbLxYdxuPVWs08FsN8FyUXrglT0WS_7uicUPIYm3AHRYDNKUaF-tY-w694umg6TT7rulV1sGdFPytH52J2RT37dvPTp4Lvcr8YvREzVMBhgRFqNfDeHcoY1vMfj_hsJc-w8_-MN13gh_KN4AfPzJj9TdWXXlx8NZTnn4yvNada0uUeQfUxji5OPSFZpMA7rSy6G0yGmAuCJPNAlRK-qIR-qGOYsxqdtAIdY9p5aZKCoYcBAD139Jp9iLjNrH2Rj8lsTwFv5BRwVA6xI5nYO-JedRlcwVJjvy5TLOGdkCraY0DML2v4Cb7gGwqr_kl49esddmnjmzdSGdomaxqjfQ_IfpqChxRZm9db6eTbERx73nNy16w0ky7REqKTf5xRJ1oDez7PmY22UfaDDF9PJfGTn5LK5bnJsGR33ELZpiAPlT2J2j891LL5niMJUcxcAw1-Q3_HFVn-EyDwHDWlEs7c1V9RVQaSEW6-ntOsXbw2mMP-I0nNP0uONu3URhWM9rthu_AsiyPXl3wO3gPZW3tvZPsjW2mNb4ScKEaCQ1jZDQQxFOPssHW7zaJUYWFp9i_BA9tCAvAmMmEZcthNICBDgGDBoRMoymyUlK98OPRHb2I5Fm11h_OQCw1oVknap8XLj7bhtpRYfUMdL6ooCvUXOxRlW6AGTIgIQ5HoeZ4vM3oZ0OUM6dhXv6A4aBKwL-Qc6H1Kz-chHmQfURtNZp1d_koI9J27ksUMG1swNkParrheND1jnC5sjrGyDlvU_dEAII9AI-Fxq5ReNf7luOTHVtiJFrstAiSE1-HWlaBNCAS76vRf8SQSD1UYiM_wO74__dNXf5BoKWjMvgi6Fgx3s9oUJHo3u3GXS43zJc4AI5SEuIUZnIwYXDRuYiLviRk6FAmhnih_sftD_TzACG_2H4jk92MB9WGBgDUCrhFQnIOHQ6mfqxn4E-tqJ4uTopcyqSK0yxaSBTSaqLc-Bze1p8FyB9FZcLiD52UU5Dw3574iT1Yg8TSJMd3lpwECJDUPm-8ciQlVKBO6VxOGK8TfhM6dWoBjZc6mGRk1NFOpjyJ2RXodBqnmjiMtRgVAbsmOafF6EFDRqdkc_2dz3kBeEJh2nTcwiT8_HG35e8cOU65t3m8oLOybpw_q72VJgPF-vkVpc2szqKMYRjDuZx6Xycj8QenxzptECTjYxO2eXFNQBWudN-6_SXatoN9ULlc5bG8c_Vi6CkSxVfiidk6uXTacKlSEXL4izFKj-sl6vfBIXE0bvWnRR1eZlYkPTiXwVWUyWynfjjBYIcEzga3i3khualwbGK-pSrih9MNIDJ-CkcTMXv_Pomga-vSQpr1gx00PWfuJNvR0kbjxc4D3iELeRSI-WF24np_41EIM0FDKWc1K-nUJrApPlN_q8yiCPXhlSmyDu_-xpAbiCTMKo5WY_BvSLjPSh0bqFwBdqDxkWq9c4Gz9HT5Wg_aT4aoFfNMulyywTEGIIeiwXnimkxr5aBOSYuHW3eQyD2pDFoIj8R4nM-5JidYfZBXjOmR0UfdNOA&cid=CAQSSwDq26N91BJTU8jx0CvcIrIu_h7WFs93AVWQmg37D21nrCzYAL36Alo7EU3cU9z4_QBc9HdJYGGTmThQiaLEBTs6nVm_Op9ksYmKJRgBIBM&rfl=1%2Chttps%253A%252F%252Faltin.in%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 16:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11776
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 16:31:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 83AB 29 KB
11 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 13:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 13:36:26 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame C364 29 KB
11 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A1gYSLicuUR-1tDl9OYqW4h_G-DBNekX2eElqYIAmuRSdVE5CRLJZQc_00lcjlteJvxRdCSvUlIx1OxEIUJsNu-JxenJs_5wwFDI5aMT5x9gBCV_NLPOltRhHYexGvUjimVJ-TAgO_JQwlKo22HM-h9PPThpj6RiYuxqmmJCSNseaXMHw&cry=1&dbm_d=AKAmf-DUmTGjgQ6PlAH6HcCaWg9WQhfjew_8KQcyvjXrSk6N9MrzEoefj9P9rSvg_Fv7UgcL55VPB9f5NQFn0qMJGrlnVw2_jnMsrLR_srel_5Styy_8AAc9Mpuxfotnz4caWHSI6CXHnHUOOZnmGdRRgcLjOttG_jNkUXCHrsshVD2NaYpzeZxjtIOLk4R7WJnncc7b0PC0-AlK_8ddwCEjT0obkRpCBVovLFeIylsDgzbaiXCeRPrcYS_qtdmqHJiRNbDbY-mXjSBlapI8cIoNYUqHPhkfW76XpSd9TmUa9enXMrvOHX6A29Fv8rdZyNDcwiuoy-HUUd39XgVjkMstUmCDLC1tlsW9x3589bQyWHU7sLDaLftKT2rMS7AE8z1HTMGpcNv-Q8U86FfSxc5yTfO6EG4YkYeYOLE75APU1hv3MSgJGlIDire72DAR_bPbwLDe8wc9zU_3aEJNFZPxVxz-Rwn04TWFy6oZTEMA6L2AVx2ebOF6WoQIMbSdENKR4YaupnZeudmRo1qtJLTsMLoylSEgbZ9LWHNEW8k38GUA1sqctXqTPkKMZ-h2eMwsumDGOBfcr49YN4HjUuzuTT9Iv8Oowy4dtwVky9dgZ_UePf9uwHYBrk0xlY5xdOaRQMVM2b4fI6TgvDzn94P3mohXmVcQr-7r0fAFHHaN8-NPC_tAjxRTpHDlHRs_69k0ws7T2znw4deKqUTKtvj-WLA5uBg5WLe6Pya7d-WluKp6A4zxhpqAfvu87yfw8HztcwaCalZCQMTJjxdOJx7z3HUP4ayrOGJTxAA_ENvLP_cM-IFWRBCON1A1OS-kvM0r9hkzdzveGy7WFKeje-vuHN_gz_dY3uu55cPKBcDdyFjC6A6J4E-gC2NvqeHnKSbOqMrFSgEZCUztcnnl4kmgoW7_bURQHAWQbbFScoypzJ4xqzSlEpPaWpIP9j8dDYW5ijfL8sG6ikFI4wXB8po4lgY2zkKTu8sL7Qnj_zmvSim3hIjWkP3RXIkfC47AXPrfI-Apr2EfCLQ96nFBgCZWS5cqSMljxcK_FVvdbLpuL-GCRnXYDhfcoZ9cuNLxNeGzAQkZv-mfTb-r0rB-ZScKTFnASOCWYZviKmvVn5N6_vGmtsuMQbl2usKhUbMMTXiUTR57MXF-YBKjFbbSDZXo4gDEkaW0TZaL2NIO4WOJAVfVbzTJ2NTh_UUke_FpbQxlS1aEAO6tKbHvp6dbQjC_Oxu_f8daL12un5Hn9w4izAFkTq4NbJdvQlrPsAZVzraPBkkM1eaPjtDm4T6yeSTTQ6n7rBncPrSKdtdSalxGqiiYQx7lUaoL4vGCyKATD0-zHY4rPw8sv5SP5zSfr7oz-5yd3WnKShp9w0aCSNfFKmYT0A5FlBB_VmY3dXyZTksfzOrISmtaHvcadRxbM5fhMip5F_cwbBrbq3WC7NlmX0vY6WOAepoutjIlU6WoeAL211K5APdcvyUmRyIEhmCNvgLhzZhxg5cB1uoVeZeb0RC7hF6vV87P5N9M4tTQm1U86O-Jh2ekk7KzG_vt3w_4YL7folupJYAUxsjSA8_x4KO2_RRjH-3eypM8PuxwLNkeAqkDok_Mt0lxHIFG76B6oIm9hW0dBXiJ4MshkQT7Y57jeNPtLsL6K-X2epQ4398qWmZPQcd8lMUvUIKzdYDVhHI4LQBVBquDc9hGj7xoCJo7OuHdgrazokPrAD9zEf5fNjJl9IgdX4yMsfNhzY3do4N_ZGuFlpyvEPc3zDH8GhY_-1ahBkWBsuNR8YIqoAIOxSg0apVvo7ZPmZIZchSAh-hxczAB6UVB1uiyY_zzRjmcguKLviKr-3bNjQyuCrH0VB-YxSjmo_TRokh9AIUdHS7Vdk-MN9vEyZAO4tQ1mZJvNhdrYDRkJO_A3HoM8JYSawy1NYbzkCbfLMYmGScR5aa-bzFUNDeHTpCnA8AKGKOp7DYodRpuAhH0Nlq4v_luricgvKLa5hDHmckemlk0JlUg5Vm4Tf7ReWC6RIR6LwOGmx8ijc9GsFSXre6J-6iFS3GWZ-GojGdiCZ6w_vPpr7zGdtT2wgRkkXcIUXj2jQRySZPwRfMB75riEB722CaVMIBZkE-hsh9PwbXl5wPz32WmlA6EuEBr3Yf8xfmCmkfh3bWYKoeqBCo3OTC4YfmA7S9QysnxqIn6sC53EtCWGqGa31c33sKnmI5LjCnf5Xw2EST56GMyoh4kCzX8oMbrTpCNObRHFblwWkh61egTTO3_em-O-FdZS_Z72sJL5B31EmFridUb619qrRE35vtgCgXxnMRTZlFkDAUmbOkAtCcU2LtGEU6pxGB9mgNClOrJ8umFhJJX1zHdLgA4C-1fsXr32DyP2rE5y69pC-ERZYkjuaRc-ATfAJChLw3DBgEmgXmU8l0iCh7RD28vYgIgTTZBlbTvbIXqP603XynicbuYFDuBVbH3Izdv2V733RQAy5EAHM41yIXs0ednF14VQXpqWxtN0c_mIqKiGFI6KvP0cquSQzHzAMpi_1FNN_U-TGPpcz1SVnUjy5iWDamDI_qnZoxMwyYSfTugnYs4ygu0bN6ZSR5M9SLoqBgT1C_O4OzPIjSu0m5ctstg5J8z3mqTw_0eum7aQRv8ErRWCMmdwAK7uJ_evLWFWIr0wOJpyueAyLRnoiUx59L_kh787appo6MZrec7ZkxXS5SjZ5PZfMPVRKMbKAEzM4Q6hgblZ6TRN95ln5wdv42ihNO03c2mOhQ8doFclJaMuQ7Lt5DVYvFgwtBb9L0X2q54HRRGfeSlZDBeQAmG9vADOQtzXF7b9hOzt4WSyrbT4FjSsEUkGQCTC8G-QKNJc---lHJygQjl781cs2qhW56yLHjcoMMsbXGdldjg24EytsozvpKkvUYI2OpLYplIrFnS32n9vilwXcVWFehkg2m6d_OwI6Ta3FTbVVbQLrt3tDtCJiBR86BThu5xItezTetuVRBYH1KotaKnML-EatqbkGuplY1KE78U_tqOb1LmMLdYHHGkvnYlRCe-bZ_bK5r-BDv2pXxjiUrkGu8gUUjiatMxbUvERBSP5EJ3BQ9aVZszFq4jWLcolbFPZgNB5OHSXaZYEgX23LqxZpUBFgcaZnqys9A7dbFmVRUlfKlFBmS2UEReqyFTUQ6N9uVU_Qa0Rs5TW3simXBja6ppX60i2l-eE8qgz1ooSqX81ZszO8WP8tS_4y6ecyUZiV274YG8tg3TkNvsHp5UZReEAdKvG0a7qUPT4Inm3ZiDaNc_gMsZNKAVdqbpa1j6eFrQuOv7ylPHRI-lCw1jgWzgeZKUcQFGdI89SYV9Itlrb8-Pm4iMJXDCOKrtww&cid=CAQSTADq26N97XhDFYy2_5VY3LgqiPClaEiyCLP_XOMgSbd1IWYP0eJiLOjisVYePcWAegDp04nPYUpGNVBmUUJpLdClRIA04EDSA_K79fEYASAT&rfl=1%2Chttps%253A%252F%252Faltin.in%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 13:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Dec 2022 13:36:26 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C364 41 KB
15 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 23:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 23:12:21 GMT

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 8CDE 36 KB
16 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 22:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 22:14:36 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 87B4 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNUDgnmFnecjepL-56BQ3-Hm95GFaM6HiYpvp0iOtecRP5VdiBjGJe7b4GGfZzMefQM3nSpcpm2LPq1pq1a5AxetIq2woGW5pOJ6_jhhhawg3SvO6EPGgNfbU6Q5FbiJib8IcDyQ&sai=AMfl-YSgkuQO5ky0rK5J9QAJ3FM0uXRswTvAj1PYo82mUzg8X4ONNVfRG39FLlOlD7RT_LCcknmvJB05glZgcOg&sig=Cg0ArKJSzEMQjA3tFO9lEAE&cid=CAQSGwDq26N9slfV14L8Wl-UqkEPN-Db_TsKnZ4OQxgBIBM&id=lidar2&mcvt=1049&p=0,0,280,336&mtos=1049,1049,1049,1049,1049&tos=1049,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=681411742&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669492045402&rpt=1014&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 0EA4 36 KB
16 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: altin.in
URL: https://altin.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 22:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 22:14:36 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 83AB 41 KB
15 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 23:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 23:12:21 GMT

