easy-fengshui.com Open in urlscan Pro
3.66.136.156 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://easy-fengshui.com/
Effective URL:
https://easy-fengshui.com/
Submission: On March 06 via api (March 6th 2023, 6:39:58 am UTC) from US — Scanned from DE

Summary HTTP 378 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 72 IPs in 14 countries across 63 domains to perform 378 HTTP transactions. The main IP is 3.66.136.156, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is easy-fengshui.com.
TLS certificate: Issued by R3 on January 6th 2023. Valid for: 3 months.

This is the only time easy-fengshui.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 80	3.66.136.156 3.66.136.156	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:230... 2600:9000:2304:e600:1d:3142:8200:93a1	16509 (AMAZON-02) (AMAZON-02)
17	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e2:... 2606:4700:e2::ac40:8917	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700:e2:... 2606:4700:e2::ac40:8817	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:80c::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:400d:80e::200e	15169 (GOOGLE) (GOOGLE)
1	18.192.139.0 18.192.139.0	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:d800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
34	2606:4700:303... 2606:4700:3031::ac43:d4fd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:820::2003	15169 (GOOGLE) (GOOGLE)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.225.78.128 13.225.78.128	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:a600:a:e047:752:b361	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:804::2003	15169 (GOOGLE) (GOOGLE)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 17	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:20e... 2600:9000:20eb:ee00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	54.220.176.181 54.220.176.181	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	52.48.251.105 52.48.251.105	16509 (AMAZON-02) (AMAZON-02)
4	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	104.18.22.41 104.18.22.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:6b::7	15169 (GOOGLE) (GOOGLE)
3	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	35.156.29.78 35.156.29.78	16509 (AMAZON-02) (AMAZON-02)
1	3.72.124.192 3.72.124.192	16509 (AMAZON-02) (AMAZON-02)
1 1	35.205.207.25 35.205.207.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
3	185.29.134.249 185.29.134.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	138.201.63.145 138.201.63.145	24940 (HETZNER-AS) (HETZNER-AS)
1	92.123.37.164 92.123.37.164	16625 (AKAMAI-AS) (AKAMAI-AS)
4	138.201.63.117 138.201.63.117	24940 (HETZNER-AS) (HETZNER-AS)
5	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:401::1 2a0b:4d07:401::1	44239 (PROINITY ...) (PROINITY PROINITY)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.16.151 49.12.16.151	24940 (HETZNER-AS) (HETZNER-AS)
1	35.177.30.54 35.177.30.54	16509 (AMAZON-02) (AMAZON-02)
1 2	142.251.208.102 142.251.208.102	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1 1	134.122.57.34 134.122.57.34	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 2	135.125.160.160 135.125.160.160	16276 (OVH) (OVH)
2 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	216.52.2.39 216.52.2.39	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	35.74.107.114 35.74.107.114	16509 (AMAZON-02) (AMAZON-02)
1 2	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	13.224.189.102 13.224.189.102	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.118 13.225.78.118	16509 (AMAZON-02) (AMAZON-02)
2	18.133.166.146 18.133.166.146	16509 (AMAZON-02) (AMAZON-02)
1	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
378	72

80 3.66.136.156 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com

easy-fengshui.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:e600:1d:3142:8200:93a1 (United States)

ASN16509 (AMAZON-02, US)

sf.ezoiccdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e2::ac40:8917 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e2::ac40:8817 (United States)

ASN13335 (CLOUDFLARENET, US)

basher.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80c::2001 (Ireland)

ASN15169 (GOOGLE, US)

ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:400d:80e::200e (Ireland)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.139.0 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-139-0.eu-central-1.compute.amazonaws.com

videosvc.ezoic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:d800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2606:4700:3031::ac43:d4fd (United States)

ASN13335 (CLOUDFLARENET, US)

streaming.humix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:820::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-128.fra2.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:a600:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:804::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.184.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:ee00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.220.176.181 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-176-181.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.251.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-251-105.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.22.41 (None, )

ASN13335 (CLOUDFLARENET, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:6b::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr2---sn-4g5ednss.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.29.78 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-29-78.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.72.124.192 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-124-192.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.205.207.25 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com

ads.avads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.145 (Böblingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.37.164 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-37-164.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.117 (Böblingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de

hal90003.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:401::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.16.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-1.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.30.54 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-30-54.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.208.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.122.57.34 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.125.160.160 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu

c.eu1.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.74.107.114 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-74-107-114.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.254 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-102.fra2.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-118.fra2.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.133.166.146 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-166-146.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

id.a-mx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	easy-fengshui.com 1 redirects easy-fengshui.com	583 KB
57	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 140	589 KB
52	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 pubads.g.doubleclick.net — Cisco Umbrella Rank: 441 cm.g.doubleclick.net — Cisco Umbrella Rank: 202 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 221779	352 KB
34	humix.com streaming.humix.com — Cisco Umbrella Rank: 26035	2 MB
33	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 73 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1939 www.google.com — Cisco Umbrella Rank: 2	56 KB
14	gstatic.com csi.gstatic.com www.gstatic.com fonts.gstatic.com	148 KB
12	google.de adservice.google.de — Cisco Umbrella Rank: 8947	2 KB
8	redintelligence.net hal9000.redintelligence.net — Cisco Umbrella Rank: 35870 hal90003.redintelligence.net — Cisco Umbrella Rank: 270391	53 KB
8	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 8525 g.ezodn.com — Cisco Umbrella Rank: 13919 basher.ezodn.com — Cisco Umbrella Rank: 8912	196 KB
7	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 378 mug.criteo.com — Cisco Umbrella Rank: 2719	9 KB
7	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 265 c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1149	2 KB
6	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 442 fonts.googleapis.com — Cisco Umbrella Rank: 36	344 KB
5	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 912 id5-sync.com — Cisco Umbrella Rank: 404	20 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	243 KB
4	mathtag.com tags.mathtag.com — Cisco Umbrella Rank: 4714 pixel.mathtag.com — Cisco Umbrella Rank: 991	3 KB
4	openx.net 1 redirects rtb.openx.net — Cisco Umbrella Rank: 1367 oajs.openx.net — Cisco Umbrella Rank: 2450 google-bidout-d.openx.net — Cisco Umbrella Rank: 2399	1 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18601 api.webgains.io — Cisco Umbrella Rank: 51787	31 KB
3	medialead.de 3 redirects pv.medialead.de — Cisco Umbrella Rank: 49470 medialead.de — Cisco Umbrella Rank: 49025	1 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1183 bcp.crwdcntrl.net — Cisco Umbrella Rank: 858 id.crwdcntrl.net — Cisco Umbrella Rank: 1430	10 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2425	20 KB
3	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 980 pixel.quantserve.com — Cisco Umbrella Rank: 779 cms.quantserve.com — Cisco Umbrella Rank: 654	10 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	163 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 712	487 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 589	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 725	1 KB
2	dyntrk.com 2 redirects c.eu1.dyntrk.com — Cisco Umbrella Rank: 4470	1 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 105848	6 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1886	24 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 377	2 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 726	2 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 3797	315 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2292	790 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 313	921 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 995	404 B
1	a-mx.com id.a-mx.com — Cisco Umbrella Rank: 3584	789 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 46652	3 KB
1	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 5325	44 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 1996	550 B
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 114828	312 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 40433	2 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 158522	401 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 132014	931 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 48696	607 B
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 1469	710 B
1	avads.net 1 redirects ads.avads.net — Cisco Umbrella Rank: 24093	441 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 518	35 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2856	104 B
1	googlevideo.com rr2---sn-4g5ednss.googlevideo.com — Cisco Umbrella Rank: 94096	2 MB
1	ytimg.com i1.ytimg.com — Cisco Umbrella Rank: 1615	11 KB
1	connatix.com capi.connatix.com — Cisco Umbrella Rank: 3072	330 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 701	438 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 296	265 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2643	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 625	13 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 339	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2734	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 3461	2 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	562 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	17 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 924	632 B
1	ezoic.com videosvc.ezoic.com — Cisco Umbrella Rank: 25685	684 B
1	ezoiccdn.com sf.ezoiccdn.com — Cisco Umbrella Rank: 28412	12 KB
378	63