GET
DATA 200
OK truncated
/ Frame 83AB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2aace78ecdfbd38353409e3457ba6ebe9b0409d90dbb308cbab227c073f3002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK layout_renderer.php Show response
as.euw1.jivox.com/unit/ Frame D90A 296 KB
51 KB 79ms
78ms Document
text/html 34.240.46.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669492046817081&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSAgoTm2CY7nvMbvD7_UP_-6U-AGInrzIbZChy9vdEN_kor3AARABIMz4sy5gleKQgqAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBNkBT9CDoD-dURtkwuR_S767ceDv5l3fv9dDbwEDVsOpjHUwqxO6fMvoYeIZFD9KltafrWNhVmhXBj-1ZWx0giLFeUH9b1h5g-tOrAL1e404mI8Tl8xVj5nwwk6Qxp7UOEnsHwbl8ooJeG_5X2AwvIfJguGxOXWGDRYS32WKVFQtY1GvIlU8pGQj4uhxFu0qtk-IpYnUK9xs4d15HIAd_noW4heNUZ4TEFlwBaiUG8g_m7CNpaelRVZcFaqG0VxM5SnDMl7YmUgy8_qT0RCA7tRb1McMyE9GRe_I0MAEkdWLvZIE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbAT6M-fEdATANgTDdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSTADq26N97XhDFYy2_5VY3LgqiPClaEiyCLP_XOMgSbd1IWYP0eJiLOjisVYePcWAegDp04nPYUpGNVBmUUJpLdClRIA04EDSA_K79fEYASAT%26sig%3DAOD64_3dlIvquWYHP1d_NDh0Skuf9yyt5A%26client%3Dca-pub-2813963760383841%26dbm_c%3DAKAmf-AITh0KXE8i_Y84Y7XqIEDleeC4xBaGpPV79BZfOig45k4NX9BNEbdU9FgmOVHv3jtfpE8wLAsYeyWWp9b026bFnWgZKLBKErr_QVOkOqLxzBhnZO1Bg-BagSA9UWzGd7iNcCucRr9E13u-7n19VMuBK9WO-rchOxQD8tJpubpIOIm8PbU%26cry%3D1%26dbm_d%3DAKAmf-CvwdsUV9M_0_g0qzI_oJM9MPGI-Kbc89eLJiLJxugwgaNrtk-wdjkuve0q1RsEDMydZxFg6vMcz6vEBaGj1II2FCLQNmoL9qW8Rp22mC7M9zcIayGO_FoynewgEDXCLTGo4RNww90BBjVFiLcGgu_hNZyFjLzinAFMkregJWY6-skNV2VN9CQfRHy7g7svLkiTkEXtC8kSKMYYIS4k9ptpajMe11Jvl2518XMpDJ3fpdWEa6S_L29cLKh1CpnFXNaHUOtiifcjG2h1oEyQsNkvX0wm3JPKPxLQ9GF6LfYjQ3yHasoy3hNaz0qIn-9U8vGfVbJdpR2pehhWeCJ5AxyM786x1spA1EHkiINUQDgA8CIdVP6rEpCx_-FEe4lYib6HP9Z-hAN6ptTg5zmITH3Q8nNcFcYSss1pkriC8u0HGfT_CxcD9hrx0rABwqPPwiJlbI6g-lhdTgx7Sp2EzxQwswVr4-I2ajDYM-7mYlRcGDf_SsXplrxU89ajAcVhfkCVIUpXOortFcPjIWtShv1fYZNyEQ%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63826d4f64dc1&adUnitId=2900&jvxSessionId=1669492047.9767&base=1&creativeResolveBeginTime=1669492047000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/unit_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669492046817081&cMacro=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCSAgoTm2CY7nvMbvD7_UP_-6U-AGInrzIbZChy9vdEN_kor3AARABIMz4sy5gleKQgqAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBNkBT9CDoD-dURtkwuR_S767ceDv5l3fv9dDbwEDVsOpjHUwqxO6fMvoYeIZFD9KltafrWNhVmhXBj-1ZWx0giLFeUH9b1h5g-tOrAL1e404mI8Tl8xVj5nwwk6Qxp7UOEnsHwbl8ooJeG_5X2AwvIfJguGxOXWGDRYS32WKVFQtY1GvIlU8pGQj4uhxFu0qtk-IpYnUK9xs4d15HIAd_noW4heNUZ4TEFlwBaiUG8g_m7CNpaelRVZcFaqG0VxM5SnDMl7YmUgy8_qT0RCA7tRb1McMyE9GRe_I0MAEkdWLvZIE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbAT6M-fEdATANgTDdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSTADq26N97XhDFYy2_5VY3LgqiPClaEiyCLP_XOMgSbd1IWYP0eJiLOjisVYePcWAegDp04nPYUpGNVBmUUJpLdClRIA04EDSA_K79fEYASAT%26sig%3DAOD64_3dlIvquWYHP1d_NDh0Skuf9yyt5A%26client%3Dca-pub-2813963760383841%26dbm_c%3DAKAmf-AITh0KXE8i_Y84Y7XqIEDleeC4xBaGpPV79BZfOig45k4NX9BNEbdU9FgmOVHv3jtfpE8wLAsYeyWWp9b026bFnWgZKLBKErr_QVOkOqLxzBhnZO1Bg-BagSA9UWzGd7iNcCucRr9E13u-7n19VMuBK9WO-rchOxQD8tJpubpIOIm8PbU%26cry%3D1%26dbm_d%3DAKAmf-CvwdsUV9M_0_g0qzI_oJM9MPGI-Kbc89eLJiLJxugwgaNrtk-wdjkuve0q1RsEDMydZxFg6vMcz6vEBaGj1II2FCLQNmoL9qW8Rp22mC7M9zcIayGO_FoynewgEDXCLTGo4RNww90BBjVFiLcGgu_hNZyFjLzinAFMkregJWY6-skNV2VN9CQfRHy7g7svLkiTkEXtC8kSKMYYIS4k9ptpajMe11Jvl2518XMpDJ3fpdWEa6S_L29cLKh1CpnFXNaHUOtiifcjG2h1oEyQsNkvX0wm3JPKPxLQ9GF6LfYjQ3yHasoy3hNaz0qIn-9U8vGfVbJdpR2pehhWeCJ5AxyM786x1spA1EHkiINUQDgA8CIdVP6rEpCx_-FEe4lYib6HP9Z-hAN6ptTg5zmITH3Q8nNcFcYSss1pkriC8u0HGfT_CxcD9hrx0rABwqPPwiJlbI6g-lhdTgx7Sp2EzxQwswVr4-I2ajDYM-7mYlRcGDf_SsXplrxU89ajAcVhfkCVIUpXOortFcPjIWtShv1fYZNyEQ%26adurl%3D&us_privacy=${US_PRIVACY}&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.46.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-46-197.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 23ebdfd80207be60d505400913376c4f6336f52ab65e999919d23b3a332bf030

Request headers

Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 26 Nov 2022 19:47:27 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame C364 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42a9e5de6c5e3ad63bcb23d9d58a6aa12e0f20105a6dabe055cf853f081cfbc9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4A86 22 KB
8 KB 45ms
44ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 113016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 12:23:51 GMT
expires: Sat, 25 Nov 2023 12:23:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 jquery-2.1.0.min.js Show response
playercdn.jivox.com/1651821427/unit/js/gz/ Frame D90A 82 KB
29 KB 40ms
8ms Script
application/x-javascript 108.138.5.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://playercdn.jivox.com/1651821427/unit/js/gz/jquery-2.1.0.min.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669492046817081&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSAgoTm2CY7nvMbvD7_UP_-6U-AGInrzIbZChy9vdEN_kor3AARABIMz4sy5gleKQgqAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBNkBT9CDoD-dURtkwuR_S767ceDv5l3fv9dDbwEDVsOpjHUwqxO6fMvoYeIZFD9KltafrWNhVmhXBj-1ZWx0giLFeUH9b1h5g-tOrAL1e404mI8Tl8xVj5nwwk6Qxp7UOEnsHwbl8ooJeG_5X2AwvIfJguGxOXWGDRYS32WKVFQtY1GvIlU8pGQj4uhxFu0qtk-IpYnUK9xs4d15HIAd_noW4heNUZ4TEFlwBaiUG8g_m7CNpaelRVZcFaqG0VxM5SnDMl7YmUgy8_qT0RCA7tRb1McMyE9GRe_I0MAEkdWLvZIE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbAT6M-fEdATANgTDdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSTADq26N97XhDFYy2_5VY3LgqiPClaEiyCLP_XOMgSbd1IWYP0eJiLOjisVYePcWAegDp04nPYUpGNVBmUUJpLdClRIA04EDSA_K79fEYASAT%26sig%3DAOD64_3dlIvquWYHP1d_NDh0Skuf9yyt5A%26client%3Dca-pub-2813963760383841%26dbm_c%3DAKAmf-AITh0KXE8i_Y84Y7XqIEDleeC4xBaGpPV79BZfOig45k4NX9BNEbdU9FgmOVHv3jtfpE8wLAsYeyWWp9b026bFnWgZKLBKErr_QVOkOqLxzBhnZO1Bg-BagSA9UWzGd7iNcCucRr9E13u-7n19VMuBK9WO-rchOxQD8tJpubpIOIm8PbU%26cry%3D1%26dbm_d%3DAKAmf-CvwdsUV9M_0_g0qzI_oJM9MPGI-Kbc89eLJiLJxugwgaNrtk-wdjkuve0q1RsEDMydZxFg6vMcz6vEBaGj1II2FCLQNmoL9qW8Rp22mC7M9zcIayGO_FoynewgEDXCLTGo4RNww90BBjVFiLcGgu_hNZyFjLzinAFMkregJWY6-skNV2VN9CQfRHy7g7svLkiTkEXtC8kSKMYYIS4k9ptpajMe11Jvl2518XMpDJ3fpdWEa6S_L29cLKh1CpnFXNaHUOtiifcjG2h1oEyQsNkvX0wm3JPKPxLQ9GF6LfYjQ3yHasoy3hNaz0qIn-9U8vGfVbJdpR2pehhWeCJ5AxyM786x1spA1EHkiINUQDgA8CIdVP6rEpCx_-FEe4lYib6HP9Z-hAN6ptTg5zmITH3Q8nNcFcYSss1pkriC8u0HGfT_CxcD9hrx0rABwqPPwiJlbI6g-lhdTgx7Sp2EzxQwswVr4-I2ajDYM-7mYlRcGDf_SsXplrxU89ajAcVhfkCVIUpXOortFcPjIWtShv1fYZNyEQ%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63826d4f64dc1&adUnitId=2900&jvxSessionId=1669492047.9767&base=1&creativeResolveBeginTime=1669492047000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.5.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-5-230.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 16:57:35 GMT
content-encoding: gzip
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 07:27:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 24803
etag: "84642ab523899a6150af1489287de4de"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400, s-maxage=86400
accept-ranges: bytes
content-length: 29294
x-amz-cf-id: ZfJACDn6IEytB89cq6IllOjy1LJ2aIWG3Vs129jzUv7YcomOdheAYw==

GET
H2 200 velocity-raf-disabled.min.js Show response
playercdn.jivox.com/1651821427/unit/js/gz/ Frame D90A 34 KB
12 KB 46ms
14ms Script
application/x-javascript 108.138.5.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://playercdn.jivox.com/1651821427/unit/js/gz/velocity-raf-disabled.min.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669492046817081&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSAgoTm2CY7nvMbvD7_UP_-6U-AGInrzIbZChy9vdEN_kor3AARABIMz4sy5gleKQgqAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBNkBT9CDoD-dURtkwuR_S767ceDv5l3fv9dDbwEDVsOpjHUwqxO6fMvoYeIZFD9KltafrWNhVmhXBj-1ZWx0giLFeUH9b1h5g-tOrAL1e404mI8Tl8xVj5nwwk6Qxp7UOEnsHwbl8ooJeG_5X2AwvIfJguGxOXWGDRYS32WKVFQtY1GvIlU8pGQj4uhxFu0qtk-IpYnUK9xs4d15HIAd_noW4heNUZ4TEFlwBaiUG8g_m7CNpaelRVZcFaqG0VxM5SnDMl7YmUgy8_qT0RCA7tRb1McMyE9GRe_I0MAEkdWLvZIE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbAT6M-fEdATANgTDdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSTADq26N97XhDFYy2_5VY3LgqiPClaEiyCLP_XOMgSbd1IWYP0eJiLOjisVYePcWAegDp04nPYUpGNVBmUUJpLdClRIA04EDSA_K79fEYASAT%26sig%3DAOD64_3dlIvquWYHP1d_NDh0Skuf9yyt5A%26client%3Dca-pub-2813963760383841%26dbm_c%3DAKAmf-AITh0KXE8i_Y84Y7XqIEDleeC4xBaGpPV79BZfOig45k4NX9BNEbdU9FgmOVHv3jtfpE8wLAsYeyWWp9b026bFnWgZKLBKErr_QVOkOqLxzBhnZO1Bg-BagSA9UWzGd7iNcCucRr9E13u-7n19VMuBK9WO-rchOxQD8tJpubpIOIm8PbU%26cry%3D1%26dbm_d%3DAKAmf-CvwdsUV9M_0_g0qzI_oJM9MPGI-Kbc89eLJiLJxugwgaNrtk-wdjkuve0q1RsEDMydZxFg6vMcz6vEBaGj1II2FCLQNmoL9qW8Rp22mC7M9zcIayGO_FoynewgEDXCLTGo4RNww90BBjVFiLcGgu_hNZyFjLzinAFMkregJWY6-skNV2VN9CQfRHy7g7svLkiTkEXtC8kSKMYYIS4k9ptpajMe11Jvl2518XMpDJ3fpdWEa6S_L29cLKh1CpnFXNaHUOtiifcjG2h1oEyQsNkvX0wm3JPKPxLQ9GF6LfYjQ3yHasoy3hNaz0qIn-9U8vGfVbJdpR2pehhWeCJ5AxyM786x1spA1EHkiINUQDgA8CIdVP6rEpCx_-FEe4lYib6HP9Z-hAN6ptTg5zmITH3Q8nNcFcYSss1pkriC8u0HGfT_CxcD9hrx0rABwqPPwiJlbI6g-lhdTgx7Sp2EzxQwswVr4-I2ajDYM-7mYlRcGDf_SsXplrxU89ajAcVhfkCVIUpXOortFcPjIWtShv1fYZNyEQ%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63826d4f64dc1&adUnitId=2900&jvxSessionId=1669492047.9767&base=1&creativeResolveBeginTime=1669492047000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.5.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-5-230.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa85a4366200f608a99ecf4b1b933babdd9c5662cbe5d518b3daa57e53dbd85b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 01:53:45 GMT
content-encoding: gzip
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 07:27:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 64423
etag: "6db08f58b76a3c4459a454a7acf752ca"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400, s-maxage=86400
accept-ranges: bytes
content-length: 12405
x-amz-cf-id: SMKuEXQ4LVaVTbWvc3H8SuQn574q_xOH3EAbn3pkAGn9yf6pGcHd5A==

GET
H2 200 jivoxWidgetApiV2.min.js Show response
playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/ Frame D90A 29 KB
6 KB 46ms
15ms Script
application/x-javascript 108.138.5.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/jivoxWidgetApiV2.min.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669492046817081&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSAgoTm2CY7nvMbvD7_UP_-6U-AGInrzIbZChy9vdEN_kor3AARABIMz4sy5gleKQgqAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBNkBT9CDoD-dURtkwuR_S767ceDv5l3fv9dDbwEDVsOpjHUwqxO6fMvoYeIZFD9KltafrWNhVmhXBj-1ZWx0giLFeUH9b1h5g-tOrAL1e404mI8Tl8xVj5nwwk6Qxp7UOEnsHwbl8ooJeG_5X2AwvIfJguGxOXWGDRYS32WKVFQtY1GvIlU8pGQj4uhxFu0qtk-IpYnUK9xs4d15HIAd_noW4heNUZ4TEFlwBaiUG8g_m7CNpaelRVZcFaqG0VxM5SnDMl7YmUgy8_qT0RCA7tRb1McMyE9GRe_I0MAEkdWLvZIE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbAT6M-fEdATANgTDdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSTADq26N97XhDFYy2_5VY3LgqiPClaEiyCLP_XOMgSbd1IWYP0eJiLOjisVYePcWAegDp04nPYUpGNVBmUUJpLdClRIA04EDSA_K79fEYASAT%26sig%3DAOD64_3dlIvquWYHP1d_NDh0Skuf9yyt5A%26client%3Dca-pub-2813963760383841%26dbm_c%3DAKAmf-AITh0KXE8i_Y84Y7XqIEDleeC4xBaGpPV79BZfOig45k4NX9BNEbdU9FgmOVHv3jtfpE8wLAsYeyWWp9b026bFnWgZKLBKErr_QVOkOqLxzBhnZO1Bg-BagSA9UWzGd7iNcCucRr9E13u-7n19VMuBK9WO-rchOxQD8tJpubpIOIm8PbU%26cry%3D1%26dbm_d%3DAKAmf-CvwdsUV9M_0_g0qzI_oJM9MPGI-Kbc89eLJiLJxugwgaNrtk-wdjkuve0q1RsEDMydZxFg6vMcz6vEBaGj1II2FCLQNmoL9qW8Rp22mC7M9zcIayGO_FoynewgEDXCLTGo4RNww90BBjVFiLcGgu_hNZyFjLzinAFMkregJWY6-skNV2VN9CQfRHy7g7svLkiTkEXtC8kSKMYYIS4k9ptpajMe11Jvl2518XMpDJ3fpdWEa6S_L29cLKh1CpnFXNaHUOtiifcjG2h1oEyQsNkvX0wm3JPKPxLQ9GF6LfYjQ3yHasoy3hNaz0qIn-9U8vGfVbJdpR2pehhWeCJ5AxyM786x1spA1EHkiINUQDgA8CIdVP6rEpCx_-FEe4lYib6HP9Z-hAN6ptTg5zmITH3Q8nNcFcYSss1pkriC8u0HGfT_CxcD9hrx0rABwqPPwiJlbI6g-lhdTgx7Sp2EzxQwswVr4-I2ajDYM-7mYlRcGDf_SsXplrxU89ajAcVhfkCVIUpXOortFcPjIWtShv1fYZNyEQ%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63826d4f64dc1&adUnitId=2900&jvxSessionId=1669492047.9767&base=1&creativeResolveBeginTime=1669492047000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.5.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-5-230.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6c84a15873bbae73ff06857139327b85a6869fa0e21d36666aa2bb5d9bbb19b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 05:34:33 GMT
content-encoding: gzip
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 07:29:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 51175
etag: "2a0e0abd8f7f11fb012a534ea115a29a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400, s-maxage=86400
accept-ranges: bytes
content-length: 5987
x-amz-cf-id: PuRR48lK0nCPRdn2BaJyoZtuayvJmdNkE0tXXaaujsEjy3hfYOzrwg==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2BC8 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBQLBi9zwOkDyyEq4GyYKAKDFYoakMHb34JJiexs12XfJq93TCfbwtQ6AuFrA37BQ7C79621ds8oCH2Qgb7kRVVcLnmLptV2BsXaa5-YyuGG7kn8OD69yIO5mz8szISR2RHlc-Rw&sai=AMfl-YRJtUM2y6Ux9dcyhcC95U4EbLMbe_ICH2a7FWIStzlmfzXt8B3U_FIufMVXIPAJCQfAPKnD8ChUdhuYLCY&sig=Cg0ArKJSzGFYvuLUJ4hrEAE&cid=CAQSGwDq26N9psBaFUUwOL7wGoH6YBAHV_rJ92fdFBgBIBM&id=lidar2&mcvt=1061&p=0,0,277,1074&mtos=1061,1061,1061,1061,1061&tos=1061,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3298560337&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669492045389&rpt=1298&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 59B2 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 113016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 12:23:51 GMT
expires: Sat, 25 Nov 2023 12:23:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2695385840103718912/ Frame B407 498 KB
39 KB 38ms
37ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2695385840103718912/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