	Domain	Requested by
80	easy-fengshui.com	1 redirects easy-fengshui.com
35	tpc.googlesyndication.com	googleads.g.doubleclick.net easy-fengshui.com ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
34	streaming.humix.com	easy-fengshui.com
20	securepubads.g.doubleclick.net	easy-fengshui.com securepubads.g.doubleclick.net
17	cm.g.doubleclick.net	1 redirects easy-fengshui.com googleads.g.doubleclick.net ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
17	pagead2.googlesyndication.com	easy-fengshui.com pagead2.googlesyndication.com googleads.g.doubleclick.net ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com easy-fengshui.com
13	adservice.google.com	securepubads.g.doubleclick.net imasdk.googleapis.com pagead2.googlesyndication.com 5994599.fls.doubleclick.net
12	adservice.google.de	securepubads.g.doubleclick.net imasdk.googleapis.com pagead2.googlesyndication.com
8	pubads.g.doubleclick.net	imasdk.googleapis.com
6	www.google.com	1 redirects googleads.g.doubleclick.net easy-fengshui.com tpc.googlesyndication.com ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
5	c2shb.ssp.yahoo.com	go.ezodn.com
5	www.gstatic.com	easy-fengshui.com ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
5	www.googletagservices.com	googleads.g.doubleclick.net easy-fengshui.com ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
5	ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	go.ezodn.com	easy-fengshui.com
4	hal90003.redintelligence.net	hal9000.redintelligence.net hal90003.redintelligence.net
4	hal9000.redintelligence.net	easy-fengshui.com hal90003.redintelligence.net
4	gum.criteo.com	2 redirects static.criteo.net
4	id5-sync.com	cdn.id5-sync.com go.ezodn.com
4	fonts.googleapis.com	ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com easy-fengshui.com tpc.googlesyndication.com hal90003.redintelligence.net
4	csi.gstatic.com	imasdk.googleapis.com www.gstatic.com
3	tags.mathtag.com	ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com tags.mathtag.com
3	mug.criteo.com	easy-fengshui.com
3	www.googletagmanager.com	easy-fengshui.com www.googletagmanager.com adv.office-partner.de
2	api.webgains.io	analytics.webgains.io
2	onetag-sys.com	1 redirects ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
2	ap.lijit.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	c.eu1.dyntrk.com	2 redirects
2	5994599.fls.doubleclick.net	1 redirects easy-fengshui.com
2	cdn.retailads.net	1 redirects futalis.de
2	pv.medialead.de	2 redirects
2	script.4dex.io	go.ezodn.com easy-fengshui.com
2	secure.adnxs.com	2 redirects
2	pm.w55c.net	2 redirects
2	oajs.openx.net	1 redirects easy-fengshui.com
2	esp.rtbhouse.com	easy-fengshui.com
2	ups.analytics.yahoo.com	2 redirects
2	match.360yield.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	basher.ezodn.com	easy-fengshui.com
2	imasdk.googleapis.com	easy-fengshui.com imasdk.googleapis.com
1	lb.eu-1-id5-sync.com	go.ezodn.com
1	id.crwdcntrl.net	go.ezodn.com
1	id.a-mx.com	go.ezodn.com
1	cdn.track.production.webgains.team	ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	cc.adingo.jp	ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
1	match.adsby.bidtheatre.com	1 redirects
1	ad-server.eu	ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
1	medialead.de	1 redirects
1	track.webgains.com	easy-fengshui.com
1	futalis.de	hal90003.redintelligence.net
1	adv.office-partner.de	hal90003.redintelligence.net
1	pb.media01.eu	hal90003.redintelligence.net
1	pixel.mathtag.com	tags.mathtag.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	sync.inmobi.com	1 redirects
1	ads.avads.net	1 redirects
1	match.sharethrough.com	ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
1	dclk-match.dotomi.com	ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
1	rr2---sn-4g5ednss.googlevideo.com	ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
1	i1.ytimg.com	ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
1	capi.connatix.com	easy-fengshui.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	s.ad.smaato.net	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s0.2mdn.net	imasdk.googleapis.com
1	pixel.quantserve.com	easy-fengshui.com
1	region1.google-analytics.com	www.googletagmanager.com
1	rules.quantcount.com	secure.quantserve.com
1	videosvc.ezoic.com	easy-fengshui.com
1	secure.quantserve.com	easy-fengshui.com
1	g.ezodn.com	easy-fengshui.com
1	sf.ezoiccdn.com	easy-fengshui.com
378	90

This site contains links to these domains. Also see Links.

Domain
silktide.com
humix.com
www.ezoic.com
healthlylife.net

Subject Issuer	Validity	Valid
easy-fengshui.com R3	`2023-01-06` - `2023-04-06`	3 months	crt.sh
ezoiccdn.com R3	`2023-01-22` - `2023-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.ezoic.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-11` - `2023-05-18`	a year	crt.sh
quantserve.com R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-02-28` - `2023-05-29`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-01-29` - `2023-04-29`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-01-21` - `2023-04-21`	3 months	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-02-21` - `2023-05-02`	2 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-27` - `2023-06-21`	6 months	crt.sh
*.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-04-25`	a year	crt.sh
redintelligence.net R3	`2023-02-08` - `2023-05-09`	3 months	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-05`	a year	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-20` - `2023-05-21`	a year	crt.sh
adv.office-partner.de R3	`2023-03-02` - `2023-05-31`	3 months	crt.sh
*.futalis.de R3	`2023-02-16` - `2023-05-17`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-04-06` - `2023-04-14`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G1	`2022-06-17` - `2023-06-18`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh

This page contains 27 frames:

Primary Page: https://easy-fengshui.com/
Frame ID: 55A1809FD26E2613B7441B808281D999
Requests: 234 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html
Frame ID: 1CD8C03B3DA19CC666020FB63BF2ACB0
Requests: 1 HTTP requests in this frame

Frame: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D6BBE0FDB8826D628C34E6AB9C34AF17
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.559.1_de.html
Frame ID: 294CDB78464C5FBAA936F26CE81F65B8
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4916289523661847&output=html&h=250&adk=4176011913&adf=2827111385&w=250&lmt=1678084787&rafmt=12&channel=4430082836&format=250x250&url=https%3A%2F%2Feasy-fengshui.com%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678084786961&bpp=4&bdt=310&idt=287&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D857dc3e5e1b593cd%3AT%3D1678084787%3AS%3DALNI_Mbs74r5W9qrXjsgxUzj6RQep9pWnw&gpic=UID%3D00000bc0f38e9f89%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MZeWBT8eVsXRRfNNnQ4EqsdBINOSg&correlator=395500658622&frm=20&pv=2&ga_vid=1462555817.1678084787&ga_sid=1678084787&ga_hid=1141971450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=1006&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926%2C31072648%2C31072727&oid=2&pvsid=2051008498528973&tmod=1671322955&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=0ywExLuFRL&p=https%3A//easy-fengshui.com&dtd=931
Frame ID: B78AB2A5E9EEDCA7F6E0EC6CC6A41BF1
Requests: 11 HTTP requests in this frame

Frame: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8D26BD61B2532FE3F3D101AD946DEE76
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8D714BA6D93B96015300776011142339
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A997F77B2A1236614BE76F23A7202A0F
Requests: 9 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/89d7ca8249da9b1fce758df22cf4efd3.js?tag=client_fast_engine_2019
Frame ID: 6BA6CBE651D9B6488C1366B60E9F3E8A
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Frame ID: 90CA1C4E6BC5F10D2D2C781F020F3110
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=easy-fengshui.com
Frame ID: B18F6F63EC8C68731CA7153D79407FA0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 707E4B8B25D58DFBA8109C3AFA91A7A2
Requests: 9 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: A7B85FF7F1D8D19B02A45602E10A99FC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js
Frame ID: 015546D9D5E76B0796E1ED4134633455
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A57F870D3D960D8F368275DB68F72EB6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B34483A7A211EBC7B9C7DFE6E6BDDE0A
Requests: 2 HTTP requests in this frame

Frame: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5C5077229A468C7B781389E17022D382
Requests: 19 HTTP requests in this frame

Frame: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 277A006BADCF2A3A16A02A1BF9923A00
Requests: 9 HTTP requests in this frame

Frame: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 433A698F89BFECD182DD3114E7A33D3A
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Frame ID: F2FB4FD7933D6F3B1C1EB0198A83BDCF
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17896160517819465728/160x600/index.html
Frame ID: ECAC452283F645BF12688BEADB34CEEC
Requests: 8 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=23922200019749900951411012255003&actionid=981741&produktid=&dt_url=
Frame ID: 5F77E8368D859F2FDB6303490D24BAC7
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 26C392DC9524E8F24E35A8B31BBA9C92
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2364595180
Frame ID: 43228DD91B98FFA3A2734DAE0AD6BB3E
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjJsoDZxv0CFRRVGAod15gOOg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6172240517234.748
Frame ID: 930585C6A14A9B34D0C88A42867DD8BE
Requests: 2 HTTP requests in this frame

Frame: https://hal90003.redintelligence.net/request_content.php?s=23922200019749900951411012255003&a=b01237a4
Frame ID: 7399AE43D39D67E08B19E2E5DB95D6E8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8C2E1F50B8F76D4EC437936426ACEC23
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - Easy Feng Shui

Page URL History Show full URLs

http://easy-fengshui.com/ HTTP 301
https://easy-fengshui.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

378
Requests

94 %
HTTPS

47 %
IPv6

63
Domains

90
Subdomains

72
IPs

14
Countries

6302 kB
Transfer

11751 kB
Size

63
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://silktide.com/cookieconsent
Title: Cookie Consent plugin for the EU cookie law

Search URL Search Domain Scan URL

URL: https://humix.com/redirect?url=https%3A%2F%2Fchinamarketadvisor.com%2Fhumix%2Fvideo%2F78dce9f40517dccd6de9c1a4cf79a37f57601337
Title: Basic Feng Shui Rules and Tips for the Bedroom

Search URL Search Domain Scan URL

URL: https://www.ezoic.com/what-is-ezoic/

Search URL Search Domain Scan URL

URL: https://healthlylife.net/
Title: https://healthlylife.net/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://easy-fengshui.com/ HTTP 301
https://easy-fengshui.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 150

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMLKuIUBILwQHwRm2h_vH9Y&google_cver=1&google_push=Aa02lx9xIW8S8ekZbzvZbAfXeNu2kFK7OU6hSCFxCWqjBqhkRqET7EpGY21VKuoVDN1-LJYUxj_wCatyRS1ZouVLKq0gtviRE6mSfiM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVXR0NVNjEtMjItRlVOTg==&google_push=Aa02lx9xIW8S8ekZbzvZbAfXeNu2kFK7OU6hSCFxCWqjBqhkRqET7EpGY21VKuoVDN1-LJYUxj_wCatyRS1ZouVLKq0gtviRE6mSfiM

Request Chain 151

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOfYU6HWzdmgCKJbFFpQbWE&google_cver=1&google_push=Aa02lx_qEPjJr0QsrzS_yMWEuT-jzcYulQ5WGnpPtla0cqFx27mcxe2sF1XnfqmG0cZIMS4i20tc-huW7k-WHfIqA_GRf_1_CJDeUA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_qEPjJr0QsrzS_yMWEuT-jzcYulQ5WGnpPtla0cqFx27mcxe2sF1XnfqmG0cZIMS4i20tc-huW7k-WHfIqA_GRf_1_CJDeUA

Request Chain 152

https://match.360yield.com/match/ebda?google_gid=CAESELJzoUwRJCZtrpOJsw9TgcY&google_cver=1&google_push=Aa02lx9f0R_aG64GYz082sT6yaWCintyZe5-tAa9jzvxs3wCjVHp4uE5LInqgoGLCMeE2Z1azspEgPz4QzZCM_EnrZ-4-mlgm2zi-VY HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESELJzoUwRJCZtrpOJsw9TgcY&google_cver=1&google_push=Aa02lx9f0R_aG64GYz082sT6yaWCintyZe5-tAa9jzvxs3wCjVHp4uE5LInqgoGLCMeE2Z1azspEgPz4QzZCM_EnrZ-4-mlgm2zi-VY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ipQbYq09QByNxQhRXMvm2g&google_push=Aa02lx9f0R_aG64GYz082sT6yaWCintyZe5-tAa9jzvxs3wCjVHp4uE5LInqgoGLCMeE2Z1azspEgPz4QzZCM_EnrZ-4-mlgm2zi-VY

Request Chain 153

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDojJzBjaUJckGZob9zkX7s&google_cver=1&google_push=Aa02lx9cpfpZ0-mtpNzUyRsVKI_3ZbQyrUYHZ-U3oTBBPZwE50P1DMMRQU82mNtPlBKzG7ZcMChGDIoLdeUOQ2wr8RchYnKMxqnzMsY HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDojJzBjaUJckGZob9zkX7s&google_cver=1&google_push=Aa02lx9cpfpZ0-mtpNzUyRsVKI_3ZbQyrUYHZ-U3oTBBPZwE50P1DMMRQU82mNtPlBKzG7ZcMChGDIoLdeUOQ2wr8RchYnKMxqnzMsY&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1PbXRDMm9sRTJ1SG5tbmVRNUpSSHFlb2xSWnhwVndyaH5B&google_push=Aa02lx9cpfpZ0-mtpNzUyRsVKI_3ZbQyrUYHZ-U3oTBBPZwE50P1DMMRQU82mNtPlBKzG7ZcMChGDIoLdeUOQ2wr8RchYnKMxqnzMsY

Request Chain 157

https://oajs.openx.net/esp?url=https%3A%2F%2Feasy-fengshui.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Feasy-fengshui.com%2F&rid=esp&cc=1

Request Chain 160

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 171

https://gum.criteo.com/sid/json?origin=publishertagids&domain=easy-fengshui.com&sn=ChromeSyncframe&so=0&topUrl=easy-fengshui.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=nVH5Q3wxeUZPZldnTUNKQzlxSnlqMXBHVkJ4MmdudkdpTy9saXdhcFIrOC9NdHRSQWJvWDk5TFFUbkZXQmdIYmd2ZDRiWUZHbU5DU0xoaktoRDNrZUVPam5CWTN5VjZIVDBCbDV1T01lVlpyOXRwRTJLRWd4OE15TGIzT3UydEZmb2tITUtFS09lYmd4ZVd5a0JTdjlnenBFNEhmYnQra3lDdGtlOW45bXo3VlJnL0xHalE2YUozNE9TWDZMcnlsZDk0UVVVZGxQeVdnMm45cCtlM2FHSy8xUXg4T0lxUVJ4eVJuejVlVnE3ZUNVQUM3RlBOSUxzY0JMYjEzUlZNVksvWTZXNXJFOWx6YWxTSjBtS043TXpiN1hlNjF6Vy9NNGZaMjR4QVdTcnd1QitFYz18&cppv=2

Request Chain 173

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDl2VWc71BTtPU25ccsaoKU&google_cver=1&google_push=Aa02lx9m1TNlFv_JO0fXtqUkIwysXcMwbVV3DE4JX8ULbouc2ElQMW2V1BhDWSeQH_VztsAPozL-5IovGL8KzVmcLbhZbTV9dfb_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDl2VWc71BTtPU25ccsaoKU&google_cver=1&google_push=Aa02lx9m1TNlFv_JO0fXtqUkIwysXcMwbVV3DE4JX8ULbouc2ElQMW2V1BhDWSeQH_VztsAPozL-5IovGL8KzVmcLbhZbTV9dfb_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UlVnT2FFWTUxUHo0dkg1&google_gid=CAESEDl2VWc71BTtPU25ccsaoKU&google_cver=1&google_push=Aa02lx9m1TNlFv_JO0fXtqUkIwysXcMwbVV3DE4JX8ULbouc2ElQMW2V1BhDWSeQH_VztsAPozL-5IovGL8KzVmcLbhZbTV9dfb_

Request Chain 174

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJK7-O3dt3CksGiimD6_cQM&google_cver=1&google_push=Aa02lx_BmMnGj3up8syQOr1PUG_SmZkqU6v_Cm7Vlkqq9p5xeugif-gtrDCVOyUri6hRgqRYqny8ddDMesv_gH-pMexYyKPpr01I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVXR0NVOTYtMTItSVNK&google_push=Aa02lx_BmMnGj3up8syQOr1PUG_SmZkqU6v_Cm7Vlkqq9p5xeugif-gtrDCVOyUri6hRgqRYqny8ddDMesv_gH-pMexYyKPpr01I

Request Chain 176

https://ads.avads.net/sync/ggl?google_gid=CAESEEvSpc22GIFPUNLnlNYTHvo&google_cver=1&google_push=Aa02lx9CA2jI-jj8KK2HZabNyRqiW1SW6UDt15u-8YqmZlKvPzTQn5YK0q0ISMLW7OYy5OM0hdjm30BHmUr8CFjVeHp_AWl2GOSxcA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=MjAzZTRmMmYtYTZlNi00YWVlLTlkMDctNzdhZGVmMTI1ZGI0&google_push=Aa02lx9CA2jI-jj8KK2HZabNyRqiW1SW6UDt15u-8YqmZlKvPzTQn5YK0q0ISMLW7OYy5OM0hdjm30BHmUr8CFjVeHp_AWl2GOSxcA

Request Chain 177

https://sync.inmobi.com/gob?google_gid=CAESEEleAnbx7NDhA9BelYigurY&google_cver=1&google_push=Aa02lx-SC0HHSZA8li60S7gIkT6Uxx_YSaxK2YcEQGQWjmMhF450Y8zPsWdItAw6K_zQaftUpswHQKtMHcbVg7klNgunmkXwOfbFUA HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAa02lx-SC0HHSZA8li60S7gIkT6Uxx_YSaxK2YcEQGQWjmMhF450Y8zPsWdItAw6K_zQaftUpswHQKtMHcbVg7klNgunmkXwOfbFUA

Request Chain 178

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEKuQ097Kqh8YrnaXXFWrWpg&google_cver=1&google_push=Aa02lx9HN3SI9PZucDIZCla95gZI1dReFAkf6fDdSiaFf1wU09ir8mpS-01xKYfYr2TifHf_LIgnxRvMdrEfmid2XpKujcJVF1AO HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEKuQ097Kqh8YrnaXXFWrWpg%26google_cver%3D1%26google_push%3DAa02lx9HN3SI9PZucDIZCla95gZI1dReFAkf6fDdSiaFf1wU09ir8mpS-01xKYfYr2TifHf_LIgnxRvMdrEfmid2XpKujcJVF1AO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDI3NTkyNDU3Mjc2MjA2MjEzNA%3D%3D&google_gid=CAESEKuQ097Kqh8YrnaXXFWrWpg&google_cver=1&google_push=Aa02lx9HN3SI9PZucDIZCla95gZI1dReFAkf6fDdSiaFf1wU09ir8mpS-01xKYfYr2TifHf_LIgnxRvMdrEfmid2XpKujcJVF1AO

Request Chain 323

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=23922200019749900951411012255003&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=23922200019749900951411012255003&actionid=981741&produktid=&dt_url=

Request Chain 325

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=23922200019749900951411012255003&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2364595180

Request Chain 327

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6172240517234.748 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjJsoDZxv0CFRRVGAod15gOOg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6172240517234.748

Request Chain 329

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=23922200019749900951411012255003 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=23922200019749900951411012255003 HTTP 302
https://ad-server.eu/wm/pb/native.png

Request Chain 332

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEN2pPbWb6ZCgrHzVNLr5dSk&google_cver=1&google_push=Aa02lx_T3mlKJcRL1ihhf22bLIHQsCbt7Z0wRPAN6Y30uyFWwYGLEoCLlMq4tIgPq9Dtz6Gp971tChBBcCtR-k5m-EQKslvjfRQ7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=Aa02lx_T3mlKJcRL1ihhf22bLIHQsCbt7Z0wRPAN6Y30uyFWwYGLEoCLlMq4tIgPq9Dtz6Gp971tChBBcCtR-k5m-EQKslvjfRQ7

Request Chain 333

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEEZ6-FsgX15sESJpsj_comI&google_cver=1&google_push=Aa02lx8pDirDQB_wa9vQsOfAjeOQiBd4CJFpVkDahvx11Lbt8LX8OGAyviJWgS0JPJHu9pFSC2Emx2XSGJcKTwCdwTUEwFLsUNGh HTTP 302
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEEZ6-FsgX15sESJpsj_comI&google_cver=1&google_push=Aa02lx8pDirDQB_wa9vQsOfAjeOQiBd4CJFpVkDahvx11Lbt8LX8OGAyviJWgS0JPJHu9pFSC2Emx2XSGJcKTwCdwTUEwFLsUNGh&prevuid=&knw= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aa02lx8pDirDQB_wa9vQsOfAjeOQiBd4CJFpVkDahvx11Lbt8LX8OGAyviJWgS0JPJHu9pFSC2Emx2XSGJcKTwCdwTUEwFLsUNGh&google_hm=

Request Chain 334

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOc39Eq_OKwJnCU4SCkCkEM&google_cver=1&google_push=Aa02lx_wvoxhV1LC0RwNvMjHdsANiQExWcDPjSxJSThb5KSZ2itj2jahOolvmknaUmyVXyATwdTzD6DEZ_DrZCORuKMM5peBwQM HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOc39Eq_OKwJnCU4SCkCkEM&google_cver=1&google_push=Aa02lx_wvoxhV1LC0RwNvMjHdsANiQExWcDPjSxJSThb5KSZ2itj2jahOolvmknaUmyVXyATwdTzD6DEZ_DrZCORuKMM5peBwQM&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TBd3lFUDQ9mNTulx7ehMTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_wvoxhV1LC0RwNvMjHdsANiQExWcDPjSxJSThb5KSZ2itj2jahOolvmknaUmyVXyATwdTzD6DEZ_DrZCORuKMM5peBwQM

Request Chain 335

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJz0RCX9Qahc6T-Twdh18GQ&google_cver=1&google_push=Aa02lx8B3cxGaOklxnQZyX0iFlrX-htlSRVdskxbarFHeX5rMC5bFb-hIxzpk3Cn9p4FygQTqIKsZaqE_k3FOrem1ABRT9lJcNIE HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJz0RCX9Qahc6T-Twdh18GQ&google_push=Aa02lx8B3cxGaOklxnQZyX0iFlrX-htlSRVdskxbarFHeX5rMC5bFb-hIxzpk3Cn9p4FygQTqIKsZaqE_k3FOrem1ABRT9lJcNIE&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJz0RCX9Qahc6T-Twdh18GQ&google_hm=ZAWKuvkvR-UciR4nfISAxgAACLUAAAAB&google_nid=index&google_push=Aa02lx8B3cxGaOklxnQZyX0iFlrX-htlSRVdskxbarFHeX5rMC5bFb-hIxzpk3Cn9p4FygQTqIKsZaqE_k3FOrem1ABRT9lJcNIE