648cd058b9f3c02be575b7dcfc6636b6118d3be99a55a5cb72f36e9b9311f52e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 83185
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 40168
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 20:41:02 GMT
expires: Sat, 25 Nov 2023 20:41:02 GMT
last-modified: Thu, 16 Dec 2021 14:06:23 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 83AB 0
0 81ms
81ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhasHzTYvmQP5xEveKQAdaJYyBqMmRW_iP8p4IDUgo8DJCBlXRzV_Z2Bf1Gl-wbQqX-SppbccV2RbKrM94Y37hS5b__BBqkv8lkTX9bv9pGTc14oQ_f6ZEomWVMgfs-DQ1V_xCDqOd64DGpwpeq7uazkymed2nZ-naP-78AGgZHKDSKcIkcYq2ntMk0QdyRG48sT61thCf1qILcTQxW0TIlR9JacVI1QDe850Bxs74At0aR4HJne6MPdG8EFrCYpBt-TVpXzVh3j27bFfMh-Ya-RtO4WCiUUBrIIvgQC0mFz_na-LNLI-68JRuIQg8QhFwps8NCK6Mh8a8O54kejH6qB-qICVshejhVY2jfk-Eqj52_KXdz0h5hBppNMsKjYwf5xvvqGtV5X1-Oyo--AhPGe2pu5qrBjVg9SFh-PodcOgcgRwQdrAUuY5JJgJUWiSIRV-9nqOb7pIBRMjzksZ4qL_aelG3pUwB9wJjhcQeUhtBp1raDUn0L6_1ENEQ4xtThYm13iWUdRYb1rGCouhzHBrQuUBsuJk1G4ptcXud7l6-LQT58lrlKuYGzUVfGYE-K8n3CVyBweRa_kIA3bO8iTdM2FQLBgEyaLa8-pdiI-huFVltiUZyg6q586JnodNuzX126nwVedht58TAdgrAkZ8BZ21OrUtLnwdZBwui1XNEXWxG-ZLhrWF2pltk9BzXSue1mwd7rI6eVmNafGQqy5IIqksWr3DTYTGR7pJkpjJmzY9gVg5Qw8ijN9J64hacdU_uMxlK6bC7oNK0C7MBTCeanw-K3k6_kjat_hyplvxlPQPsH23hraDEC_QbTwvRW2MKr2ovfE1CSStBS0iQMHZo52fLZrc3M9hAuBQqokYC5LRqxFLsiwzFLL6poNZoV9cfj832mCF2MdlOkq7oEyXnK55OmJG4UxNDePxWO1iFsD6CGgLdgpTWAbvxPghkP9hTtbGgUoAJlgnbag1ibJpuR80tL_kPiiWHkIrHQvSnPFZXcdMZTxuZP7YnfqmCYxsTtp0sn-x3bcU09b7i4vg0N_fiStw2OvK2HZiTPHLgIRaUDNFoaRJh96cOn0q7g-2bHoCFTBxdMyBglw1b46xgLw4wWzgTO7ehaPEdMnIoWSXBOxqybUo6uQi1Uf_2ULYGuV78Ux_qUV9kTJBGT1rscFOZuXYBviMIFjqPEY3A09sAse922_dpPKXjVhNP50bZpC7r2TWVgx3wS7H6n5uLcnKJC0I&sai=AMfl-YTL9puHS57MTPflve6tdRO2uH-03SFoZpOQx5_7p4ixA6_d_YpPkmr-cRrN_nsUOBE3Bqiu-pCJgDaXmCkzJLLXuPYu2bfhc6QOHzBvl8Qd6ofbqG6COAXiz4nKxqisE7bGvGi-WG6QnB5EKpS026H24LN_m_71b2df2EU-NJVbQCz4dA8N6R5ocbFLRCN7jdgU7Pd6McLxcukiW7bw2Xn2zpbiQ2gH9xoxippXfRUBXqFvHTgpyJKlrgi9IGGBlEDbtA_3xq9ktdmCiyhUzKLUIMoShFqZR8juhtc&sig=Cg0ArKJSzPzm1WjNukWvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=292&cbvp=1&cstd=290&cisv=r20221110.81117&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: altin.in
URL: https://altin.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 26 Nov 2022 19:47:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Nov 2022 19:47:27 GMT

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 4A86 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 22:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 22:14:36 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame B407 29 KB
10 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2695385840103718912/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2695385840103718912/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 11:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28327
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Nov 2022 11:55:20 GMT

GET
H2 200 jivoxWidgetApiV2.min.js Show response
playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/ Frame 9C1E 29 KB
6 KB 8ms
7ms Script
application/x-javascript 108.138.5.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/jivoxWidgetApiV2.min.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669492046817081&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSAgoTm2CY7nvMbvD7_UP_-6U-AGInrzIbZChy9vdEN_kor3AARABIMz4sy5gleKQgqAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBNkBT9CDoD-dURtkwuR_S767ceDv5l3fv9dDbwEDVsOpjHUwqxO6fMvoYeIZFD9KltafrWNhVmhXBj-1ZWx0giLFeUH9b1h5g-tOrAL1e404mI8Tl8xVj5nwwk6Qxp7UOEnsHwbl8ooJeG_5X2AwvIfJguGxOXWGDRYS32WKVFQtY1GvIlU8pGQj4uhxFu0qtk-IpYnUK9xs4d15HIAd_noW4heNUZ4TEFlwBaiUG8g_m7CNpaelRVZcFaqG0VxM5SnDMl7YmUgy8_qT0RCA7tRb1McMyE9GRe_I0MAEkdWLvZIE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbAT6M-fEdATANgTDdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSTADq26N97XhDFYy2_5VY3LgqiPClaEiyCLP_XOMgSbd1IWYP0eJiLOjisVYePcWAegDp04nPYUpGNVBmUUJpLdClRIA04EDSA_K79fEYASAT%26sig%3DAOD64_3dlIvquWYHP1d_NDh0Skuf9yyt5A%26client%3Dca-pub-2813963760383841%26dbm_c%3DAKAmf-AITh0KXE8i_Y84Y7XqIEDleeC4xBaGpPV79BZfOig45k4NX9BNEbdU9FgmOVHv3jtfpE8wLAsYeyWWp9b026bFnWgZKLBKErr_QVOkOqLxzBhnZO1Bg-BagSA9UWzGd7iNcCucRr9E13u-7n19VMuBK9WO-rchOxQD8tJpubpIOIm8PbU%26cry%3D1%26dbm_d%3DAKAmf-CvwdsUV9M_0_g0qzI_oJM9MPGI-Kbc89eLJiLJxugwgaNrtk-wdjkuve0q1RsEDMydZxFg6vMcz6vEBaGj1II2FCLQNmoL9qW8Rp22mC7M9zcIayGO_FoynewgEDXCLTGo4RNww90BBjVFiLcGgu_hNZyFjLzinAFMkregJWY6-skNV2VN9CQfRHy7g7svLkiTkEXtC8kSKMYYIS4k9ptpajMe11Jvl2518XMpDJ3fpdWEa6S_L29cLKh1CpnFXNaHUOtiifcjG2h1oEyQsNkvX0wm3JPKPxLQ9GF6LfYjQ3yHasoy3hNaz0qIn-9U8vGfVbJdpR2pehhWeCJ5AxyM786x1spA1EHkiINUQDgA8CIdVP6rEpCx_-FEe4lYib6HP9Z-hAN6ptTg5zmITH3Q8nNcFcYSss1pkriC8u0HGfT_CxcD9hrx0rABwqPPwiJlbI6g-lhdTgx7Sp2EzxQwswVr4-I2ajDYM-7mYlRcGDf_SsXplrxU89ajAcVhfkCVIUpXOortFcPjIWtShv1fYZNyEQ%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63826d4f64dc1&adUnitId=2900&jvxSessionId=1669492047.9767&base=1&creativeResolveBeginTime=1669492047000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.5.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-5-230.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6c84a15873bbae73ff06857139327b85a6869fa0e21d36666aa2bb5d9bbb19b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 05:34:33 GMT
content-encoding: gzip
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 07:29:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 51175
etag: "2a0e0abd8f7f11fb012a534ea115a29a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400, s-maxage=86400
accept-ranges: bytes
content-length: 5987
x-amz-cf-id: Ymbrt_u8KlahfTccU7Lg4OYa9WQ-j--2ymyrc9cRy2VJ039gv43Bhg==

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 9C1E 236 KB
63 KB 72ms
15ms Script
text/javascript 2a02:26f0:480:f::213:7edc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669492046817081&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSAgoTm2CY7nvMbvD7_UP_-6U-AGInrzIbZChy9vdEN_kor3AARABIMz4sy5gleKQgqAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBNkBT9CDoD-dURtkwuR_S767ceDv5l3fv9dDbwEDVsOpjHUwqxO6fMvoYeIZFD9KltafrWNhVmhXBj-1ZWx0giLFeUH9b1h5g-tOrAL1e404mI8Tl8xVj5nwwk6Qxp7UOEnsHwbl8ooJeG_5X2AwvIfJguGxOXWGDRYS32WKVFQtY1GvIlU8pGQj4uhxFu0qtk-IpYnUK9xs4d15HIAd_noW4heNUZ4TEFlwBaiUG8g_m7CNpaelRVZcFaqG0VxM5SnDMl7YmUgy8_qT0RCA7tRb1McMyE9GRe_I0MAEkdWLvZIE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbAT6M-fEdATANgTDdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSTADq26N97XhDFYy2_5VY3LgqiPClaEiyCLP_XOMgSbd1IWYP0eJiLOjisVYePcWAegDp04nPYUpGNVBmUUJpLdClRIA04EDSA_K79fEYASAT%26sig%3DAOD64_3dlIvquWYHP1d_NDh0Skuf9yyt5A%26client%3Dca-pub-2813963760383841%26dbm_c%3DAKAmf-AITh0KXE8i_Y84Y7XqIEDleeC4xBaGpPV79BZfOig45k4NX9BNEbdU9FgmOVHv3jtfpE8wLAsYeyWWp9b026bFnWgZKLBKErr_QVOkOqLxzBhnZO1Bg-BagSA9UWzGd7iNcCucRr9E13u-7n19VMuBK9WO-rchOxQD8tJpubpIOIm8PbU%26cry%3D1%26dbm_d%3DAKAmf-CvwdsUV9M_0_g0qzI_oJM9MPGI-Kbc89eLJiLJxugwgaNrtk-wdjkuve0q1RsEDMydZxFg6vMcz6vEBaGj1II2FCLQNmoL9qW8Rp22mC7M9zcIayGO_FoynewgEDXCLTGo4RNww90BBjVFiLcGgu_hNZyFjLzinAFMkregJWY6-skNV2VN9CQfRHy7g7svLkiTkEXtC8kSKMYYIS4k9ptpajMe11Jvl2518XMpDJ3fpdWEa6S_L29cLKh1CpnFXNaHUOtiifcjG2h1oEyQsNkvX0wm3JPKPxLQ9GF6LfYjQ3yHasoy3hNaz0qIn-9U8vGfVbJdpR2pehhWeCJ5AxyM786x1spA1EHkiINUQDgA8CIdVP6rEpCx_-FEe4lYib6HP9Z-hAN6ptTg5zmITH3Q8nNcFcYSss1pkriC8u0HGfT_CxcD9hrx0rABwqPPwiJlbI6g-lhdTgx7Sp2EzxQwswVr4-I2ajDYM-7mYlRcGDf_SsXplrxU89ajAcVhfkCVIUpXOortFcPjIWtShv1fYZNyEQ%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63826d4f64dc1&adUnitId=2900&jvxSessionId=1669492047.9767&base=1&creativeResolveBeginTime=1669492047000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:480:f::213:7edc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:27 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Sat, 26 Nov 2022 20:02:27 GMT

GET
H2 200 mazda_970x250_jvx.js Show response
assets.euw1.jivox.com/widgets/2022/10/a72798z635ab6c7de41d/1/970x250/ Frame 9C1E 26 KB
6 KB 62ms
14ms Script
application/x-javascript 108.138.36.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.euw1.jivox.com/widgets/2022/10/a72798z635ab6c7de41d/1/970x250/mazda_970x250_jvx.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669492046817081&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSAgoTm2CY7nvMbvD7_UP_-6U-AGInrzIbZChy9vdEN_kor3AARABIMz4sy5gleKQgqAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBNkBT9CDoD-dURtkwuR_S767ceDv5l3fv9dDbwEDVsOpjHUwqxO6fMvoYeIZFD9KltafrWNhVmhXBj-1ZWx0giLFeUH9b1h5g-tOrAL1e404mI8Tl8xVj5nwwk6Qxp7UOEnsHwbl8ooJeG_5X2AwvIfJguGxOXWGDRYS32WKVFQtY1GvIlU8pGQj4uhxFu0qtk-IpYnUK9xs4d15HIAd_noW4heNUZ4TEFlwBaiUG8g_m7CNpaelRVZcFaqG0VxM5SnDMl7YmUgy8_qT0RCA7tRb1McMyE9GRe_I0MAEkdWLvZIE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbAT6M-fEdATANgTDdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSTADq26N97XhDFYy2_5VY3LgqiPClaEiyCLP_XOMgSbd1IWYP0eJiLOjisVYePcWAegDp04nPYUpGNVBmUUJpLdClRIA04EDSA_K79fEYASAT%26sig%3DAOD64_3dlIvquWYHP1d_NDh0Skuf9yyt5A%26client%3Dca-pub-2813963760383841%26dbm_c%3DAKAmf-AITh0KXE8i_Y84Y7XqIEDleeC4xBaGpPV79BZfOig45k4NX9BNEbdU9FgmOVHv3jtfpE8wLAsYeyWWp9b026bFnWgZKLBKErr_QVOkOqLxzBhnZO1Bg-BagSA9UWzGd7iNcCucRr9E13u-7n19VMuBK9WO-rchOxQD8tJpubpIOIm8PbU%26cry%3D1%26dbm_d%3DAKAmf-CvwdsUV9M_0_g0qzI_oJM9MPGI-Kbc89eLJiLJxugwgaNrtk-wdjkuve0q1RsEDMydZxFg6vMcz6vEBaGj1II2FCLQNmoL9qW8Rp22mC7M9zcIayGO_FoynewgEDXCLTGo4RNww90BBjVFiLcGgu_hNZyFjLzinAFMkregJWY6-skNV2VN9CQfRHy7g7svLkiTkEXtC8kSKMYYIS4k9ptpajMe11Jvl2518XMpDJ3fpdWEa6S_L29cLKh1CpnFXNaHUOtiifcjG2h1oEyQsNkvX0wm3JPKPxLQ9GF6LfYjQ3yHasoy3hNaz0qIn-9U8vGfVbJdpR2pehhWeCJ5AxyM786x1spA1EHkiINUQDgA8CIdVP6rEpCx_-FEe4lYib6HP9Z-hAN6ptTg5zmITH3Q8nNcFcYSss1pkriC8u0HGfT_CxcD9hrx0rABwqPPwiJlbI6g-lhdTgx7Sp2EzxQwswVr4-I2ajDYM-7mYlRcGDf_SsXplrxU89ajAcVhfkCVIUpXOortFcPjIWtShv1fYZNyEQ%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63826d4f64dc1&adUnitId=2900&jvxSessionId=1669492047.9767&base=1&creativeResolveBeginTime=1669492047000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-110.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9423269a7f4d0dc276ee47a2b7fa33df3284d350f38792dcba7c45174329fbdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 91220e34cbdd95f669dbfd83e711fee6.cloudfront.net (CloudFront)
date: Sat, 26 Nov 2022 18:59:54 GMT
last-modified: Thu, 27 Oct 2022 16:50:18 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 34883
etag: W/"5630c7e2ff14249d3106257cd2d08aa5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400, s-maxage=86400
x-amz-cf-id: uXuTtxx1OQ1OLtjxz95ba7mDdjPVEWtDrLmORwOJjxcpN9HW81HF2A==