Request Chain 336

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGIl6J_TXKtya3vDIl4-Fp4&google_cver=1&google_push=Aa02lx9ja1B6fFXqY8uYYil4eFFzoiwds3UACDZIw33btYmm8P4Z_GUFjwxNXRBlS1diFQ8cY8I_grXLp2Bk2F3F_AeyZZbXFLY HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGIl6J_TXKtya3vDIl4-Fp4&google_cver=1&google_push=Aa02lx9ja1B6fFXqY8uYYil4eFFzoiwds3UACDZIw33btYmm8P4Z_GUFjwxNXRBlS1diFQ8cY8I_grXLp2Bk2F3F_AeyZZbXFLY&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9ja1B6fFXqY8uYYil4eFFzoiwds3UACDZIw33btYmm8P4Z_GUFjwxNXRBlS1diFQ8cY8I_grXLp2Bk2F3F_AeyZZbXFLY&google_hm=GQ4PvGZH-kUbOFk_QRuw1KW7

Request Chain 338

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEO3YTL7HXvHB1OmkZxdHMrA&google_cver=1&google_push=Aa02lx9CH328SgeYApY7ZN1iW1R_oOk53yCt-DXCDns1F6C39kvAQio1zb7pv05M3OgEB-eLZF60S-5yYOl5GHqZf40VuTjf2eNN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9CH328SgeYApY7ZN1iW1R_oOk53yCt-DXCDns1F6C39kvAQio1zb7pv05M3OgEB-eLZF60S-5yYOl5GHqZf40VuTjf2eNN HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 373

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Feasy-fengshui.com%2F&domain=easy-fengshui.com&bundle=fKPpTV9ETzFTZUw3VGE5bTRvdCUyQk1HbFJCV2U3ekhqWWNqandNOFdVdGtwcmNzRzBXNFlsVjA4cjFORkRYaG9BR21WVXp1WmJsJTJGa3A3cVZ4MW01eHRyN2RidCUyQm0zd21KN2JvRUlTb3RMdjVTQ1d1YVE0dFFQMGxZRHlyekg4a3lySmxsV3BNa2ZyJTJCR3hzWHZLV0xxaXFnVTc3bVJzTUZmNXZubWFmeWVmS2FXUEdFQSUzRA&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=JH7WUXw2Q05wWXhqcGFKbXRHUW9yT0FvOC9Db0RRSXNnNm1mWTIrQXVFNEkwTkVrdjFhVytiWDVudjRyem0xdXoybkViL21EbzFnZzRXOFltK09pUmtHeXR2cStqM0VkSWdKdmt3YklZYmNjcDFkYUlUMDdWY0pJWEU3RWVTV1J4bjJyM3VBRnlWRzdvakova2p5STcxZlE3Z0VxelVEejd0ZmV5QTJDQVFsQnZkUmUxY1Zkb21OMlBRbjNnR0ZQNk5NUUxLZU5HV0M0d3hXTUswQU8rSzJVUEt4NTluZGJUVGpJSkxEdllJaC84ZWNNeW5DT2NEUkNpM2Jtc3RJSHJKWDRtRzZvK1VzOEl4YWJVMFBOdkJEWDR5UHNyVFMvVk9GYzJPVnFWcUVKL0RzVT18&cppv=2

378 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
easy-fengshui.com/
Redirect Chain

http://easy-fengshui.com/
https://easy-fengshui.com/

195 KB
55 KB

562ms
470ms

Document
text/html

3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1b5682ad0fa6d22fca76d046e0c530d55412064bef7b359c0e09f4e81a9ef0a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 06 Mar 2023 06:39:46 UTC
display: pub_site_sol
expires: Sun, 05 Mar 2023 06:39:46 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
link: <https://easy-fengshui.com/wp-json/>; rel="https://api.w.org/", <https://easy-fengshui.com/wp-json/wp/v2/pages/107>; rel="alternate"; type="application/json", <https://easy-fengshui.com/>; rel=shortlink
pagespeed: off
response: 200
server: nginx
vary: Accept-Encoding,User-Agent
x-ez-minify-html: 6.36% 200075 / 213658
x-ezoic-cdn: Hit ds;mm;6368aa8110636193c291f522dc30f167;2-250341-5;daab7386-0e63-45a5-54eb-440447c26206
x-httpd: 1
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-origin-cache-control
x-proxy-cache: HIT
x-sol: pub_site

Redirect headers

Cache-Control: public, max-age=2592000
Content-Length: 148
Content-Type: text/html
Date: Mon, 06 Mar 2023 06:39:46 UTC
Display: staticcontent_sol
Host-Header: 8441280b0c35cbc1147f8ba998a563a7
Location: https://easy-fengshui.com/
Pagespeed: off
Response: 301
Server: nginx
Vary: Accept-Encoding,User-Agent,Origin
X-Ez-Minify-Html: 8.64% 148 / 162
X-Ezoic-Cdn: Hit ds;dm;cb72ec0d1d6120209cad35b29f6e9c5c;2-250341-5;2a296674-649a-47ba-72a7-2ffe9abcf7f1
X-Https-Enforce: 1
X-Middleton-Display: staticcontent_sol
X-Middleton-Response: 301
X-Origin-Cache-Control
X-Proxy-Cache-Info: DT:1
X-Sol: pub_site

GET
H2 200 cash.js Show response
sf.ezoiccdn.com/tardisrocinante/ 32 KB
12 KB 202ms
50ms Script
application/javascript 2600:9000:2304:e600:1d:3142:8200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sf.ezoiccdn.com/tardisrocinante/cash.js?cb=4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:e600:1d:3142:8200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 613d6bc3b776a6f38a7b3592c3a502e88d5d8d3b9f54bb4ad9002b318fa432ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 05:09:16 GMT
content-encoding: gzip
via: 1.1 8fc54d3acff9539327f4d7a6bf40a31e.cloudfront.net (CloudFront)
server: Apache/2.4.39 (Ubuntu)
x-amz-cf-pop: VIE50-P1
age: 1215030
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
x-amz-cf-id: cO6vNy4T0hsHXbal201CkI2368tAEluASNtgYXX4rW0QfYQ2BAbPHw==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
47 KB 167ms
64ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

486a28fd534296bf49f330e1c940f9f5ef75aec61974bdd9dd828229a386c4bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easy-fengshui.com/
Origin: https://easy-fengshui.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48064
x-xss-protection: 0
server: cafe
etag: 6560892697221965027
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 06:39:46 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
27 KB 173ms
48ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c409b1e7e42a519e681820d28d8b48f57ebdbb4491ba0d84d40c46d698ebfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26793
x-xss-protection: 0
server: sffe
etag: "1502 / 409 of 1000 / last-modified: 1677884859"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 06 Mar 2023 06:39:46 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 656 KB
190 KB 168ms
65ms Script
application/javascript 2606:4700:e2::ac40:8917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?cb=195-0-53
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8313ab108ad0c0ac61598a60a24f55d66f38fb426cdedea620424c4ef4bb41d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 00:28:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 885849
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oivjvi%2Bzt7ZlFcFmD7LlRiDbJXNR9NTH6q5HvXuDVtuJO9vJCH8kkL5L126T%2FyQjyrbnlUYqNFkh2b87BCnAOg5JSpBvUlmayrCDZcgJ0NhDWIRvK%2BiRnFBDuf1zXJt7sMy9y%2Fz0K1u7y7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7a389a7d7a29916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.min.css
easy-fengshui.com/wp-includes/css/dist/block-library/ 10 KB
2 KB 79ms
66ms Stylesheet
text/css 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1&ez_used_css_s=13
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f2bdb36ccc38913f2adbac80f4248106f779f1ffd144bd0a4837fbc4819d9e2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:46 UTC
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;9df2b51d7762dd82c8a2ec8cf16f3421;2-250341-5;195a2365-178c-4c90-4662-42c7380d0e43
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: W/"6374af0d-172a9-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
x-ez-minify-css: 1.03% 10112 / 10217
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 classic-themes.min.css
easy-fengshui.com/wp-includes/css/ 0
121 B 76ms
64ms Stylesheet
text/css 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/wp-includes/css/classic-themes.min.css?ver=1&ez_used_css_s=13
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:46 UTC
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;ada56ccc97f5502ee6e276f726bb833c;2-250341-5;a8834877-1421-4b4c-4cf7-37cca6cf6851
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 0
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: W/"6364df47-d9"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
x-ez-minify-css: NaN% 0 / 0
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 screen.min.css
easy-fengshui.com/wp-content/plugins/table-of-contents-plus/ 768 B
464 B 77ms
64ms Stylesheet
text/css 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2302&ez_used_css_s=13
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: df321e3d2676c25fd9c205db868a3c831f8af8cf22641800ca5cb0a63c168bad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:46 UTC
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;720c66d6e75769c73712bc929d7f1d60;2-250341-5;dbc2a05e-f8b8-41d4-5272-9ce51d091178
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 265
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: W/"63efe66e-484-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
x-ez-minify-css: 1.29% 768 / 778
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 style.css
easy-fengshui.com/wp-content/themes/acabado-1/ 22 KB
5 KB 69ms
57ms Stylesheet
text/css 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/wp-content/themes/acabado-1/style.css?ver=6.1.1&ez_used_css_s=13
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2e41953e01b926414db703bcaa77c65e929bec6e2d750a252124f0c82d41973a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:46 UTC
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;84d3e1aa57ea9f677466a1d400fcd64a;2-250341-5;e7c859ae-27ec-4970-50af-a11ed0e11e0e
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: W/"5f634434-98ac-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
x-ez-minify-css: 2.11% 22188 / 22666
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 sassy-social-share-public.css
easy-fengshui.com/wp-content/plugins/sassy-social-share/public/css/ 2 KB
861 B 83ms
72ms Stylesheet
text/css 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.46&ez_used_css_s=13
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d5b2a6f4dc074e7392d4713068c520d8acea17dc5e7f0772b9079b32d277e74b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:46 UTC
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;f27b19470521a65c5002dd9cabe60473;2-250341-5;3441e240-4bf0-4062-7ea4-65f22a6a6293
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 720
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: W/"63efe66a-25e4-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
x-ez-minify-css: 5.27% 1888 / 1993
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
easy-fengshui.com/wp-includes/js/jquery/ 11 KB
4 KB 156ms
154ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f7936229441aa3c84bbd8f9978b2c27e35e6c2da2f34b078d8546f1818eba7c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:46 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;4e078f12de292bf2f2386d180e62e60c;2-250341-5;a9eb2e6e-14ad-4613-5286-8aceedcee56e
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: W/"5fd277b2-2bd8-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
content-type: application/javascript
cache-control: public, max-age=31536000
x-ez-minify-js: 0.04% 11220 / 11224