GET
H2 200 canvas-text.js Show response
playercdn.jivox.com/1651821427/player/js/ Frame 9C1E 8 KB
2 KB 8ms
8ms Script
application/x-javascript 108.138.5.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://playercdn.jivox.com/1651821427/player/js/canvas-text.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669492046817081&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSAgoTm2CY7nvMbvD7_UP_-6U-AGInrzIbZChy9vdEN_kor3AARABIMz4sy5gleKQgqAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBNkBT9CDoD-dURtkwuR_S767ceDv5l3fv9dDbwEDVsOpjHUwqxO6fMvoYeIZFD9KltafrWNhVmhXBj-1ZWx0giLFeUH9b1h5g-tOrAL1e404mI8Tl8xVj5nwwk6Qxp7UOEnsHwbl8ooJeG_5X2AwvIfJguGxOXWGDRYS32WKVFQtY1GvIlU8pGQj4uhxFu0qtk-IpYnUK9xs4d15HIAd_noW4heNUZ4TEFlwBaiUG8g_m7CNpaelRVZcFaqG0VxM5SnDMl7YmUgy8_qT0RCA7tRb1McMyE9GRe_I0MAEkdWLvZIE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbAT6M-fEdATANgTDdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSTADq26N97XhDFYy2_5VY3LgqiPClaEiyCLP_XOMgSbd1IWYP0eJiLOjisVYePcWAegDp04nPYUpGNVBmUUJpLdClRIA04EDSA_K79fEYASAT%26sig%3DAOD64_3dlIvquWYHP1d_NDh0Skuf9yyt5A%26client%3Dca-pub-2813963760383841%26dbm_c%3DAKAmf-AITh0KXE8i_Y84Y7XqIEDleeC4xBaGpPV79BZfOig45k4NX9BNEbdU9FgmOVHv3jtfpE8wLAsYeyWWp9b026bFnWgZKLBKErr_QVOkOqLxzBhnZO1Bg-BagSA9UWzGd7iNcCucRr9E13u-7n19VMuBK9WO-rchOxQD8tJpubpIOIm8PbU%26cry%3D1%26dbm_d%3DAKAmf-CvwdsUV9M_0_g0qzI_oJM9MPGI-Kbc89eLJiLJxugwgaNrtk-wdjkuve0q1RsEDMydZxFg6vMcz6vEBaGj1II2FCLQNmoL9qW8Rp22mC7M9zcIayGO_FoynewgEDXCLTGo4RNww90BBjVFiLcGgu_hNZyFjLzinAFMkregJWY6-skNV2VN9CQfRHy7g7svLkiTkEXtC8kSKMYYIS4k9ptpajMe11Jvl2518XMpDJ3fpdWEa6S_L29cLKh1CpnFXNaHUOtiifcjG2h1oEyQsNkvX0wm3JPKPxLQ9GF6LfYjQ3yHasoy3hNaz0qIn-9U8vGfVbJdpR2pehhWeCJ5AxyM786x1spA1EHkiINUQDgA8CIdVP6rEpCx_-FEe4lYib6HP9Z-hAN6ptTg5zmITH3Q8nNcFcYSss1pkriC8u0HGfT_CxcD9hrx0rABwqPPwiJlbI6g-lhdTgx7Sp2EzxQwswVr4-I2ajDYM-7mYlRcGDf_SsXplrxU89ajAcVhfkCVIUpXOortFcPjIWtShv1fYZNyEQ%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63826d4f64dc1&adUnitId=2900&jvxSessionId=1669492047.9767&base=1&creativeResolveBeginTime=1669492047000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.5.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-5-230.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d2c7477e7418b42a967439d1fb117b25369aeb385be8ffb25c3f9c97cb85cee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 16:49:12 GMT
content-encoding: gzip
via: 1.1 dd09b3b5f5b8dc626e1ba6804a73af40.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 07:22:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 10696
etag: W/"92cdc84e4a0a05215db6931b920e15fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400, s-maxage=86400
x-amz-cf-id: fWWWT_FnKQ4w_Yij_sH54A0wlY7ylCspuzBBb9Fzb4CU5G36Uy5xWw==

GET
H2 200 es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjY5ODM5ODYwL2FkYjEta2V5PTgxMS9hZGIyLWtleT04MTQvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvYkRpbT05NzB4MjUwL3I9MC44OTQ1Mjg5OTcxNjAyMTQ0L2Vz...
evs.euw1.jivox.com/trk/66/205853/2900/159897/961ee94c58df6c/29/jvxSId_1669492047.9767/es_pId_8a1b5e9/ Frame D90A 43 B
229 B 109ms
29ms Image
image/gif 52.17.68.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evs.euw1.jivox.com/trk/66/205853/2900/159897/961ee94c58df6c/29/jvxSId_1669492047.9767/es_pId_8a1b5e9/es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjY5ODM5ODYwL2FkYjEta2V5PTgxMS9hZGIyLWtleT04MTQvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvYkRpbT05NzB4MjUwL3I9MC44OTQ1Mjg5OTcxNjAyMTQ0L2VzX2V0PTEvZXNfY2dOYW1lPU1NREVfTTIlM0FEZWZhdWx0X25vK2xvY2F0aW9uX1dlZWtlbmRfRGF5X0JvbmRfd2hpdGVfdjQvZXNfc2VnTmFtZT1HZW5lcmljX1dlZWtFbmRfRGF5
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669492046817081&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSAgoTm2CY7nvMbvD7_UP_-6U-AGInrzIbZChy9vdEN_kor3AARABIMz4sy5gleKQgqAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBNkBT9CDoD-dURtkwuR_S767ceDv5l3fv9dDbwEDVsOpjHUwqxO6fMvoYeIZFD9KltafrWNhVmhXBj-1ZWx0giLFeUH9b1h5g-tOrAL1e404mI8Tl8xVj5nwwk6Qxp7UOEnsHwbl8ooJeG_5X2AwvIfJguGxOXWGDRYS32WKVFQtY1GvIlU8pGQj4uhxFu0qtk-IpYnUK9xs4d15HIAd_noW4heNUZ4TEFlwBaiUG8g_m7CNpaelRVZcFaqG0VxM5SnDMl7YmUgy8_qT0RCA7tRb1McMyE9GRe_I0MAEkdWLvZIE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbAT6M-fEdATANgTDdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSTADq26N97XhDFYy2_5VY3LgqiPClaEiyCLP_XOMgSbd1IWYP0eJiLOjisVYePcWAegDp04nPYUpGNVBmUUJpLdClRIA04EDSA_K79fEYASAT%26sig%3DAOD64_3dlIvquWYHP1d_NDh0Skuf9yyt5A%26client%3Dca-pub-2813963760383841%26dbm_c%3DAKAmf-AITh0KXE8i_Y84Y7XqIEDleeC4xBaGpPV79BZfOig45k4NX9BNEbdU9FgmOVHv3jtfpE8wLAsYeyWWp9b026bFnWgZKLBKErr_QVOkOqLxzBhnZO1Bg-BagSA9UWzGd7iNcCucRr9E13u-7n19VMuBK9WO-rchOxQD8tJpubpIOIm8PbU%26cry%3D1%26dbm_d%3DAKAmf-CvwdsUV9M_0_g0qzI_oJM9MPGI-Kbc89eLJiLJxugwgaNrtk-wdjkuve0q1RsEDMydZxFg6vMcz6vEBaGj1II2FCLQNmoL9qW8Rp22mC7M9zcIayGO_FoynewgEDXCLTGo4RNww90BBjVFiLcGgu_hNZyFjLzinAFMkregJWY6-skNV2VN9CQfRHy7g7svLkiTkEXtC8kSKMYYIS4k9ptpajMe11Jvl2518XMpDJ3fpdWEa6S_L29cLKh1CpnFXNaHUOtiifcjG2h1oEyQsNkvX0wm3JPKPxLQ9GF6LfYjQ3yHasoy3hNaz0qIn-9U8vGfVbJdpR2pehhWeCJ5AxyM786x1spA1EHkiINUQDgA8CIdVP6rEpCx_-FEe4lYib6HP9Z-hAN6ptTg5zmITH3Q8nNcFcYSss1pkriC8u0HGfT_CxcD9hrx0rABwqPPwiJlbI6g-lhdTgx7Sp2EzxQwswVr4-I2ajDYM-7mYlRcGDf_SsXplrxU89ajAcVhfkCVIUpXOortFcPjIWtShv1fYZNyEQ%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63826d4f64dc1&adUnitId=2900&jvxSessionId=1669492047.9767&base=1&creativeResolveBeginTime=1669492047000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.68.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-68-86.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.11 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 26 Nov 2022 19:47:27 GMT
access-control-allow-credentials: false
content-type: image/gif
server: akka-http/10.1.11
content-length: 43
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'