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 163ms
53ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-178426094-1

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10f89504f2829a2a0c6353575f03fd25ca29d9816f5c80b69e4d78fe5a97faaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45832
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Mar 2023 06:39:47 GMT

GET
H2 404 librefranklin-bold-webfont.woff
easy-fengshui.com/wp-content/themes/acabado/font/ 0
0 1158ms
1147ms Font
text/html 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/wp-content/themes/acabado/font/librefranklin-bold-webfont.woff
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://easy-fengshui.com/
Origin: https://easy-fengshui.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 05 Mar 2023 06:39:47 GMT
date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Miss
x-proxy-cache-info: 0 NC:000000 UP:SKIP_CACHE_NO_CACHE
x-middleton-display: staticcontent_sol
x-middleton-response: 404
host-header: 6b7412fb82ca5edfd0917e3957f05d89
pagespeed: off
response: 404
server: nginx
x-origin-cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding,User-Agent,Origin
content-type: text/html; charset=UTF-8
x-httpd: 1
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
link: <https://easy-fengshui.com/wp-json/>; rel="https://api.w.org/"
x-ez-minify-html: 12.91% 28250 / 32439
x-proxy-cache: MISS

GET
H2 404 RobotoCondensed-Regular-webfont.woff
easy-fengshui.com/wp-content/themes/acabado/font/ 0
0 2180ms
2175ms Font
text/html 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/wp-content/themes/acabado/font/RobotoCondensed-Regular-webfont.woff
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://easy-fengshui.com/
Origin: https://easy-fengshui.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 05 Mar 2023 06:39:48 GMT
date: Mon, 06 Mar 2023 06:39:48 GMT
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Miss
x-proxy-cache-info: 0 NC:000000 UP:SKIP_CACHE_NO_CACHE
x-middleton-display: staticcontent_sol
x-middleton-response: 404
host-header: 6b7412fb82ca5edfd0917e3957f05d89
pagespeed: off
response: 404
server: nginx
x-origin-cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding,User-Agent,Origin
content-type: text/html; charset=UTF-8
x-httpd: 1
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
link: <https://easy-fengshui.com/wp-json/>; rel="https://api.w.org/"
x-ez-minify-html: 12.91% 28251 / 32440
x-proxy-cache: MISS

GET
H2 200 cookieconsent.min.js Show response
easy-fengshui.com/ezoic/ 4 KB
2 KB 86ms
81ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/ezoic/cookieconsent.min.js
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:46 GMT
content-encoding: br
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: Apache/2.4.39 (Ubuntu)
etag: "11a4-5f5afbb5bf0c0-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex
expires: Tue, 05 Mar 2024 06:39:46 GMT

GET
H2 200 ezvideojscss.css
easy-fengshui.com/ezvideo/ 41 KB
10 KB 58ms
53ms Stylesheet
text/css 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/ezvideo/ezvideojscss.css?cb=57
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: fdee3a3a36ac0545d4e302737dc029e4ab4c3370da8d11d7ee86feca140ee550

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:46 GMT
cache-control: private, max-age: 2628000
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: text/css; charset=utf8

GET
H2 200 ezvideojspluginscss.css
easy-fengshui.com/ezvideo/ 14 KB
2 KB 59ms
55ms Stylesheet
text/css 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/ezvideo/ezvideojspluginscss.css?cb=57
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: a5242d2e5d2b87110d894c303a479b0a7a94662e21979e27d565a92d43f4ed29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:46 GMT
cache-control: private, max-age: 2628000
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: text/css; charset=utf8

GET
H2 200 ezvideocss.css
easy-fengshui.com/ezvideo/ 12 KB
2 KB 58ms
54ms Stylesheet
text/css 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/ezvideo/ezvideocss.css?cb=57
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 08f9966298220687808afbc8aafdabec798180d8dc44438bcd07b6273a595283

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:46 GMT
cache-control: private, max-age: 2628000
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: text/css; charset=utf8

GET
H2 200 app.min.js Show response
easy-fengshui.com/wp-content/themes/acabado-1/js/ 4 KB
2 KB 107ms
105ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/wp-content/themes/acabado-1/js/app.min.js?ver=1.0.10
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 08f33897d80b04fa8fea8f88fae97f11e39fd640af1591661c81f103868ca46a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:46 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;ae5a405d96ca15a54171bc179d1b7f17;2-250341-5;f129868e-e16c-4c46-746b-9c99010081f8
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: W/"5f634434-11de-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
content-type: application/javascript
cache-control: public, max-age=31536000
x-ez-minify-js: 0.00% 4574 / 4574

GET
H2 200 v.js Show response
g.ezodn.com/cmp/v2/ 5 KB
2 KB 81ms
49ms Script
text/javascript 2606:4700:e2::ac40:8917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezodn.com/cmp/v2/v.js?v=4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b104db680a9d1df48409a24d2f18c31e2867e67e921c44b00c72b22d9762bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Feb 2023 19:45:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 987445
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRVhhghnqH5haK0hJmRF3kqOebPP26TwASJtVa90mVvLLNg2%2Fpa1q5pWbrRSIPoNNqaeX1PuTOFOMdUprwgNeLZykyXDXhluTc5M%2B7Wm3WGbxKbsQ6pQDRI3nqqamxBesUFY5w8SQl%2FzBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=15780000
cf-ray: 7a389a7e5ae6916b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fads.js Show response
easy-fengshui.com/porpoiseant/ 8 KB
2 KB 44ms
43ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/fads.js?gcb=195-0&cb=6
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: f08bda7e60fadca736bd7ed81684d6dd9bd11951aada10c84e66cbeac3c52197

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:46 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 banger.js Show response
easy-fengshui.com/porpoiseant/ 52 KB
13 KB 49ms
48ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/banger.js?cb=195-0&bv=187&v=73&PageSpeed=off
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: a679a175c432ce8791d103797844eee5a5185d33a87c45d2324e4abaa7267a45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:46 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 cmbv2.js Show response
easy-fengshui.com/detroitchicago/ 932 KB
242 KB 54ms
53ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 7fb5e67765b77e546652893c4784f023254f7c5e035c742d094051609f6e58fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:46 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 404 search-icon.png
easy-fengshui.com/wp-content/themes/acabado/img/ 28 KB
28 KB 1209ms
1208ms Image
text/html 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easy-fengshui.com/wp-content/themes/acabado/img/search-icon.png
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/wp-content/themes/acabado-1/style.css?ver=6.1.1&ez_used_css_s=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2552de0afcc6e4049bdad584e3cebcbb10c1917acf38ede9e8e8e20e27e4415a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/wp-content/themes/acabado-1/style.css?ver=6.1.1&ez_used_css_s=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sun, 05 Mar 2023 06:39:48 GMT
date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Miss
x-proxy-cache-info: 0 NC:000000 UP:SKIP_CACHE_NO_CACHE
x-middleton-display: staticcontent_sol
x-middleton-response: 404
host-header: 6b7412fb82ca5edfd0917e3957f05d89
pagespeed: off
response: 404
server: nginx
x-origin-cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding,User-Agent,Origin
content-type: text/html; charset=UTF-8
x-httpd: 1
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
link: <https://easy-fengshui.com/wp-json/>; rel="https://api.w.org/"
x-ez-minify-html: 12.91% 28249 / 32438
x-proxy-cache: MISS

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a108193a3c54e5c07c1207c0e38b0279d9cddc0fb844fdbdcaf82629ec69eb8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84b742c171dadedcad5db808d8dca7c9b19487365533eee7919cebe8e88c3cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/ 360 KB
119 KB 160ms
79ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4916289523661847&plah=easy-fengshui.com&bust=31072648

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ab3d721545144bde4847da681ef8cbdf51e7c899bc224ee990e21fd3bd6beb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121499
x-xss-protection: 0
server: cafe
etag: 8641425533317571427
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 06 Mar 2023 06:39:47 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/ Frame 1CD8 10 KB
5 KB 135ms
40ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easy-fengshui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42770
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 18:46:57 GMT
etag: 2378337311435320485
expires: Sun, 19 Mar 2023 18:46:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ezoic.png
go.ezodn.com/utilcave_com/img/ 1 KB
2 KB 72ms
60ms Image
image/png 2606:4700:e2::ac40:8917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezodn.com/utilcave_com/img/ezoic.png
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
cf-cache-status: BYPASS
x-sol: middleton
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1181
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: cloudflare
etag: "49d-5d9576f862e00-gzip-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAdUMG3FuCbN8M48QqwXvjchwuyqxPB7SEVaB2EKglag3Hq5IShLE9IOOyzznJerEXiKOyqQF5sfPzdxnU%2Fwa9tpEBjq4OxXWpxTQVvcDwYblfuPsF5wmsAnbiFQ2krHUTOGX4Sr8Naofn8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7a389a7edb6b916b-FRA
expires: Mon, 13 Mar 2023 06:39:47 GMT

GET
H2 200 houston.js Show response
easy-fengshui.com/detroitchicago/ 10 KB
3 KB 50ms
42ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/detroitchicago/houston.js?gcb=0&cb=56
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: b9694a9623d72ad3c3f1b01de730d582b321b6dd2310fd8012d270516ff6fa7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 sidebarwall.js Show response
easy-fengshui.com/detroitchicago/ 8 KB
2 KB 49ms
43ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/detroitchicago/sidebarwall.js?gcb=0&cb=17
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 67fe79ff44204bf0285713b29ceafef5569a5609efe9053d1100894eb3c60b77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 358 KB
120 KB 188ms
50ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c089ffa9c5f92974ce4da0c9dfb30d0733fce5c7159795f833151a6588c15ff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122289
x-xss-protection: 0
expires: Mon, 06 Mar 2023 06:39:47 GMT