GET
H2 200 es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjY5ODM5ODYwL2FkYjEta2V5PTgxMS9hZGIyLWtleT04MTQvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvZXNfY2xpY2tVcmw9aHR0cHMlM0ElMkYlMkZnb29nbGVhZHMu...
evs.euw1.jivox.com/trk/60/205853/2900/159897/961ee94c58df6c/29/jvxSId_1669492047.9767/es_pId_8a1b5e9/ Frame D90A 43 B
230 B 107ms
28ms Image
image/gif 52.17.68.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evs.euw1.jivox.com/trk/60/205853/2900/159897/961ee94c58df6c/29/jvxSId_1669492047.9767/es_pId_8a1b5e9/es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjY5ODM5ODYwL2FkYjEta2V5PTgxMS9hZGIyLWtleT04MTQvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvZXNfY2xpY2tVcmw9aHR0cHMlM0ElMkYlMkZnb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQlMkZkYm0lMkZjbGslM0ZzYSUzREwlMjZhaSUzRENTQWdvVG0yQ1k3bnZNYnZEN19VUF8tNlUtQUdJbnJ6SWJaQ2h5OXZkRU5fa29yM0FBUkFCSU16NHN5NWdsZUtRZ3FBSG9BSG00OTdwQXNnQkNha0NfVjNpZXA5d3NUNm9Bd0dxQk5rQlQ5Q0RvRC1kVVJ0a3d1Ul9TNzY3Y2VEdjVsM2Z2OWREYndFRFZzT3BqSFV3cXhPNmZNdm9ZZUlaRkQ5S2x0YWZyV05oVm1oWEJqLTFaV3gwZ2lMRmVVSDliMWg1Zy10T3JBTDFlNDA0bUk4VGw4eFZqNW53d2s2UXhwN1VPRW5zSHdibDhvb0plR181WDJBd3ZJZkpndUd4T1hXR0RSWVMzMldLVkZRdFkxR3ZJbFU4cEdRajR1aHhGdTBxdGstSXBZblVLOXhzNGQxNUhJQWRfbm9XNGhlTlVaNFRFRmx3QmFpVUc4Z19tN0NOcGFlbFJWWmNGYXFHMFZ4TTVTbkRNbDdZbVVneThfcVQwUkNBN3RSYjFNY015RTlHUmVfSTBNQUVrZFdMdlpJRTRBUURrQVlCb0FaTmdBZUNuS0dXQWFnSGpzNGJxQWVUMkJ1b0ItNldzUUtvQl82ZXNRS29CNlNqc1FLb0I5WEpHNmdIcHI0YnFBZWFCcWdIODlFYnFBZVcyQnVvQjZxYnNRS29CXy1lc1FLb0I5LWZzUUxZQndEU0NCRUlnT0dBRUJBQkdCMHlBcW9DT2dLQVFJQUtBNWdMQWNnTEFZQU1BYkFUNk0tZkVkQVRBTmdURGRnVUFkQVZBZmdXQVlBWEFRJTI2bnVtJTNEMSUyNmNpZCUzRENBUVNUQURxMjZOOTdYaERGWXkyXzVWWTNMZ3FpUENsYUVpeUNMUF9YT01nU2JkMUlXWVAwZUppTE9qaXNWWWVQY1dBZWdEcDA0blBZVXBHTlZCbVVVSnBMZENsUklBMDRFRFNBX0s3OWZFWUFTQVQlMjZzaWclM0RBT0Q2NF8zZGxJdnF1V1lIUDFkX05EaDBTa3VmOXl5dDVBJTI2Y2xpZW50JTNEY2EtcHViLTI4MTM5NjM3NjAzODM4NDElMjZkYm1fYyUzREFLQW1mLUFJVGgwS1hFOGlfWTg0WTdYcUlFRGxlZUM0eEJhR3BQVjc5QlpmT2lnNDVrNE5YOUJORWJkVTlGZ21PVkh2M2p0ZnBFOHdMQXNZZXlXV3A5YjAyNmJGbldnWktMQktFcnJfUVZPa09xTHh6QmhuWk8xQmctQmFnU0E5VVd6R2Q3aU5jQ3VjUnI5RTEzdS03bjE5Vk11Qks5V08tcmNoT3hRRDh0SnB1YnBJT0ltOFBiVSUyNmNyeSUzRDElMjZkYm1fZCUzREFLQW1mLUN2d2RzVVY5TV8wX2cwcXpJX29KTTlNUEdJLUtiYzg5ZUxKaUxKeHVnd2dhTnJ0ay13ZGprdXZlMHExUnNFRE15ZFp4Rmc2dk1jejZ2RUJhR2oxSUkyRkNMUU5tb0w5cVc4UnAyMm1DN005emNJYXlHT19Gb3luZXdnRURYQ0xUR280Uk53dzkwQkJqVkZpTGNHZ3VfaE5aeUZqTHppbkFGTWtyZWdKV1k2LXNrTlYyVk45Q1FmUkh5N2c3c3ZMa2lUa0VYdEM4a1NLTVlZSVM0azlwdHBhak1lMTFKdmwyNTE4WE1wREozZnBkV0VhNlNfTDI5Y0xLaDFDcG5GWE5hSFVPdGlpZmNqRzJoMW9FeVFzTmt2WDB3bTNKUEtQeExROUdGNkxmWWpRM3lIYXNveTNoTmF6MHFJbi05VTh2R2ZWYkpkcFIycGVoaFdlQ0o1QXh5TTc4Nngxc3BBMUVIa2lJTlVRRGdBOENJZFZQNnJFcEN4Xy1GRWU0bFlpYjZIUDlaLWhBTjZwdFRnNXptSVRIM1E4bk5jRmNZU3NzMXBrcmlDOHUwSEdmVF9DeGNEOWhyeDByQUJ3cVBQd2lKbGJJNmctbGhkVGd4N1NwMkV6eFF3c3dWcjQtSTJhakRZTS03bVlsUmNHRGZfU3NYcGxyeFU4OWFqQWNWaGZrQ1ZJVXBYT29ydEZjUGpJV3RTaHYxZllaTnlFUSUyNmFkdXJsJTNEaHR0cHMlMjUzQSUyNTJGJTI1MkZ3d3cubWF6ZGEuZGUlMjUyRm1vZGVsbGUlMjUyRm1hemRhLWN4LTYwJTI1MkYlMjUzRnV0bV9zb3VyY2UlMjUzRGRvdWJsZWNsaWNrJTI1MjZ1dG1fbWVkaXVtJTI1M0RkaXNwbGF5JTI1MjZ1dG1fY2FtcGFpZ24lMjUzRG1tZF9hbHdheXNfb25fZGNvX2N4NjBfd2VyYmVtaXR0ZWxfZGVfMTU3XzA5MjIlMjUyNm1vZGVsJTI1M0RtYXpkYSUyNTI1MjBjeC02MCUyNTI2Ym9keSUyNTNENXdnbiUyNTI2Y2FtcGFpZ25fZm9jdXMlMjUzRG1hemRhY3g2MF81d2duJTI1MjZkbXBfc291cmNlJTI1M0RubyUyNTI2ZGNvX3NvdXJjZSUyNTNEeWVzJTI1MjZjYW1wYWlnbmNvZGUlMjUzRG1tZF9hbHdheXNfb25fZGNvX2N4NjBfd2VyYmVtaXR0ZWxfZGVfMTU3XzA5MjIvY21Vcmw9aHR0cHMlM0ElMkYlMkZhc3NldHMuZXV3MS5qaXZveC5jb20lMkZ3aWRnZXRzJTJGMjAyMiUyRjEwJTJGYTcyNzk4ejYzNWFiNmM3ZGU0MWQlMkYxJTJGOTcweDI1MCUyRm1hemRhXzk3MHgyNTAuaHRtbC9iRGltPTk3MHgyNTAvcj0wLjIxMzA0MTczOTMyODMyMTcvY2xpY2tNYWNybz1odHRwcyUzQSUyRiUyRmdvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldCUyRmRibSUyRmNsayUzRnNhJTNETCUyNmFpJTNEQ1NBZ29UbTJDWTdudk1idkQ3X1VQXy02VS1BR0lucnpJYlpDaHk5dmRFTl9rb3IzQUFSQUJJTXo0c3k1Z2xlS1FncUFIb0FIbTQ5Ny9jYWNoZU1hY3JvPTE2Njk0OTIwNDY4MTcwODEvcGFnZVVybD1odHRwcyUzQSUyRiUyRjM2NTIwNDJmM2U3ZjE1MWZmZDcwYmYwZjg4NDRjMWFjLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20lMkZzYWZlZnJhbWUlMkYxLTAtNDAlMkZodG1sJTJGY29udGFpbmVyLmh0bWwvZXNfY2dOYW1lPU1NREVfTTIlM0FEZWZhdWx0X25vK2xvY2F0aW9uX1dlZWtlbmRfRGF5X0JvbmRfd2hpdGVfdjQvZXNfc2VnTmFtZT1HZW5lcmljX1dlZWtFbmRfRGF5
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669492046817081&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSAgoTm2CY7nvMbvD7_UP_-6U-AGInrzIbZChy9vdEN_kor3AARABIMz4sy5gleKQgqAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBNkBT9CDoD-dURtkwuR_S767ceDv5l3fv9dDbwEDVsOpjHUwqxO6fMvoYeIZFD9KltafrWNhVmhXBj-1ZWx0giLFeUH9b1h5g-tOrAL1e404mI8Tl8xVj5nwwk6Qxp7UOEnsHwbl8ooJeG_5X2AwvIfJguGxOXWGDRYS32WKVFQtY1GvIlU8pGQj4uhxFu0qtk-IpYnUK9xs4d15HIAd_noW4heNUZ4TEFlwBaiUG8g_m7CNpaelRVZcFaqG0VxM5SnDMl7YmUgy8_qT0RCA7tRb1McMyE9GRe_I0MAEkdWLvZIE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbAT6M-fEdATANgTDdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSTADq26N97XhDFYy2_5VY3LgqiPClaEiyCLP_XOMgSbd1IWYP0eJiLOjisVYePcWAegDp04nPYUpGNVBmUUJpLdClRIA04EDSA_K79fEYASAT%26sig%3DAOD64_3dlIvquWYHP1d_NDh0Skuf9yyt5A%26client%3Dca-pub-2813963760383841%26dbm_c%3DAKAmf-AITh0KXE8i_Y84Y7XqIEDleeC4xBaGpPV79BZfOig45k4NX9BNEbdU9FgmOVHv3jtfpE8wLAsYeyWWp9b026bFnWgZKLBKErr_QVOkOqLxzBhnZO1Bg-BagSA9UWzGd7iNcCucRr9E13u-7n19VMuBK9WO-rchOxQD8tJpubpIOIm8PbU%26cry%3D1%26dbm_d%3DAKAmf-CvwdsUV9M_0_g0qzI_oJM9MPGI-Kbc89eLJiLJxugwgaNrtk-wdjkuve0q1RsEDMydZxFg6vMcz6vEBaGj1II2FCLQNmoL9qW8Rp22mC7M9zcIayGO_FoynewgEDXCLTGo4RNww90BBjVFiLcGgu_hNZyFjLzinAFMkregJWY6-skNV2VN9CQfRHy7g7svLkiTkEXtC8kSKMYYIS4k9ptpajMe11Jvl2518XMpDJ3fpdWEa6S_L29cLKh1CpnFXNaHUOtiifcjG2h1oEyQsNkvX0wm3JPKPxLQ9GF6LfYjQ3yHasoy3hNaz0qIn-9U8vGfVbJdpR2pehhWeCJ5AxyM786x1spA1EHkiINUQDgA8CIdVP6rEpCx_-FEe4lYib6HP9Z-hAN6ptTg5zmITH3Q8nNcFcYSss1pkriC8u0HGfT_CxcD9hrx0rABwqPPwiJlbI6g-lhdTgx7Sp2EzxQwswVr4-I2ajDYM-7mYlRcGDf_SsXplrxU89ajAcVhfkCVIUpXOortFcPjIWtShv1fYZNyEQ%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63826d4f64dc1&adUnitId=2900&jvxSessionId=1669492047.9767&base=1&creativeResolveBeginTime=1669492047000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.68.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-68-86.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.11 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 26 Nov 2022 19:47:27 GMT
access-control-allow-credentials: false
content-type: image/gif
server: akka-http/10.1.11
content-length: 43
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'

GET
H2 200 es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjY5ODM5ODYwL2FkYjEta2V5PTgxMS9hZGIyLWtleT04MTQvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvZXNfY2xpY2tVcmw9aHR0cHMlM0ElMkYlMkZnb29nbGVhZHMu...
evs.euw1.jivox.com/trk/77/205853/2900/159897/961ee94c58df6c/29/jvxSId_1669492047.9767/es_pId_8a1b5e9/ Frame D90A 43 B
229 B 108ms
29ms Image
image/gif 52.17.68.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evs.euw1.jivox.com/trk/77/205853/2900/159897/961ee94c58df6c/29/jvxSId_1669492047.9767/es_pId_8a1b5e9/es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjY5ODM5ODYwL2FkYjEta2V5PTgxMS9hZGIyLWtleT04MTQvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvZXNfY2xpY2tVcmw9aHR0cHMlM0ElMkYlMkZnb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQlMkZkYm0lMkZjbGslM0ZzYSUzREwlMjZhaSUzRENTQWdvVG0yQ1k3bnZNYnZEN19VUF8tNlUtQUdJbnJ6SWJaQ2h5OXZkRU5fa29yM0FBUkFCSU16NHN5NWdsZUtRZ3FBSG9BSG00OTdwQXNnQkNha0NfVjNpZXA5d3NUNm9Bd0dxQk5rQlQ5Q0RvRC1kVVJ0a3d1Ul9TNzY3Y2VEdjVsM2Z2OWREYndFRFZzT3BqSFV3cXhPNmZNdm9ZZUlaRkQ5S2x0YWZyV05oVm1oWEJqLTFaV3gwZ2lMRmVVSDliMWg1Zy10T3JBTDFlNDA0bUk4VGw4eFZqNW53d2s2UXhwN1VPRW5zSHdibDhvb0plR181WDJBd3ZJZkpndUd4T1hXR0RSWVMzMldLVkZRdFkxR3ZJbFU4cEdRajR1aHhGdTBxdGstSXBZblVLOXhzNGQxNUhJQWRfbm9XNGhlTlVaNFRFRmx3QmFpVUc4Z19tN0NOcGFlbFJWWmNGYXFHMFZ4TTVTbkRNbDdZbVVneThfcVQwUkNBN3RSYjFNY015RTlHUmVfSTBNQUVrZFdMdlpJRTRBUURrQVlCb0FaTmdBZUNuS0dXQWFnSGpzNGJxQWVUMkJ1b0ItNldzUUtvQl82ZXNRS29CNlNqc1FLb0I5WEpHNmdIcHI0YnFBZWFCcWdIODlFYnFBZVcyQnVvQjZxYnNRS29CXy1lc1FLb0I5LWZzUUxZQndEU0NCRUlnT0dBRUJBQkdCMHlBcW9DT2dLQVFJQUtBNWdMQWNnTEFZQU1BYkFUNk0tZkVkQVRBTmdURGRnVUFkQVZBZmdXQVlBWEFRJTI2bnVtJTNEMSUyNmNpZCUzRENBUVNUQURxMjZOOTdYaERGWXkyXzVWWTNMZ3FpUENsYUVpeUNMUF9YT01nU2JkMUlXWVAwZUppTE9qaXNWWWVQY1dBZWdEcDA0blBZVXBHTlZCbVVVSnBMZENsUklBMDRFRFNBX0s3OWZFWUFTQVQlMjZzaWclM0RBT0Q2NF8zZGxJdnF1V1lIUDFkX05EaDBTa3VmOXl5dDVBJTI2Y2xpZW50JTNEY2EtcHViLTI4MTM5NjM3NjAzODM4NDElMjZkYm1fYyUzREFLQW1mLUFJVGgwS1hFOGlfWTg0WTdYcUlFRGxlZUM0eEJhR3BQVjc5QlpmT2lnNDVrNE5YOUJORWJkVTlGZ21PVkh2M2p0ZnBFOHdMQXNZZXlXV3A5YjAyNmJGbldnWktMQktFcnJfUVZPa09xTHh6QmhuWk8xQmctQmFnU0E5VVd6R2Q3aU5jQ3VjUnI5RTEzdS03bjE5Vk11Qks5V08tcmNoT3hRRDh0SnB1YnBJT0ltOFBiVSUyNmNyeSUzRDElMjZkYm1fZCUzREFLQW1mLUN2d2RzVVY5TV8wX2cwcXpJX29KTTlNUEdJLUtiYzg5ZUxKaUxKeHVnd2dhTnJ0ay13ZGprdXZlMHExUnNFRE15ZFp4Rmc2dk1jejZ2RUJhR2oxSUkyRkNMUU5tb0w5cVc4UnAyMm1DN005emNJYXlHT19Gb3luZXdnRURYQ0xUR280Uk53dzkwQkJqVkZpTGNHZ3VfaE5aeUZqTHppbkFGTWtyZWdKV1k2LXNrTlYyVk45Q1FmUkh5N2c3c3ZMa2lUa0VYdEM4a1NLTVlZSVM0azlwdHBhak1lMTFKdmwyNTE4WE1wREozZnBkV0VhNlNfTDI5Y0xLaDFDcG5GWE5hSFVPdGlpZmNqRzJoMW9FeVFzTmt2WDB3bTNKUEtQeExROUdGNkxmWWpRM3lIYXNveTNoTmF6MHFJbi05VTh2R2ZWYkpkcFIycGVoaFdlQ0o1QXh5TTc4Nngxc3BBMUVIa2lJTlVRRGdBOENJZFZQNnJFcEN4Xy1GRWU0bFlpYjZIUDlaLWhBTjZwdFRnNXptSVRIM1E4bk5jRmNZU3NzMXBrcmlDOHUwSEdmVF9DeGNEOWhyeDByQUJ3cVBQd2lKbGJJNmctbGhkVGd4N1NwMkV6eFF3c3dWcjQtSTJhakRZTS03bVlsUmNHRGZfU3NYcGxyeFU4OWFqQWNWaGZrQ1ZJVXBYT29ydEZjUGpJV3RTaHYxZllaTnlFUSUyNmFkdXJsJTNEaHR0cHMlMjUzQSUyNTJGJTI1MkZ3d3cubWF6ZGEuZGUlMjUyRm1vZGVsbGUlMjUyRm1hemRhLWN4LTYwJTI1MkYlMjUzRnV0bV9zb3VyY2UlMjUzRGRvdWJsZWNsaWNrJTI1MjZ1dG1fbWVkaXVtJTI1M0RkaXNwbGF5JTI1MjZ1dG1fY2FtcGFpZ24lMjUzRG1tZF9hbHdheXNfb25fZGNvX2N4NjBfd2VyYmVtaXR0ZWxfZGVfMTU3XzA5MjIlMjUyNm1vZGVsJTI1M0RtYXpkYSUyNTI1MjBjeC02MCUyNTI2Ym9keSUyNTNENXdnbiUyNTI2Y2FtcGFpZ25fZm9jdXMlMjUzRG1hemRhY3g2MF81d2duJTI1MjZkbXBfc291cmNlJTI1M0RubyUyNTI2ZGNvX3NvdXJjZSUyNTNEeWVzJTI1MjZjYW1wYWlnbmNvZGUlMjUzRG1tZF9hbHdheXNfb25fZGNvX2N4NjBfd2VyYmVtaXR0ZWxfZGVfMTU3XzA5MjIvY21Vcmw9aHR0cHMlM0ElMkYlMkZhc3NldHMuZXV3MS5qaXZveC5jb20lMkZ3aWRnZXRzJTJGMjAyMiUyRjEwJTJGYTcyNzk4ejYzNWFiNmM3ZGU0MWQlMkYxJTJGOTcweDI1MCUyRm1hemRhXzk3MHgyNTAuaHRtbC9iRGltPTk3MHgyNTAvcj0wLjAyMzg3NzAwNDM1NTM4MzUzNS9jbGlja01hY3JvPWh0dHBzJTNBJTJGJTJGZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0JTJGZGJtJTJGY2xrJTNGc2ElM0RMJTI2YWklM0RDU0Fnb1RtMkNZN252TWJ2RDdfVVBfLTZVLUFHSW5yekliWkNoeTl2ZEVOX2tvcjNBQVJBQklNejRzeTVnbGVLUWdxQUhvQUhtNDk3L2NhY2hlTWFjcm89MTY2OTQ5MjA0NjgxNzA4MS9wYWdlVXJsPWh0dHBzJTNBJTJGJTJGMzY1MjA0MmYzZTdmMTUxZmZkNzBiZjBmODg0NGMxYWMuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbSUyRnNhZmVmcmFtZSUyRjEtMC00MCUyRmh0bWwlMkZjb250YWluZXIuaHRtbC9lc19jZ05hbWU9TU1ERV9NMiUzQURlZmF1bHRfbm8rbG9jYXRpb25fV2Vla2VuZF9EYXlfQm9uZF93aGl0ZV92NC9lc19zZWdOYW1lPUdlbmVyaWNfV2Vla0VuZF9EYXk=
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669492046817081&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSAgoTm2CY7nvMbvD7_UP_-6U-AGInrzIbZChy9vdEN_kor3AARABIMz4sy5gleKQgqAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBNkBT9CDoD-dURtkwuR_S767ceDv5l3fv9dDbwEDVsOpjHUwqxO6fMvoYeIZFD9KltafrWNhVmhXBj-1ZWx0giLFeUH9b1h5g-tOrAL1e404mI8Tl8xVj5nwwk6Qxp7UOEnsHwbl8ooJeG_5X2AwvIfJguGxOXWGDRYS32WKVFQtY1GvIlU8pGQj4uhxFu0qtk-IpYnUK9xs4d15HIAd_noW4heNUZ4TEFlwBaiUG8g_m7CNpaelRVZcFaqG0VxM5SnDMl7YmUgy8_qT0RCA7tRb1McMyE9GRe_I0MAEkdWLvZIE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbAT6M-fEdATANgTDdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSTADq26N97XhDFYy2_5VY3LgqiPClaEiyCLP_XOMgSbd1IWYP0eJiLOjisVYePcWAegDp04nPYUpGNVBmUUJpLdClRIA04EDSA_K79fEYASAT%26sig%3DAOD64_3dlIvquWYHP1d_NDh0Skuf9yyt5A%26client%3Dca-pub-2813963760383841%26dbm_c%3DAKAmf-AITh0KXE8i_Y84Y7XqIEDleeC4xBaGpPV79BZfOig45k4NX9BNEbdU9FgmOVHv3jtfpE8wLAsYeyWWp9b026bFnWgZKLBKErr_QVOkOqLxzBhnZO1Bg-BagSA9UWzGd7iNcCucRr9E13u-7n19VMuBK9WO-rchOxQD8tJpubpIOIm8PbU%26cry%3D1%26dbm_d%3DAKAmf-CvwdsUV9M_0_g0qzI_oJM9MPGI-Kbc89eLJiLJxugwgaNrtk-wdjkuve0q1RsEDMydZxFg6vMcz6vEBaGj1II2FCLQNmoL9qW8Rp22mC7M9zcIayGO_FoynewgEDXCLTGo4RNww90BBjVFiLcGgu_hNZyFjLzinAFMkregJWY6-skNV2VN9CQfRHy7g7svLkiTkEXtC8kSKMYYIS4k9ptpajMe11Jvl2518XMpDJ3fpdWEa6S_L29cLKh1CpnFXNaHUOtiifcjG2h1oEyQsNkvX0wm3JPKPxLQ9GF6LfYjQ3yHasoy3hNaz0qIn-9U8vGfVbJdpR2pehhWeCJ5AxyM786x1spA1EHkiINUQDgA8CIdVP6rEpCx_-FEe4lYib6HP9Z-hAN6ptTg5zmITH3Q8nNcFcYSss1pkriC8u0HGfT_CxcD9hrx0rABwqPPwiJlbI6g-lhdTgx7Sp2EzxQwswVr4-I2ajDYM-7mYlRcGDf_SsXplrxU89ajAcVhfkCVIUpXOortFcPjIWtShv1fYZNyEQ%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63826d4f64dc1&adUnitId=2900&jvxSessionId=1669492047.9767&base=1&creativeResolveBeginTime=1669492047000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.68.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-68-86.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.11 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 26 Nov 2022 19:47:27 GMT
access-control-allow-credentials: false
content-type: image/gif
server: akka-http/10.1.11
content-length: 43
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 59B2 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 22:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 22:14:36 GMT

GET
H2 200 guncel.asp Show response
kural.altin.in/ 68 B
355 B 335ms
297ms XHR
text/html 2606:4700:10::ac43:2824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kural.altin.in/guncel.asp?ajax=ons&ofiy=$1754.7650&dfiy=18.5863&efiy=19.3243&pfiy=1.0390&sfiy=22.4795&gfiy=12.8257&zaman=26.11.2022+19:47:27
Requested by: Host: altin.in
URL: https://altin.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0b5d46bc04a682ef8dc0a7a80a0c050f49961933904e4a192c7862349729ec20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
pragma: no-cache
date: Sat, 26 Nov 2022 19:47:28 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Sat, 26 Nov 2022 16:47:28 GMT
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: https://altin.in
cache-control: private, max-age=120
cf-ray: 770522d3bfe590a3-FRA
expires: Fri, 25 Nov 2022 19:47:34 GMT

GET
H3 200 VolvoNovum-Medium.woff2
s0.2mdn.net/sadbundle/2695385840103718912/ Frame B407 38 KB
38 KB 38ms
38ms Font
font/woff2 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2695385840103718912/VolvoNovum-Medium.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2695385840103718912/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2675ab1d1852f1aa30e272d7c2b1b9616e1f4771a94860e0d92bc7fca6c3c48a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2695385840103718912/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 19:12:46 GMT
x-content-type-options: nosniff
age: 347681
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39068
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 14:06:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 19:12:46 GMT

GET
H3 200 Volvo_Black.png
s0.2mdn.net/sadbundle/2695385840103718912/ Frame B407 5 KB
5 KB 42ms
41ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2695385840103718912/Volvo_Black.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2695385840103718912/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5be30616d437d2baf9041a6648598542ae30fed30d261b002266e5d58969685

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2695385840103718912/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 13:03:46 GMT
x-content-type-options: nosniff
age: 24221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4824
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 14:06:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 Nov 2023 13:03:46 GMT

GET
H3 200 icon3.png
s0.2mdn.net/sadbundle/2695385840103718912/ Frame B407 29 KB
29 KB 43ms
41ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2695385840103718912/icon3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2695385840103718912/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51296d61497876b8cf13f57f6c6d92af6a4d2ac3645f8bf59b633133b3d8c0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2695385840103718912/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 13:03:46 GMT
x-content-type-options: nosniff
age: 24221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29274
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 14:06:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 Nov 2023 13:03:46 GMT

GET
H3 200 icon2.png
s0.2mdn.net/sadbundle/2695385840103718912/ Frame B407 23 KB
23 KB 48ms
47ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2695385840103718912/icon2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2695385840103718912/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9b221c6be6087a312ae85a590c3c1c4a070e68e02048725b649b58884860625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2695385840103718912/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 21:51:46 GMT
x-content-type-options: nosniff
age: 165341
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23049
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 14:06:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 21:51:46 GMT

GET
H3 200 icon1.png
s0.2mdn.net/sadbundle/2695385840103718912/ Frame B407 14 KB
14 KB 56ms
54ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2695385840103718912/icon1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2695385840103718912/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02e763cf1b2b78cc8ae7f6cb99afe6660ecaeaeb3bb83d3641faae8fa9e061f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2695385840103718912/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:56:56 GMT
x-content-type-options: nosniff
age: 172231
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14415
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 14:06:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 19:56:56 GMT

GET
H3 200 image3.jpg
s0.2mdn.net/sadbundle/2695385840103718912/ Frame B407 51 KB
51 KB 62ms
61ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2695385840103718912/image3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2695385840103718912/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52d14a865c98b96488d22df2dcacae4454c1e0a382e65a0156c3f8e1af74d0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2695385840103718912/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 13:03:46 GMT
x-content-type-options: nosniff
age: 24221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51912
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 14:06:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 Nov 2023 13:03:46 GMT

GET
H3 200 image2.jpg
s0.2mdn.net/sadbundle/2695385840103718912/ Frame B407 36 KB
36 KB 69ms
68ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2695385840103718912/image2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2695385840103718912/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3706372cdba21ffa2b7c9e2eca6e2c60be5260a5600cc8183a0a61d5927a56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2695385840103718912/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 17:29:17 GMT
x-content-type-options: nosniff
age: 94690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36529
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 14:06:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Nov 2023 17:29:17 GMT

GET
H3 200 image1.jpg
s0.2mdn.net/sadbundle/2695385840103718912/ Frame B407 36 KB
36 KB 80ms
79ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2695385840103718912/image1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2695385840103718912/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ced05fb267fccd2c83da1c09defe17b3319783ac50fbc3096cee51dfa70ad161

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2695385840103718912/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 13:44:27 GMT
x-content-type-options: nosniff
age: 108180
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36435
x-xss-protection: 0
last-modified: Thu, 16 Dec 2021 14:06:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Nov 2023 13:44:27 GMT

GET
H2 200 MazdaType150-Regular.woff2
assets.euw1.jivox.com/widgets/2022/10/a72798z635ab6c7de41d/1/970x250/fonts/MazdaType150Regular/ Frame 9C1E 42 KB
42 KB 45ms
16ms Font
application/octet-stream 108.138.36.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.euw1.jivox.com/widgets/2022/10/a72798z635ab6c7de41d/1/970x250/fonts/MazdaType150Regular/MazdaType150-Regular.woff2
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669492046817081&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSAgoTm2CY7nvMbvD7_UP_-6U-AGInrzIbZChy9vdEN_kor3AARABIMz4sy5gleKQgqAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBNkBT9CDoD-dURtkwuR_S767ceDv5l3fv9dDbwEDVsOpjHUwqxO6fMvoYeIZFD9KltafrWNhVmhXBj-1ZWx0giLFeUH9b1h5g-tOrAL1e404mI8Tl8xVj5nwwk6Qxp7UOEnsHwbl8ooJeG_5X2AwvIfJguGxOXWGDRYS32WKVFQtY1GvIlU8pGQj4uhxFu0qtk-IpYnUK9xs4d15HIAd_noW4heNUZ4TEFlwBaiUG8g_m7CNpaelRVZcFaqG0VxM5SnDMl7YmUgy8_qT0RCA7tRb1McMyE9GRe_I0MAEkdWLvZIE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbAT6M-fEdATANgTDdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSTADq26N97XhDFYy2_5VY3LgqiPClaEiyCLP_XOMgSbd1IWYP0eJiLOjisVYePcWAegDp04nPYUpGNVBmUUJpLdClRIA04EDSA_K79fEYASAT%26sig%3DAOD64_3dlIvquWYHP1d_NDh0Skuf9yyt5A%26client%3Dca-pub-2813963760383841%26dbm_c%3DAKAmf-AITh0KXE8i_Y84Y7XqIEDleeC4xBaGpPV79BZfOig45k4NX9BNEbdU9FgmOVHv3jtfpE8wLAsYeyWWp9b026bFnWgZKLBKErr_QVOkOqLxzBhnZO1Bg-BagSA9UWzGd7iNcCucRr9E13u-7n19VMuBK9WO-rchOxQD8tJpubpIOIm8PbU%26cry%3D1%26dbm_d%3DAKAmf-CvwdsUV9M_0_g0qzI_oJM9MPGI-Kbc89eLJiLJxugwgaNrtk-wdjkuve0q1RsEDMydZxFg6vMcz6vEBaGj1II2FCLQNmoL9qW8Rp22mC7M9zcIayGO_FoynewgEDXCLTGo4RNww90BBjVFiLcGgu_hNZyFjLzinAFMkregJWY6-skNV2VN9CQfRHy7g7svLkiTkEXtC8kSKMYYIS4k9ptpajMe11Jvl2518XMpDJ3fpdWEa6S_L29cLKh1CpnFXNaHUOtiifcjG2h1oEyQsNkvX0wm3JPKPxLQ9GF6LfYjQ3yHasoy3hNaz0qIn-9U8vGfVbJdpR2pehhWeCJ5AxyM786x1spA1EHkiINUQDgA8CIdVP6rEpCx_-FEe4lYib6HP9Z-hAN6ptTg5zmITH3Q8nNcFcYSss1pkriC8u0HGfT_CxcD9hrx0rABwqPPwiJlbI6g-lhdTgx7Sp2EzxQwswVr4-I2ajDYM-7mYlRcGDf_SsXplrxU89ajAcVhfkCVIUpXOortFcPjIWtShv1fYZNyEQ%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63826d4f64dc1&adUnitId=2900&jvxSessionId=1669492047.9767&base=1&creativeResolveBeginTime=1669492047000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-110.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 678b3cae19452e95842bebedd844ab5491a4fe873ba5b3e5bca522cc4e45c3fd

Request headers

Referer: https://as.euw1.jivox.com/
Origin: https://as.euw1.jivox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 26 Nov 2022 12:25:52 GMT
via: 1.1 09b934fc5a2991212bdc3b299a0a1cb4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 26498
x-cache: Hit from cloudfront
content-length: 42740
last-modified: Thu, 27 Oct 2022 16:50:17 GMT
server: AmazonS3
etag: "3f2a9073b5b7460866937e4cd2251bb8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=86400
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: fuhOJpwQD3xm7UKWCp9U8a2GoEJjrRGaOxI2vDJM2NdLiIFShNCSAw==

GET
H2 200 2021_CX-60_GER_LHD_C117_EXT_FQ_White_High_Japanese_Premium_WhiteLeather_City_till20240131.jpg
cdn.euw1.jivox.com/files/72839/Template2_FinalVersion_DE_V3/970x250/Frame1/ Frame 9C1E 68 KB
69 KB 705ms
9ms Image
image/jpeg 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.euw1.jivox.com/files/72839/Template2_FinalVersion_DE_V3/970x250/Frame1/2021_CX-60_GER_LHD_C117_EXT_FQ_White_High_Japanese_Premium_WhiteLeather_City_till20240131.jpg
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18269839860&jvxVer=2&gdpr=&bUnitId=2900&r=1669492046817081&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCSAgoTm2CY7nvMbvD7_UP_-6U-AGInrzIbZChy9vdEN_kor3AARABIMz4sy5gleKQgqAHoAHm497pAsgBCakC_V3iep9wsT6oAwGqBNkBT9CDoD-dURtkwuR_S767ceDv5l3fv9dDbwEDVsOpjHUwqxO6fMvoYeIZFD9KltafrWNhVmhXBj-1ZWx0giLFeUH9b1h5g-tOrAL1e404mI8Tl8xVj5nwwk6Qxp7UOEnsHwbl8ooJeG_5X2AwvIfJguGxOXWGDRYS32WKVFQtY1GvIlU8pGQj4uhxFu0qtk-IpYnUK9xs4d15HIAd_noW4heNUZ4TEFlwBaiUG8g_m7CNpaelRVZcFaqG0VxM5SnDMl7YmUgy8_qT0RCA7tRb1McMyE9GRe_I0MAEkdWLvZIE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbAT6M-fEdATANgTDdgUAdAVAfgWAYAXAQ%26num%3D1%26cid%3DCAQSTADq26N97XhDFYy2_5VY3LgqiPClaEiyCLP_XOMgSbd1IWYP0eJiLOjisVYePcWAegDp04nPYUpGNVBmUUJpLdClRIA04EDSA_K79fEYASAT%26sig%3DAOD64_3dlIvquWYHP1d_NDh0Skuf9yyt5A%26client%3Dca-pub-2813963760383841%26dbm_c%3DAKAmf-AITh0KXE8i_Y84Y7XqIEDleeC4xBaGpPV79BZfOig45k4NX9BNEbdU9FgmOVHv3jtfpE8wLAsYeyWWp9b026bFnWgZKLBKErr_QVOkOqLxzBhnZO1Bg-BagSA9UWzGd7iNcCucRr9E13u-7n19VMuBK9WO-rchOxQD8tJpubpIOIm8PbU%26cry%3D1%26dbm_d%3DAKAmf-CvwdsUV9M_0_g0qzI_oJM9MPGI-Kbc89eLJiLJxugwgaNrtk-wdjkuve0q1RsEDMydZxFg6vMcz6vEBaGj1II2FCLQNmoL9qW8Rp22mC7M9zcIayGO_FoynewgEDXCLTGo4RNww90BBjVFiLcGgu_hNZyFjLzinAFMkregJWY6-skNV2VN9CQfRHy7g7svLkiTkEXtC8kSKMYYIS4k9ptpajMe11Jvl2518XMpDJ3fpdWEa6S_L29cLKh1CpnFXNaHUOtiifcjG2h1oEyQsNkvX0wm3JPKPxLQ9GF6LfYjQ3yHasoy3hNaz0qIn-9U8vGfVbJdpR2pehhWeCJ5AxyM786x1spA1EHkiINUQDgA8CIdVP6rEpCx_-FEe4lYib6HP9Z-hAN6ptTg5zmITH3Q8nNcFcYSss1pkriC8u0HGfT_CxcD9hrx0rABwqPPwiJlbI6g-lhdTgx7Sp2EzxQwswVr4-I2ajDYM-7mYlRcGDf_SsXplrxU89ajAcVhfkCVIUpXOortFcPjIWtShv1fYZNyEQ%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63826d4f64dc1&adUnitId=2900&jvxSessionId=1669492047.9767&base=1&creativeResolveBeginTime=1669492047000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-110.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e171527ece73409923b4d2a66894d52f405921d1cb0a424366401bf81891861

Request headers

Referer: https://as.euw1.jivox.com/
Origin: https://as.euw1.jivox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 26 Nov 2022 11:52:32 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 28501
x-cache: Hit from cloudfront
content-length: 69589
last-modified: Thu, 25 Aug 2022 16:13:35 GMT
server: AmazonS3
etag: "7d83eb5dbd0680b101f29f1e5fa0fec4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://as.euw1.jivox.com
access-control-expose-headers: Content-Range
cache-control: max-age=86400, s-maxage=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: jKbiqjYOTV9_zUPidxhdR5Q3fpIiK_Zu2uBPlBJQQTEyrmL1bRVdqg==