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
basher.ezodn.com/ 990 B
856 B 46ms
45ms XHR
application/json 2606:4700:e2::ac40:8817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=250341&bf=46&dc=1254144
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/porpoiseant/banger.js?cb=195-0&bv=187&v=73&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e04dce573439bd415aa45fe4e8efb20d8918f8c42d5230363634e5905eec68c1

Request headers

Referer: https://easy-fengshui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
X-PINGBACK: pingpong
Content-Type: application/json

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
vary: Origin, Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://easy-fengshui.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10HS%2FiFSxG%2BSkhFNISBR5B3tSsJOT15aGIzn4wipQMr06J25VmcRiLyb%2Fle0o2guROBqFTc%2FYTpqvq1lsnz44NZhdzFhYUVo1lVPGgttOKijWqvvumNDbQhvdaNLSmaQk3gqwf5PiD4onuBbJMEu"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: public, max-age=84400
cf-ray: 7a389a7ff8fe9a1e-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 /
basher.ezodn.com/ Frame 0
0 172ms
49ms Preflight
application/json 2606:4700:e2::ac40:8817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=250341&bf=46&dc=1254144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-pingback
Access-Control-Request-Method: GET
Origin: https://easy-fengshui.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-pingback
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://easy-fengshui.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 7a389a7fa8b39a1e-FRA
content-length: 0
content-type: application/json
date: Mon, 06 Mar 2023 06:39:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLkbiTHZI%2FjtPQ33k38gqvbItVpqdLWmMhKucd%2F%2BaDifpemVKOG1baodN5tiBix3wUAfkZctZb6iPtRSe3TNNbhCn5c6dasX1BAUY9RkmYtPPpNqvdHxIVF7ln3ozOxJ%2FzH97v3mdX0SDsOyxsEt"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding

GET
H2 200 pubads_impl_2023022801.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccd9121a14b7d9a66e942de02634cb4058f3b8faa32ae268a14fb6a8fe301d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132270
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 09:36:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 04 Mar 2024 22:00:37 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 912 B
419 B 138ms
49ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=easy-fengshui.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cba3cb8e71b2dc659ffc15c6878978867d86417c85cc0ed4fbeea3b69da24c7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 394
x-xss-protection: 0
expires: Mon, 06 Mar 2023 06:39:47 GMT

GET
H2 200 nmash.js
easy-fengshui.com/porpoiseant/ 19 KB
6 KB 46ms
45ms Other
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/nmash.js?v=187
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: f31aaf80ee9805274ec245affde9dbebe691f71c9ffe9c4f91eb0672b47033f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=0, public
x-robots-tag: noindex

GET
DATA 200
OK truncated
/ 44 B
44 B Other
image/webp

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52734ffc9ed5c328ac20a2b1bd1177ade6dd2a4279d2445547fffdd5d1f5e2c4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/webp

POST
H2 200 imp.gif
easy-fengshui.com/detroitchicago/ 43 B
293 B 228ms
227ms Ping
image/gif 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/detroitchicago/imp.gif?e=%7B%22ab_test_id%22%3A%22mod129%22%2C%22ad_cache_level%22%3A1%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A1%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%226%2C39%2C38%2C4%2C34%2C0%2C35%2C5%22%2C%22adx_ad_count%22%3A5%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A5%2C%22city%22%3A%22Berlin%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A4%2C%22domain_id%22%3A250341%2C%22domain_test_group%22%3A20230806%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A2%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221004%2C1006%2C1100%2C1133%2C1135%2C1137%2C1191%2C1192%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22b757f9b7-28b4-4f6d-749f-e980d68eff02%22%2C%22position_selection_id%22%3A46%2C%22postal_code%22%3A%2210249%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A120890%2C%22response_time_orig%22%3A5%2C%22serverid%22%3A%22i-0ec29ab5c1c975868%22%2C%22state%22%3A%22BE%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1133%2C1135%2C1137%2C1191%2C1192%2C1280%22%2C%22t_epoch%22%3A1678084786%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Feasy-fengshui.com%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A482%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: br
access-control-max-age: 1728000
access-control-allow-methods: HEAD, PUT, POST, GET, OPTIONS
content-type: image/gif
access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
access-control-allow-headers: Content-Type
content-length: 47
expires: Sun, 05 Mar 2023 06:39:47 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 21 KB
9 KB 187ms
49ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 79b87df922384438d3c4a7e6f3b2ebaef856e7b2ddc5f15e279dc7167c33553c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: gzip
etag: "liYNKlRv1+e+pwbkZBrDjQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 13 Mar 2023 06:39:47 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 style.min.css
easy-fengshui.com/wp-includes/css/dist/block-library/ 10 KB
10 KB 68ms
55ms Image
text/css 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easy-fengshui.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1&ez_used_css_s=13
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 UTC
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;9df2b51d7762dd82c8a2ec8cf16f3421;2-250341-5;195a2365-178c-4c90-4662-42c7380d0e43
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: W/"6374af0d-172a9-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
x-ez-minify-css: 1.03% 10112 / 10217
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 classic-themes.min.css
easy-fengshui.com/wp-includes/css/ 0
51 B 62ms
50ms Image
text/css 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easy-fengshui.com/wp-includes/css/classic-themes.min.css?ver=1&ez_used_css_s=13
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 UTC
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;ada56ccc97f5502ee6e276f726bb833c;2-250341-5;a8834877-1421-4b4c-4cf7-37cca6cf6851
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 0
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: W/"6364df47-d9"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
x-ez-minify-css: NaN% 0 / 0
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 screen.min.css
easy-fengshui.com/wp-content/plugins/table-of-contents-plus/ 768 B
768 B 96ms
83ms Image
text/css 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easy-fengshui.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2302&ez_used_css_s=13
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 UTC
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;720c66d6e75769c73712bc929d7f1d60;2-250341-5;dbc2a05e-f8b8-41d4-5272-9ce51d091178
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 265
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: W/"63efe66e-484-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
x-ez-minify-css: 1.29% 768 / 778
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 style.css
easy-fengshui.com/wp-content/themes/acabado-1/ 22 KB
22 KB 95ms
77ms Image
text/css 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easy-fengshui.com/wp-content/themes/acabado-1/style.css?ver=6.1.1&ez_used_css_s=13
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 UTC
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;84d3e1aa57ea9f677466a1d400fcd64a;2-250341-5;e7c859ae-27ec-4970-50af-a11ed0e11e0e
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: W/"5f634434-98ac-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
x-ez-minify-css: 2.11% 22188 / 22666
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 sassy-social-share-public.css
easy-fengshui.com/wp-content/plugins/sassy-social-share/public/css/ 2 KB
2 KB 75ms
57ms Image
text/css 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easy-fengshui.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.46&ez_used_css_s=13
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 UTC
content-encoding: br
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;f27b19470521a65c5002dd9cabe60473;2-250341-5;3441e240-4bf0-4062-7ea4-65f22a6a6293
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 720
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: W/"63efe66a-25e4-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
x-ez-minify-css: 5.27% 1888 / 1993
content-type: text/css
cache-control: public, max-age=31536000

GET
H2 200 cmbdv2.js Show response
easy-fengshui.com/detroitchicago/ 41 KB
10 KB 60ms
43ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y1c-5y61-22&cmbcb=125&sj=x03x0cx1cx61&abt=WaitForHBShorterTimeout
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: c131d64323cd52cfc1b0b2cca82e13defc13f24e0e7b504dfb90dc9e487855bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: br
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 Feng-Shui-Ideas-For-Front-Doors-Facing-North-241x300.jpg
easy-fengshui.com/wp-content/uploads/2022/10/ 9 KB
10 KB 170ms
157ms Image
image/webp 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easy-fengshui.com/wp-content/uploads/2022/10/Feng-Shui-Ideas-For-Front-Doors-Facing-North-241x300.jpg?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cedbc25e5b4620fcf63b979f97ace45dc466f0916d711242bfb166c5e4bf131e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;2960ab5e1c1c8e3ab92c4a620a3e29d9;2-250341-5;510c1025-dcea-45c5-7875-16eb795467fc
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: "635d4d0a-47b1-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
content-type: image/webp
cache-control: public, max-age=31536000

GET
H2 200 Good-Luck-Plants-For-Front-Doors-300x205.jpg
easy-fengshui.com/wp-content/uploads/2022/10/ 13 KB
13 KB 146ms
133ms Image
image/webp 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easy-fengshui.com/wp-content/uploads/2022/10/Good-Luck-Plants-For-Front-Doors-300x205.jpg?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ae22285bc52c5011232e5889e7db16760704e3d9bb6d6e9328009b9a3e2707cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;1801f9985260fbab165e0dba8f87d302;2-250341-5;a711264e-7d02-4346-5980-63d1210f538c
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: "635cd809-4f06-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
content-type: image/webp
cache-control: public, max-age=31536000

GET
H2 200 Options-For-a-Bathroom-With-Two-Entry-Doors.png
easy-fengshui.com/wp-content/uploads/2022/10/ 5 KB
5 KB 205ms
192ms Image
image/webp 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easy-fengshui.com/wp-content/uploads/2022/10/Options-For-a-Bathroom-With-Two-Entry-Doors.png?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 60765d01598150b48a0636ab1f1098e0e773224174643fd635b2aac2c43b8ba4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;a407452c4e8b370b6f0843eb411f6a17;2-250341-5;74e682f4-6d06-45da-4626-eeab0f0426a2
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: "635ca5ab-bfca-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
content-type: image/webp
cache-control: public, max-age=31536000

GET
H2 200 Fascinating-AMETHYST-CAVE-FACTS-300x199.jpg
easy-fengshui.com/wp-content/uploads/2022/10/ 15 KB
15 KB 134ms
122ms Image
image/webp 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easy-fengshui.com/wp-content/uploads/2022/10/Fascinating-AMETHYST-CAVE-FACTS-300x199.jpg?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f6065e8b9394ac63e10adbba6138c9cceedb66763fd84fbde620c97119520304