GET
H2 200 es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjY5ODM5ODYwL2FkYjEta2V5PTgxMS9hZGIyLWtleT04MTQvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvZXNfZXQ9MS9iRGltPTk3MHgyNTAvanZ4UmFuZG9tPTAuMjYx...
evs.euw1.jivox.com/trk/72/205853/2900/159897/961ee94c58df6c/29/jvxSId_1669492047.9767/es_pId_8a1b5e9/ Frame C364 43 B
229 B 28ms
28ms Image
image/gif 52.17.68.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evs.euw1.jivox.com/trk/72/205853/2900/159897/961ee94c58df6c/29/jvxSId_1669492047.9767/es_pId_8a1b5e9/es_encParams_L2FwX0RhdGFTaWduYWwxPTE4MjY5ODM5ODYwL2FkYjEta2V5PTgxMS9hZGIyLWtleT04MTQvYWRiMS1pZF92ZXJzaW9uPTI5NjQ0XzEvYWRiMi1pZF92ZXJzaW9uPTI5NzAwXzEvZXNfZXQ9MS9iRGltPTk3MHgyNTAvanZ4UmFuZG9tPTAuMjYxNDc4MjI5MjgxNjAyOS9lc19jZ05hbWU9TU1ERV9NMiUzQURlZmF1bHRfbm8rbG9jYXRpb25fV2Vla2VuZF9EYXlfQm9uZF93aGl0ZV92NC9lc19zZWdOYW1lPUdlbmVyaWNfV2Vla0VuZF9EYXk=
Requested by: Host: 3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
URL: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.68.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-68-86.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.11 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 26 Nov 2022 19:47:28 GMT
access-control-allow-credentials: false
content-type: image/gif
server: akka-http/10.1.11
content-length: 43
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 83AB 0
0 76ms
76ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhasHzTYvmQP5xEveKQAdaJYyBqMmRW_iP8p4IDUgo8DJCBlXRzV_Z2Bf1Gl-wbQqX-SppbccV2RbKrM94Y37hS5b__BBqkv8lkTX9bv9pGTc14oQ_f6ZEomWVMgfs-DQ1V_xCDqOd64DGpwpeq7uazkymed2nZ-naP-78AGgZHKDSKcIkcYq2ntMk0QdyRG48sT61thCf1qILcTQxW0TIlR9JacVI1QDe850Bxs74At0aR4HJne6MPdG8EFrCYpBt-TVpXzVh3j27bFfMh-Ya-RtO4WCiUUBrIIvgQC0mFz_na-LNLI-68JRuIQg8QhFwps8NCK6Mh8a8O54kejH6qB-qICVshejhVY2jfk-Eqj52_KXdz0h5hBppNMsKjYwf5xvvqGtV5X1-Oyo--AhPGe2pu5qrBjVg9SFh-PodcOgcgRwQdrAUuY5JJgJUWiSIRV-9nqOb7pIBRMjzksZ4qL_aelG3pUwB9wJjhcQeUhtBp1raDUn0L6_1ENEQ4xtThYm13iWUdRYb1rGCouhzHBrQuUBsuJk1G4ptcXud7l6-LQT58lrlKuYGzUVfGYE-K8n3CVyBweRa_kIA3bO8iTdM2FQLBgEyaLa8-pdiI-huFVltiUZyg6q586JnodNuzX126nwVedht58TAdgrAkZ8BZ21OrUtLnwdZBwui1XNEXWxG-ZLhrWF2pltk9BzXSue1mwd7rI6eVmNafGQqy5IIqksWr3DTYTGR7pJkpjJmzY9gVg5Qw8ijN9J64hacdU_uMxlK6bC7oNK0C7MBTCeanw-K3k6_kjat_hyplvxlPQPsH23hraDEC_QbTwvRW2MKr2ovfE1CSStBS0iQMHZo52fLZrc3M9hAuBQqokYC5LRqxFLsiwzFLL6poNZoV9cfj832mCF2MdlOkq7oEyXnK55OmJG4UxNDePxWO1iFsD6CGgLdgpTWAbvxPghkP9hTtbGgUoAJlgnbag1ibJpuR80tL_kPiiWHkIrHQvSnPFZXcdMZTxuZP7YnfqmCYxsTtp0sn-x3bcU09b7i4vg0N_fiStw2OvK2HZiTPHLgIRaUDNFoaRJh96cOn0q7g-2bHoCFTBxdMyBglw1b46xgLw4wWzgTO7ehaPEdMnIoWSXBOxqybUo6uQi1Uf_2ULYGuV78Ux_qUV9kTJBGT1rscFOZuXYBviMIFjqPEY3A09sAse922_dpPKXjVhNP50bZpC7r2TWVgx3wS7H6n5uLcnKJC0I&sai=AMfl-YTL9puHS57MTPflve6tdRO2uH-03SFoZpOQx5_7p4ixA6_d_YpPkmr-cRrN_nsUOBE3Bqiu-pCJgDaXmCkzJLLXuPYu2bfhc6QOHzBvl8Qd6ofbqG6COAXiz4nKxqisE7bGvGi-WG6QnB5EKpS026H24LN_m_71b2df2EU-NJVbQCz4dA8N6R5ocbFLRCN7jdgU7Pd6McLxcukiW7bw2Xn2zpbiQ2gH9xoxippXfRUBXqFvHTgpyJKlrgi9IGGBlEDbtA_3xq9ktdmCiyhUzKLUIMoShFqZR8juhtc&sig=Cg0ArKJSzPzm1WjNukWvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=676&vt=11&dtpt=384&dett=3&cstd=290&cisv=r20221110.81117&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: altin.in
URL: https://altin.in/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Nov 2022 19:47:28 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 85ms
85ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34ba1ff26ec3bdde4f020a5ac207800c3c30ce926274c11dcdcba6283e7f41af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11024
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A86 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BugXRT22CY7auFcXP7_UP-rOl-AQAAAAAOAHgBAI&bg=!Li2lLWnNAAbvMpMzzzI7ACkAdvg8WswT5EtNiW_NWIuoRxf_iVrn7lrHR92f_Yvr1qzU0OG9EoqKoQIAAAEbUgAAAARoAQeZAuuOlG83nmXfZRJ7VAHp46BZ6fkcCgok3fYflWg4fDCWkp6azMH8QF2V2wv2W2cPcoCXmvjL9r317PsVG1twf83ZqIDmNEy03zWbHB5Wb-gq28eGz_uE7hr8eti_OYTWbOS9i5Z5GiYilL1PL-pEzeIBq72fWQmAC2v8N_Z72xAmeIKY2FeluN1GZWZ8ot-SYrTywSejAYMXtl0L8ZVKt-QnvngVPK2CMQg-qjhh0bw4zift4hJ0VJfcASBAIQ6lIzeYPL6YxmUcTT1MpEVxSDvaODvWguplvlzW-dNAbRpGR2OvQDNhlNU6xdhfIzwSdChXen5B9gb_cbT2SJs_DTF9RGo2koHmPY_hs2bZlVu6VXZYW-302MDIQSPLMvf18H_Zy1xZCksJ-P38lecgQy3xVtlNJDYY0RLxSJNuRdeVXWcwVOOaS2m6pqKsl43xLwmaR3sY063j8EsKxva_Km03ZYSaBkOaN3o7YmsnqAmTRZbhKI23pwON2uSB8XqcSFW8Kh-V9-otzu6WSZOal37hMgqnAu6-j8b8DqYDQtd_svKaxF5vWh4i2NizTKwpQUkObgexM3P0uVEhnFiItu7nynXw5wSKLT77CRVW-CP8UaIlUyrWaO68MAPnA6FWQK3a05iBjRtCJt8zni6A7BXk66hYRjh57rwf39dq3K1pYTt7Bf-eooDv945_85H32fjivBpd9gKdTEU62stwKcdUhXwPq6Yc1C1UpAbMuIiCFkFGPo2jplrVzEAgtv4Bm6aWZTPJK8RLhJfv5SfQO_zIKxCqp0OZqTD0SWtK2UADOJgtVem64isdCZN2FKm3r8iS0O32r71fx-VoVzxFoerGV0FR04UHpeV_nv3O0BpRt0IIAwj1c2xbFNVyVg-JuWjBiyLnBdE7sRMbHT8JxVc13cJcnEsSJ8Rfk4cFNp7g8lMGtEifqcJiZXtXNsOHhEmjjTc3g-4eovJFE1bp0-a1SsuDcaxZRG8CPZ8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 59B2 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAtzUT22CY4L3FJWMlQeh_KeQBAAAAAA4AeAEAg&bg=!r6ylrOjNAAbvMpMzzzI7ACkAdvg8Wnj-g4b-xJvMOUKyJwJ0K-CJo7XmrxEaJoG0yGmVJ6Pzr5lmFAIAAAD3UgAAAAJoAQeZAu5WFMXE2VfXKz1jQRNr3PNEwMSkOtEuNnywZH4iQ6LRUGyk1BeG6Wwc6A_LqQvBs_QcXKF0eCGWsSJuLG7DaOMaLdTA0RvH23nCQEjuMqmCFVceRVW7M3pjrkQsaFS2z5MSWtiwp2enHO8LE_lJK6TFQTj2KxSfTVXvWKsuV4Zfq-6eTYmgF6uartksJ0LlZ61E12Bya31BHszvfuOmGbM2UtbHPlKpYOegOZ3pBW4C7XcHZCMHbLmGTGR8Tu4HOnpvyM_V9EiRYzHZRubPkQcm3KRge4dvUe1nIp2tPetv-uZMCOUr9uIdQqpexCsRRmv4EA0YOtNxbx0Ne6GuE-Q2YvDbPzMWq_VRPpoVaqZ_pqGLMCoN09-FkbgG8JZtqkz_x4h6W_V1OeH52jOIt6NVjEPoKBJ89oeN2Gfm6sfvAw6aCIkHN_mnT28csPt4OvqlkXIvqyb-EV9Okx5RWB190BV_MwulqNElQwIyqSHkTq-NU-yQen4tD5NCh8hBiGK76KC4WeNmzDy1hi-r5stDU0MXnaiXD-yPq-Bl4-S4gwkn323O3XGcpUlFZEX4IxsBKmP9wrgaLwOwrIkFdVefzSVnDnj1tgdILhbv37U0iaJ5NXyJ9NYru8iIGA4NcNraSEcSl6JSRPsjW1chcu6VlbBl_UbU4QwF5Oxn_Rh8L5oqhH4Ok4vEzmpxrpN8Oxr5o-P541jcVAc--sXLqjagj_7JvQKd6_usTRJ39iRdRp2A7fVjYQmQ_38a4J3p-jTIhH-l-yCoBTXGc-JiCzpgeb8F1V_1g4R059Dl8wpS0avlOSowjXMTblJh_L1_auVi4UA49vwzXwy41D4TN-c5Eu39u17KDY2z-w0teCxbbuQhHDS8inhyrnIKpINcnnSBTDdoIZGBYf_GkpfHhyPptilcCtBCNk21HbcfRHeZkZqpI1wtqwNhkEUQtpOjliIyl_ig3JrwQANFNXMN25zsJeL4uWJz0ITjeEVvuLk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 83AB 42 B
64 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSlDOzpuJancPpWjgDlZQ_j_9CvNGkv6hckl5YAhrHK0BcHfi7sWsmLjhvjTfEbgxIRA7C9XQJGtvqN4DkSk1Wv-6RIsxT_Gcs1311LQJs-a5k0brHtrW_crKOzF82vBCzyEhtoA&sai=AMfl-YRAZqTJwBwqKq4bJZyrS3r7s6C5fk0lH3649dj3vSXmP5JP8-YTSNr1T4uKKlum_az41xTIf39ypLrIaDtNlzmIwJ2pZ-rTSOk0qqt0WHk4lgJKuB4u-QO93g-gkwma_wDDo02qWExUkXuEhqI&sig=Cg0ArKJSzFqz6klBsh1HEAE&cid=CAQSSwDq26N91BJTU8jx0CvcIrIu_h7WFs93AVWQmg37D21nrCzYAL36Alo7EU3cU9z4_QBc9HdJYGGTmThQiaLEBTs6nVm_Op9ksYmKJRgBIBM&id=lidar2&mcvt=1000&p=661,264,751,992&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=644483462&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669492046863&rpt=695&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Nov 2022 19:47:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/gpt/pubads_impl_2022111501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 19:47:28 GMT

GET
H2 200 2021_CX-60_GER_LHD_C118b_EXT_RQ_White_High_Japanese_Premium_WhiteLeather_Home_withcharger_till20240131.jpg
cdn.euw1.jivox.com/files/72839/Template2_FinalVersion_DE_V3/970x250/Frame2/ Frame 9C1E 59 KB
59 KB 8ms
8ms Image
image/jpeg 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.euw1.jivox.com/files/72839/Template2_FinalVersion_DE_V3/970x250/Frame2/2021_CX-60_GER_LHD_C118b_EXT_RQ_White_High_Japanese_Premium_WhiteLeather_Home_withcharger_till20240131.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-110.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d416023a2dd5c96990af0e36559b41b42d28e39049975d54efccf53ee4c496c

Request headers

Referer: https://as.euw1.jivox.com/
Origin: https://as.euw1.jivox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 26 Nov 2022 12:27:40 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 26389
x-cache: Hit from cloudfront
content-length: 60178
last-modified: Thu, 25 Aug 2022 16:13:35 GMT
server: AmazonS3
etag: "aa0078146074870fa988838d54537b46"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://as.euw1.jivox.com
access-control-expose-headers: Content-Range
cache-control: max-age=86400, s-maxage=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 3Mq4R-xaFicgvraCP6r015izmj0j9BOF0Xke3KtYaPWu666U52qE9g==

GET
H2 200 Mazda_CX-60_CraftedInJapan_Sideshot_49_RGB_5000x3750_2022_Eur_Engl.jpg
cdn.euw1.jivox.com/files/72839/Template2_FinalVersion_DE_V3/970x250/Frame3/ Frame 9C1E 28 KB
28 KB 8ms
8ms Image
image/jpeg 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.euw1.jivox.com/files/72839/Template2_FinalVersion_DE_V3/970x250/Frame3/Mazda_CX-60_CraftedInJapan_Sideshot_49_RGB_5000x3750_2022_Eur_Engl.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-110.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8636c0f681b460e3d6d075d5490e4744fd47d6e987baaca09cd8973204bd3993

Request headers

Referer: https://as.euw1.jivox.com/
Origin: https://as.euw1.jivox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 26 Nov 2022 12:26:14 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 53582
x-cache: Hit from cloudfront
content-length: 28343
last-modified: Thu, 25 Aug 2022 16:13:35 GMT
server: AmazonS3
etag: "15edde7ca938cb793e071fd5b7f3aeaf"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: https://as.euw1.jivox.com
access-control-expose-headers: Content-Range
cache-control: max-age=86400, s-maxage=86400
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 91VgQ1-dTHpnDK2XDh7ndCE-C8xfBX6az4nJoz3DxnVr7pJ8PRdEhQ==

GET
H2 200 logo.png
assets.euw1.jivox.com/widgets/2022/10/a72798z635ab6c7de41d/1/970x250/images/ Frame 9C1E 16 KB
16 KB 14ms
14ms Image
image/png 108.138.36.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.euw1.jivox.com/widgets/2022/10/a72798z635ab6c7de41d/1/970x250/images/logo.png?1660821615280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-110.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e38423b55ffa87c8d9803d8c50f28bbb28086658b6ca3973d9849bcbd29fe45e

Request headers

Referer: https://as.euw1.jivox.com/
Origin: https://as.euw1.jivox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 26 Nov 2022 12:25:45 GMT
via: 1.1 09b934fc5a2991212bdc3b299a0a1cb4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 26504
x-cache: Hit from cloudfront
content-length: 16349
last-modified: Thu, 27 Oct 2022 16:50:18 GMT
server: AmazonS3
etag: "7f0160e79867e7360cc692e067174aeb"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=86400
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: u6kU-6-sa3wXH76rcaXLZosFdMhYeN-r0KgaQ2yFZhtH2ZPsFpZ25Q==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7963 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://altin.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 18:48:41 GMT
expires: Sun, 26 Nov 2023 18:48:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 49F1 783 B
537 B 126ms
47ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cfa831aba6f665d570674f35474fbdcbade62c57951f9ca7a8246081f51bcfba