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;fcf05952e4d08c6a0b3dcba8ecd0f381;2-250341-5;db25f218-f4cc-4553-7b01-7c65ec5b1185
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: "635c9d93-5709-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
content-type: image/webp
cache-control: public, max-age=31536000

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 140ms
48ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 141ms
49ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
622 B 651ms
650ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2051008498528973&correlator=3581692186890760&eid=31072029%2C31072701%2C44785063&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fifs&iu_parts=1254144%3A22489788787%2Ceasy_fengshui_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=2&adks=2260493737&didk=4055843434&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D162533688047963%26eid%3D162533688047963%26t%3D134%26d%3D250341%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod129%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Deasy_fengshui_com-medrectangle-2-162533688047963%26eb_br%3D23b5ca1d9de2587e6a4ecfd33d61b709%26eba%3D1%26ebss%3D10061%2C10015%26asau%3D6150187837%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D38%26br2%3D18%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C4276&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1678084787205&lmt=1678084787&dlt=1678084786650&idt=494&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Feasy-fengshui.com%2F&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&ga_vid=1462555817.1678084787&ga_sid=1678084787&ga_hid=1141971450&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63ffabeb0bea35922c70744a544bd15feffc90a645886a93b427b4b5abdcf4a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 592
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://easy-fengshui.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D6BB 6 KB
3 KB 255ms
85ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easy-fengshui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 06:39:47 GMT
expires: Tue, 05 Mar 2024 06:39:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
609 B 414ms
413ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2051008498528973&correlator=2219978939618451&eid=31072029%2C31072701%2C44785063&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fifs&iu_parts=1254144%3A22489788787%2Ceasy_fengshui_com-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=3&adks=478332810&didk=2508132885&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D6892190754035060%26eid%3D6892190754035060%26t%3D134%26d%3D250341%26t1%3D134%26pvc%3D0%26ap%3D1192%26sap%3D1192%26as%3Drevenue%26plat%3D1%26bra%3Dmod129%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Deasy_fengshui_com-edge-2-6892190754035060%26eb_br%3Dfe5b0c99ab7ba15f050582be1301303f%26eba%3D1%26ebss%3D10061%2C10015%26asau%3D6150187837%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D46%26br2%3D22%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C4276&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1678084787219&lmt=1678084787&dlt=1678084786650&idt=494&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Feasy-fengshui.com%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&ga_vid=1462555817.1678084787&ga_sid=1678084787&ga_hid=1141971450&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

959a87c14e5b4e80327ea0e4c321ae1a8b1dac7162f700d965847d037cd1b779

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 579
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://easy-fengshui.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
609 B 501ms
501ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2051008498528973&correlator=3245209135225406&eid=31072029%2C31072701%2C44785063&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fifs&iu_parts=1254144%3A22489788787%2Ceasy_fengshui_com-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=4&adks=3140113942&didk=2508133916&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D5357630458078874%26eid%3D5357630458078874%26t%3D134%26d%3D250341%26t1%3D134%26pvc%3D0%26ap%3D1191%26sap%3D1191%26as%3Drevenue%26plat%3D1%26bra%3Dmod129%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Deasy_fengshui_com-edge-1-5357630458078874%26eb_br%3D674294a1b21a1e89fc99c14c9b17be44%26eba%3D1%26ebss%3D10061%2C10015%26asau%3D6150187837%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D28%26br2%3D14%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C4276&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1678084787226&lmt=1678084787&dlt=1678084786650&idt=494&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Feasy-fengshui.com%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&ga_vid=1462555817.1678084787&ga_sid=1678084787&ga_hid=1141971450&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22fb3a8821a3304ddc698bfebff4aa3e1e33992168d2b43dbc0f62231ec79e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 579
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://easy-fengshui.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
77 KB 64ms
58ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HGYWCRQ4HX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-178426094-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f754eea03f99491e935fb1d6a67e6a729dfbf6a6fd5c060716e5c3a725526e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78736
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 06 Mar 2023 06:39:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 195ms
60ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-178426094-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 06 Mar 2023 05:17:30 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4937
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 06 Mar 2023 07:17:30 GMT

GET
H2 200 ca-pub-4916289523661847 Show response
fundingchoicesmessages.google.com/i/ 126 KB
43 KB 254ms
102ms Script
application/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-4916289523661847?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4916289523661847&plah=easy-fengshui.com&bust=31072648

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0321cfd1a1b3396f46d29e918f7fab56a8d6d2f3df0540b4b5ab9dea5a0c329a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zqJKHLtpwZPkVLDgHKWY5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-zqJKHLtpwZPkVLDgHKWY5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Feng-Shui-and-Placement-of-a-Dining-Table-in-Front-of-the-Main-Door-300x194.jpg
easy-fengshui.com/wp-content/uploads/2022/10/ 8 KB
8 KB 114ms
114ms Image
image/webp 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easy-fengshui.com/wp-content/uploads/2022/10/Feng-Shui-and-Placement-of-a-Dining-Table-in-Front-of-the-Main-Door-300x194.jpg?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2f38486d9f3d66dad63fa3905183ec9cc7dbce134e01d16cad0c3c0a48093726

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;8fe515accafcf2fe5d84c96981024b9b;2-250341-5;4ea5dfae-13a4-4422-59d8-e87196073550
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: "635c9485-3b37-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
content-type: image/webp
cache-control: public, max-age=31536000

GET
H2 200 The-Word-Sin-in-the-Bible-300x150.jpg
easy-fengshui.com/wp-content/uploads/2022/10/ 1 KB
2 KB 117ms
116ms Image
image/webp 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easy-fengshui.com/wp-content/uploads/2022/10/The-Word-Sin-in-the-Bible-300x150.jpg?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2ea7942aa142b52b622882cacdc3373be6c86d6a93029b2efb8ed2230b3f7783

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;7be686e3ac52f11b60345fb92be1e6ae;2-250341-5;12e8c82e-6f7d-4ad1-4241-5f6d2bbcdffe
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: "635c889a-119d-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
content-type: image/webp
cache-control: public, max-age=31536000

GET
H2 200 healing-bracelet1.jpg
easy-fengshui.com/ezoimgfmt/healingpicks.com/wp-content/uploads/2023/01/ 16 KB
16 KB 105ms
105ms Image
image/webp 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easy-fengshui.com/ezoimgfmt/healingpicks.com/wp-content/uploads/2023/01/healing-bracelet1.jpg?ezimgfmt=rs:333x333/rscb1/ng:webp/ngcb1
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e8caeadac8b22f021fb30c1429fad91dbf342fc78a36a6b08d32157fac9200e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;c42ff9ce38a50c8625f2331901980a4e;2-250341-5;925a032a-980e-4747-426b-cdcf687f5e81
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: "63d860ef-bc01-gzip-gzip"
x-origin-cache-control: public, max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
content-type: image/webp
cache-control: public, max-age=31536000

GET
H2 200 play Show response
videosvc.ezoic.com/ 645 B
684 B 172ms
46ms XHR
application/json 18.192.139.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://videosvc.ezoic.com/play?videoID=78dce9f40517dccd6de9c1a4cf79a37f57601337&manifest=dash

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

18.192.139.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-192-139-0.eu-central-1.compute.amazonaws.com

Software

openresty/1.15.8.2 /

Resource Hash

9df4cda65d32663b18841da783940ec3b7e40efb8d84c037d03d63b65ee6b5b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
server: openresty/1.15.8.2
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://easy-fengshui.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 160 B
632 B 153ms
40ms Script
application/javascript 2600:9000:20eb:d800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:d800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 05:44:52 GMT
via: 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 3296
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:41:49 GMT
server: AmazonS3
etag: "af15ecfe46737cb2a37226fd060f23a6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: amTG_DKBT4XraNFLg5Y_cgFLvUqsUX7W04GVdmEoYlPm-JtYdu5PpA==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 135ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HGYWCRQ4HX&gtm=45je3310&_p=1141971450&cid=1462555817.1678084787&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678084787&sct=1&seg=0&dl=https%3A%2F%2Feasy-fengshui.com%2F&dt=Home%20-%20Easy%20Feng%20Shui&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HGYWCRQ4HX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://easy-fengshui.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
23 B 51ms
50ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODU3OTgxNTQ1NjAxNzgwMCIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVhc3lfZmVuZ3NodWlfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjc4MDg0Nzg2LCJhZF9wb3NpdGlvbiI6MTEzMywiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOjEsImRhdGEiOlt7Im5hbWUiOiJzdGF0X3NvdXJjZV9pZCIsInZhbCI6IjQ0In1dLCJpc19vcmlnIjowfV0=
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:47 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:47 GMT

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
16 B 51ms
51ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODU3OTgxNTQ1NjAxNzgwMCIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVhc3lfZmVuZ3NodWlfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjc4MDg0Nzg2LCJhZF9wb3NpdGlvbiI6MTEzMywiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOjEsImRhdGEiOlt7Im5hbWUiOiJhZHNlbnNldHlwZSIsInZhbCI6IjEifV0sImlzX29yaWciOjB9XQ==
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:47 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:47 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
207 B 73ms
72ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1141971450&t=pageview&_s=1&dl=https%3A%2F%2Feasy-fengshui.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Easy%20Feng%20Shui&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1289393154&gjid=277589340&cid=1462555817.1678084787&tid=UA-178426094-1&_gid=2089986146.1678084787&_r=1&gtm=457e3310&did=dZTNiMT&gdid=dZTNiMT&z=55670977

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://easy-fengshui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://easy-fengshui.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=121220643;labels=Domain.easy_fengshui_com%2CDomainId.250341;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Feasy-fengshui.com%2F;uht=2;fpan=1;fpa=P0-1007042381-1678084787332;pbc=;ns=0;ce=1;qjs=1;q...
pixel.quantserve.com/ 35 B
371 B 42ms
41ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=121220643;labels=Domain.easy_fengshui_com%2CDomainId.250341;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Feasy-fengshui.com%2F;uht=2;fpan=1;fpa=P0-1007042381-1678084787332;pbc=;ns=0;ce=1;qjs=1;qv=463953fd-20230224153512;cm=;gdpr=0;ref=;d=easy-fengshui.com;dst=0;et=1678084787488;tzo=0;ogl=title.Home%2Cdescription.%2Ctype.website%2Curl.https%3A%2F%2Feasy-fengshui%252Ecom%2F%2Csite_name.Easy%20Feng%20Shui;ses=8bebb49e-3502-41fd-826e-dff4a72f7d8b