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hjHcLK3ZBS3VdkH4bU6H1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://altin.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-hjHcLK3ZBS3VdkH4bU6H1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 26 Nov 2022 19:47:28 GMT
expires: Sat, 26 Nov 2022 19:47:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js Show response
pagead2.googlesyndication.com/bg/ Frame 7963 36 KB
16 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HXK1UBO5dJ_nYlUyX89SMP4zFPzfcfFy3F4kBoREzco.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 22:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16085
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Nov 2023 22:14:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 49F1 0
0 71ms
71ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=3899033722871889&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7963 0
11 B 40ms
40ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ycRfJg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 19:47:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 74ms
73ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=3899033722871889&bg=!Z2SlZCDNAAbvMpMzzzI7ACkAdvg8WqLR8yf3Gnju1ASQ9f9pC_C0OJOjrkU1qW5bx4_N_eBljhrRlQIAAACHUgAAAAJoAQcKACDzKSfV7aPci_XUrs1ZDkUytosfub-YugEql48atYnxD5kCnAB1NQNc_Nk9xwXK9KHjw5lpjjooxc8MG92M4gmEpGK-8EY59U3FnQm7WvuKE278Cx4brZmgzAKglVcWAh36_X5sKRLJ_RxCTi9oWuM9crkGt6tWy_84ro5xYebMdoyN_w3KyLmMcITaOqidUqnDlDc6AfJHycEdycUiUVR1ZQ_yAGqBCUjy46M6R1fKGYKhwEJ8U0VoxR-SjByagjSLWXgBtc2dwKmvqvyQlgWFCxmN1eJ2j6VtYgFaHyRPUd5xJhvQbSUpAng7Dkk0t0fok2lOCLjWqw4I3OFOJwygzzgir58L8MexaSEsXOwvSIHwxUBIAcq0eDIGFjc-8_SUtJJklGqusw-E6cFkjVe69VfIMFSGvistVe7LyFQAIVg3iis1Y640-Bk_eDTmN0PR_v-eVDRSk_HT8X1DcgJdJ10N-DSCoqCKDifbd2JwySRp6iUmYdIH4k9QWHRMiGGCDBwLHsaXTLwIjN04_34ENA-lxcaOFKHJZMDWBJ_jIpD0bhaPW388Ag9tgm1649LmsN8eQXX2aCU24dWV_pYWjagijdcmxQzgKwrdVaDywTbLENH4NqK_QtWO1qem38l07vM4mti5U1sYoufF6YjScjK1kO38TDLvo-cEBjyyA13bcP3LY7dRC-MgvMlljlX1lnRjDLFbEIr_TRCbQJ6n82Pv0jSJ-vGQCiKDvBLWW8TpE670nHIjSdoDqYsCNzuhWju-9ItdRbqWY9To-dtEEryFX-pLzYAxX87ksG2Ckn2kvOlEMn9MYjFTEMjGbrvKvZ707smFxm4YzGfFZ0qmDqSnNig8egPgocJrd3MSx48eXhVwgrDEhJh3Zb8qEUW0XyFY3rFd7FXi75wt6-C6KcYn5UMbU8Jz7bKysjHi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

GET
H2 200 guncel.asp Show response
kural.altin.in/ 68 B
215 B 184ms
184ms XHR
text/html 2606:4700:10::ac43:2824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kural.altin.in/guncel.asp?ajax=ons&ofiy=$1754.7650&dfiy=18.5863&efiy=19.3243&pfiy=1.0390&sfiy=22.4795&gfiy=12.8257&zaman=26.11.2022+19:47:30
Requested by: Host: altin.in
URL: https://altin.in/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0b5d46bc04a682ef8dc0a7a80a0c050f49961933904e4a192c7862349729ec20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://altin.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
pragma: no-cache
date: Sat, 26 Nov 2022 19:47:31 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Sat, 26 Nov 2022 16:47:31 GMT
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: https://altin.in
cache-control: private, max-age=120
cf-ray: 770522e63f2490a3-FRA
expires: Fri, 25 Nov 2022 19:47:36 GMT

Verdicts & Comments Add Verdict or Comment

457 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
altin.in/	1969-12-31 23:59:59	Name: ASPSESSIONIDASRCSTQB Value: CELPHCABGCOPPNFMKDOAONAL
.altin.in/	1970-01-20 17:20:52	Name: _ga_GRD9HD6XEV Value: GS1.1.1669492045.1.0.1669492045.0.0.0
.altin.in/	1970-01-20 17:20:52	Name: _ga Value: GA1.1.184454585.1669492045
.doubleclick.net/	1970-01-20 17:06:28	Name: IDE Value: AHWqTUmCCsD8zMov2qlUGY4kV0lQq_wJZ8-lxUxfAVT_yvkBmF3tDbAUODP74FdziE8
.adnxs.com/	1970-01-20 09:54:28	Name: uuid2 Value: 5551299937063984881
.casalemedia.com/	1970-01-20 16:30:28	Name: CMID Value: Y4JtTqRU6iWhaVW2hpkrPgAA
.casalemedia.com/	1970-01-20 09:54:28	Name: CMPS Value: 3284
.casalemedia.com/	1970-01-20 09:54:28	Name: CMPRO Value: 3284
.adtriba.com/	1970-01-20 17:20:52	Name: atbgdid Value: 75d6f2da-24bf-4856-aa64-760d2cab57b0
.altin.in/	1970-01-20 17:06:28	Name: __gads Value: ID=ff0f58a7e8ffbbe9:T=1669492045:S=ALNI_MYyqgrLvvWF0JrJhjE9numu1x2y1Q
.altin.in/	1970-01-20 17:06:28	Name: __gpi Value: UID=00000b87cf7dbdcd:T=1669492045:RT=1669492045:S=ALNI_Man77MYraPOEx1Cy-r7_OafIymYPQ
.doubleclick.net/	1970-01-20 07:44:55	Name: DSID Value: NO_DATA
.jivox.com/	1970-01-20 09:54:28	Name: jvxsync Value: tokauzjbK2UT
.adnxs.com/	1970-01-20 09:54:28	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$Mqk=)O!]td88i_iqf!oN/@E'zz<Z0Qp@VqPf+?uQW0k>TF`5jNyi(u8Ac>w`q[bZ<QG=%9sk@3@'s>T+y]qF
.casalemedia.com/	1970-01-20 09:54:28	Name: CMTS Value: 2218

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3652042f3e7f151ffd70bf0f8844c1ac.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
altin.in
analiz.altin.in
as.euw1.jivox.com
assets.euw1.jivox.com
cdn.euw1.jivox.com
cm.g.doubleclick.net
code.createjs.com
d.adtriba.com
dsum-sec.casalemedia.com
evs.euw1.jivox.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grafik.altin.in
ib.adnxs.com
kural.altin.in
pagead2.googlesyndication.com
partner.googleadservices.com
playercdn.jivox.com
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
108.138.36.110
108.138.5.230
142.250.185.130
142.250.186.162
18.66.112.110
185.80.39.216
185.89.211.132
2001:4860:4802:32::36
2606:4700:10::6816:148
2606:4700:10::ac43:2824
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2004
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2006
2a00:1450:4001:831::2008
2a02:26f0:480:f::213:7edc
3.73.210.71
34.240.46.197
52.17.68.86
01f507e83684e82a1b8d8c018c7c20e106d3b266fbd1fa058ccedaa8137631be
02e763cf1b2b78cc8ae7f6cb99afe6660ecaeaeb3bb83d3641faae8fa9e061f1
0b5d46bc04a682ef8dc0a7a80a0c050f49961933904e4a192c7862349729ec20
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e171527ece73409923b4d2a66894d52f405921d1cb0a424366401bf81891861
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14a65ee4a5fb40eab34351996f8ee7a4b1b721170608934f756ac6b022c6c2da
172254059ca6046495167df0acda0d719a5e6ccbf6ee3f8aa0f40b3fdea50baf
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
188d2690809e008146e4d0cb07bed8f89bcee1aece5455e15b4b234a18a37bf9
1d72b55013b9749fe76255325fcf5230fe3314fcdf71f172dc5e24068444cdca
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1f97a46fd9b928a5581f1ee03b3352452cac962b08080e8de2db1815d4202eb0
23ebdfd80207be60d505400913376c4f6336f52ab65e999919d23b3a332bf030
240fdbd22dfb9c9b36903268fcec2fc2dd094441ccbd0aeb12b4bbe69850b1ee
2675ab1d1852f1aa30e272d7c2b1b9616e1f4771a94860e0d92bc7fca6c3c48a
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2df92541c60f3ca4096f106e901f2b4ab11161745ec3fc1095c3917e1758becc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3417fdb5e707c098dd11ea7e5cd80451c6ec9e28d98ff13fcc340e49af4b956c
34ba1ff26ec3bdde4f020a5ac207800c3c30ce926274c11dcdcba6283e7f41af
35eae0300d6391ba136415824122286b4249ee4319c7d77bb66323d7fcbecd89
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
3d2c7477e7418b42a967439d1fb117b25369aeb385be8ffb25c3f9c97cb85cee
42a9e5de6c5e3ad63bcb23d9d58a6aa12e0f20105a6dabe055cf853f081cfbc9
4319ce72ef232e2bd3bcd6b48bfba7f179a340799a899a343c040ac7530755d0
44520c964e210bf9547693ef40b363f0e3078287389b592c0824ccb9c79be643
44d7c0eb92d298eaed96bddf8948d71e77e84c8398f9d6131db0d58b58198c0b
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b2693165191257cc393def17118aa421c254bf6258caebd967a66968bec4b31
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c9d2bfca129473e62b225652cac5af6dde4e5bdf021dcce9a5d7fe69ccb2e6b
4d416023a2dd5c96990af0e36559b41b42d28e39049975d54efccf53ee4c496c
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e51b22d9b5d12f0703d890d9cd9d8f59dd08b7363a4ce6328ce8fc2fd0493c7
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e88b473971d821aaa711a0030993316867cd4e7be5a4a542c0d41fd7218c15
51296d61497876b8cf13f57f6c6d92af6a4d2ac3645f8bf59b633133b3d8c0d1
526e5fb6edf6e32bf819f03036bd59f3c762ae211db67076c1605271d2e96db0
52d14a865c98b96488d22df2dcacae4454c1e0a382e65a0156c3f8e1af74d0a2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63000f9ac942b75daec772bb01db9789eee4a01f6c89da9a6d553f06e775a767
648cd058b9f3c02be575b7dcfc6636b6118d3be99a55a5cb72f36e9b9311f52e
65a189489f8c3fac274f74175e7b0d287dba4fa0a5799f32d0d2ace73311b9a8
678b3cae19452e95842bebedd844ab5491a4fe873ba5b3e5bca522cc4e45c3fd
69df1b93a8e2fc6982e05f21d3d639683b811e2e83a31e9201c99ddcf45673f2
6a98f99051c970840c61fb4af716a8445a483c787461a95b151e821db0d13774
6c0562ce42b901e5503a00a47c4a8f04c731ae3153f7f310c1cd77d330ea8a23
72cadedb282844f857a8035f238c98132579495f6c73ecb0344616f7d36de697
7778113e7bd41406d1b6434c188f2a518ff397904a7e379ac2566638e3121c09
784932e5f33f06283e70e211805a9569b1684ba80f661489b1c2956f44c07ac5
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
79f5d96f151348171246df7bba1881d02dc3f1b73ce4ad387edc43c7b638a2b6
7bde685766b1401ef1a0ba148c13f66fd7ab02189150c91bd9fc9ceb0a04e4e1
7fa5afeffe1961425079979dfc28ad6f3e03a8c168db0c6325913c98fde9bbe0
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8636c0f681b460e3d6d075d5490e4744fd47d6e987baaca09cd8973204bd3993
8bceab02cf9b649d65de0b07dc85759110a7ac1d7dd2d1923637f551026220cb
9372fb2e167a46b5df506ca8593206762d814ae705616ec2b6d8a02370430de8
9423269a7f4d0dc276ee47a2b7fa33df3284d350f38792dcba7c45174329fbdb
984b41505d399e23a35464a3b20687130760209264e35b7c057edf3a83e313db
9c6fa8db95889fc6a637cec7ce36edb2f7e428a412ced261f5105447a6a4a381
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1f4dc5c109d175a84c65edff828c092cf5b38dcb8cb9473d804d4e73acf386e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a922ea5db92a5ca9789c9558dc6d6a952c1a8e56b9c97778607dbb6251e19e44
a9b221c6be6087a312ae85a590c3c1c4a070e68e02048725b649b58884860625
ac67eba217cc24846f0d650dbf24e7e1f96928839f20a70ddeba99bfa284ca23
afa44cd4765cacf12bb426d7ce6dc945fa073d4379290bab1c24c1901bd89733
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3706372cdba21ffa2b7c9e2eca6e2c60be5260a5600cc8183a0a61d5927a56b
b3c833d8cdeb548d8e816479488bae23c71c68a6e51dca5dc16e3f44a128edbd
b7ccbe563527b822b1581d11c0ad435824a714bac0b99c43ab60aca577e74691
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2aace78ecdfbd38353409e3457ba6ebe9b0409d90dbb308cbab227c073f3002
c63e9b64e7eb93ec590c9bbd69b4acadf34d73324caf8aa17ce16bae6d9c4b58
ced05fb267fccd2c83da1c09defe17b3319783ac50fbc3096cee51dfa70ad161
cfa831aba6f665d570674f35474fbdcbade62c57951f9ca7a8246081f51bcfba
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d7eb2ab7af91528473a87e2a48b94c9d1bb89cdc87c1e8afa4a8d0f119131ffb
da1279e938d0e82b3ce0b9328d8559be8a0141819099d658b4808a8e67f83184
e38423b55ffa87c8d9803d8c50f28bbb28086658b6ca3973d9849bcbd29fe45e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4a4326209997a077d9078967eb02c86ac6dd7780d0871ae7739c5e49f21526f
e4e80c44f63d394723959349a94267dfdc1386ad33245c473fc7e14fc1ff6d8b
e5be30616d437d2baf9041a6648598542ae30fed30d261b002266e5d58969685
e99a11737fd1a2634c21e73a18a1f18f5efe0b16ca6483fff422751ad0de3743
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
f2f6b60bd26c0537be31dfaf2beed3ed6c9d26dcc73e62401895463cd911bcaa
f49b30cda22443f9b3afa532272ed42bf211927801931bb884808803c87cd9a2
f4ef375af853cb507d64cafd2fe2b71c2e03c62e6ead0aad8548cc2760345ab1
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f6c84a15873bbae73ff06857139327b85a6869fa0e21d36666aa2bb5d9bbb19b
fa85a4366200f608a99ecf4b1b933babdd9c5662cbe5d518b3daa57e53dbd85b
fb1989ae99576b0adc89244f89fd038685cf8afc1d32c7394b1868dadd4b9f7c
fc48c466917b97c66484c9785b6df4889940c4cfa18ae314ea2b2a577547fd5e
fd07c4b54b6b66b44893e9a228f04f251eb4c31455373c08a9eb6292be7ab357
fed56d5fca8828106447665247d9bfb8feb806aa35299fb385ead8fc9468a478

altin.in Open in urlscan Pro 2606:4700:10::ac43:2824 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

179 Requests

93 %HTTPS

63 %IPv6

17 Domains

30 Subdomains

27 IPs

4 Countries

2486 kBTransfer

6387 kBSize

15 Cookies

57 Outgoing links

Page URL History

Redirected requests

179 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

altin.in Open in urlscan Pro
2606:4700:10::ac43:2824 Public Scan

Screenshot
Live screenshot

Full Image

179
Requests

93 %
HTTPS

63 %
IPv6

17
Domains

30
Subdomains

27
IPs

4
Countries

2486 kB
Transfer

6387 kB
Size

15
Cookies

179 HTTP transactions
8 data transactions