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:47 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 GARxvTBdYHcMNzXZ_upload_t1649296708-AFbqUn.jpg
easy-fengshui.com/ezoimgfmt/streaming.humix.com/poster/GARxvTBdYHcMNzXZ/ 7 KB
7 KB 182ms
181ms Image
image/webp 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easy-fengshui.com/ezoimgfmt/streaming.humix.com/poster/GARxvTBdYHcMNzXZ/GARxvTBdYHcMNzXZ_upload_t1649296708-AFbqUn.jpg?ezimgfmt=ng%3Awebp%2Fngcb1%2Frs%3Adevice%2Frscb1-1
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: cloudflare /
Resource Hash: 9c81090aef65b8f5c711c5571ad439669b621e60d1966b175353f5ad0ec7ec3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 UTC
content-encoding: br
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-amz-cf-pop: FRA56-P4
x-ezoic-cdn: Hit ds;ds;3d2eeaba7b0beadb73133f86b6cf9892;2-250341-5;381fabbc-d0d4-4ae0-78ca-01e4ecdbdd6c
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
content-disposition: attachment
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: cloudflare
etag: "ca119d5e119ceb8c9068dddc13cb1cc6-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWAgOh9mIBhmQ%2ByiObze%2BJwkDid2gCCVKkREkvYn14SX8pSRmyWC61mOs26VYgrvcJ1KOZtKhfpeN655dlVGC6RTYcBHMTAqAm1isk524IH%2Bj9zDl8RT2tQhWe2ByKIKaoGAXu43"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
cf-ray: 793531752c616921-FRA
x-amz-cf-id: gZvtS4h4EG42cf7H1Mq-nsGqVJhklVuumzA0BbGxeiP2KEiDTXUdOw==

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ad6b4cd9fdd1156ea742d8806d7d22f787ac9570a365aaa3a4903e25fc820c6

Request headers

Referer
Origin: https://easy-fengshui.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 bridge3.559.1_de.html Show response
imasdk.googleapis.com/js/core/ Frame 294C 691 KB
221 KB 41ms
40ms Document
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.559.1_de.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d1091b993c1a19cdbb62d4038a3e9d26968cd5ea82b6ab3230ec39c2de64888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easy-fengshui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 296910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 226074
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 20:11:17 GMT
expires: Fri, 01 Mar 2024 20:11:17 GMT
last-modified: Thu, 02 Mar 2023 20:07:09 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 311ms
50ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 06 Mar 2023 06:39:47 GMT

GET
H2 200 vid.gif
easy-fengshui.com/detroitchicago/ 43 B
74 B 45ms
45ms Image
image/gif 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easy-fengshui.com/detroitchicago/vid.gif?e=%5B%7B%22domain_id%22%3A250341%2C%22owner_domain_id%22%3A250126%2C%22url%22%3A%22https%3A%2F%2Feasy-fengshui.com%2F%22%2C%22pageview_id%22%3A%22b757f9b7-28b4-4f6d-749f-e980d68eff02%22%2C%22visit_uuid%22%3A%22043ad337-c4db-4991-70bd-ceb7e1615690%22%2C%22template_id%22%3A134%2C%22video_impression_id%22%3A%228cc77278-8f83-424b-a707-786faf3d3a04%22%2C%22media_src%22%3A%22https%3A%2F%2Fstreaming.humix.com%2Fa8f8eb4bd1c479ce00682770852fd082%2Fout%2Fv1%2F70cf540a9acd42bdb4db512451ce7dad%2F0b404f708c214d878e7071e46f5679e8%2F1a473784f8194837876a8a0a771b5b66%2Findex.mpd%22%2C%22player_type%22%3A%22HTML5%22%2C%22video_title%22%3A%22Basic%20Feng%20Shui%20Rules%20and%20Tips%20for%20the%20Bedroom%22%2C%22video_position_id%22%3A1%2C%22is_autoplay%22%3A1%2C%22is_floating%22%3A1%2C%22floating_option%22%3A1%2C%22is_playlist_item%22%3A0%2C%22is_preferred%22%3Afalse%2C%22vab_test_id%22%3A%22vmod1-c%22%2C%22vab_test_val%22%3A%22%22%2C%22video_length%22%3A40907%2C%22content_id%22%3A%2278dce9f40517dccd6de9c1a4cf79a37f57601337%22%2C%22width%22%3A333%2C%22height%22%3A187%2C%22pos_x%22%3A1067%2C%22pos_y%22%3A192%2C%22video_objects_count%22%3A1%2C%22video_objects_index%22%3A1%2C%22video_selection_type%22%3A2%2C%22video_match_score%22%3A77%2C%22is_blocker_on%22%3A0%7D%5D
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: br
vary: Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Sun, 05 Mar 2023 06:39:47 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 50ms
48ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 49ms
49ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 GARxvTBdYHcMNzXZ_j1642158260589-csj37x_t1642158295.vtt Show response
streaming.humix.com/thumbnails/GARxvTBdYHcMNzXZ/ 525 B
1 KB 252ms
57ms XHR
binary/octet-stream 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/thumbnails/GARxvTBdYHcMNzXZ/GARxvTBdYHcMNzXZ_j1642158260589-csj37x_t1642158295.vtt
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52886e55e7c66554dcb65b9fe4743220961c7bb6f15b131d7ecd81fd00bad8aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 525
last-modified: Fri, 14 Jan 2022 11:05:00 GMT
server: cloudflare
etag: "49a10081132ba2319a6eca164ec05491"
vary: Origin, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBM9Tg01DAg2n2djdOD%2BH0vZBKrpSCo1l0rBvqPQTkHRGVbzfRNrFM%2FO%2FFoIUYHIc4MVWqrruAQ0XWzl8LrXd7%2Faf9siOfwvxxuKxX%2FFEXs27Fmdhp9vmq0uNMDsmBwbPfTLtVMpt1ZOvP%2Bodbyup%2FTs"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a389a83ef653675-FRA
x-amz-cf-id: 6uj3ZD9MfKip6sIP8DSq4LB9dBu4-vnLwEQ0C0jcqQr6YZgQx7dU3A==

GET
H2 200 index.mpd Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/1a473784f8194837876a8a0a771b5b66/ 4 KB
4 KB 223ms
223ms XHR
application/dash+xml 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/1a473784f8194837876a8a0a771b5b66/index.mpd
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dacc6675b1c1e50b22a697f556e42381d75e1c8ec33990d6af74e13c42a987f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:48 GMT
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3646
last-modified: Mon, 06 Mar 2023 06:39:48 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVcpFE7x9EXHBa0f5AZyeZBD2ZCdkrerp4C%2Buv4nuELVop3rwqm4DZ9CXAZegRGiuIIkcp9zLUdecdkIUArEJ38hzYGo2NEsgPpZ7Z1JUi5Y0%2F7uQBljc3ls%2B5LEP3f3WQI2%2BsJuHDV37cGbopSbox8f"}],"group":"cf-nel","max_age":604800}
content-type: application/dash+xml
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389a83ef683675-FRA
x-mediapackage-request-id: Root=1-64058ab3-46b2373f12f3db3f60db9e91
x-amz-cf-id: dvKdZwqCHL2QnkoO9qO7fXwnwR5k9MQwreDdVcOtHnNVh5-xYE6Djw==

POST
H2 204 greenoaks.gif
easy-fengshui.com/detroitchicago/ 0
76 B 42ms
40ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiNzU3ZjliNy0yOGI0LTRmNmQtNzQ5Zi1lOTgwZDY4ZWZmMDIiLCJkb21haW5faWQiOiIyNTAzNDEiLCJ0X2Vwb2NoIjoxNjc4MDg0Nzg2LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYjc1N2Y5YjctMjhiNC00ZjZkLTc0OWYtZTk4MGQ2OGVmZjAyIiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidF9lcG9jaCI6MTY3ODA4NDc4NiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDMtMDYifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI2In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjEifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInRfZXBvY2giOjE2NzgwODQ3ODYsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInRfZXBvY2giOjE2NzgwODQ3ODYsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYjc1N2Y5YjctMjhiNC00ZjZkLTc0OWYtZTk4MGQ2OGVmZjAyIiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidF9lcG9jaCI6MTY3ODA4NDc4NiwiZGF0YSI6W3sibmFtZSI6InRpbWVyX2ZpcnN0X2FkX3JlcXVlc3QiLCJ2YWwiOiIxMTQ2In1dfV0=
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:47 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:47 GMT

GET
BLOB 200
OK 4dbbdb8b-a284-4d1b-94cb-06271197bdf5
https://easy-fengshui.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://easy-fengshui.com/4dbbdb8b-a284-4d1b-94cb-06271197bdf5
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c12e54fac2a52a04d3c8b0c7af32ae3ddce2134dcbeeae215e2e1ec691dd9aab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length: 5497
Content-Type: application/javascript

GET
BLOB 200
OK 12a53930-9ae0-45d4-bec6-eeef9d7662e5
https://easy-fengshui.com/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://easy-fengshui.com/12a53930-9ae0-45d4-bec6-eeef9d7662e5
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: accdfd1ed287d30475e76e8a486c57f5251940b8137efb68ceec84bc8f63b6e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length: 79363
Content-Type: application/javascript

GET
BLOB 200
OK bfdabbc7-80a0-44ab-93b8-bc3cd00badd2
https://easy-fengshui.com/ 78 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://easy-fengshui.com/bfdabbc7-80a0-44ab-93b8-bc3cd00badd2
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: accdfd1ed287d30475e76e8a486c57f5251940b8137efb68ceec84bc8f63b6e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length: 79363
Content-Type: application/javascript

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
562 B 148ms
49ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=easy-fengshui.com&callback=_gfp_s_&client=ca-pub-4916289523661847&cookie=ID%3D857dc3e5e1b593cd%3AT%3D1678084787%3AS%3DALNI_Mbs74r5W9qrXjsgxUzj6RQep9pWnw&gpic=UID%3D00000bc0f38e9f89%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MZeWBT8eVsXRRfNNnQ4EqsdBINOSg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72e5a0e1ceffe4cdf684145cb818dbb482c68f3f848a0f8d41d08ed6d93a926b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 211
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 51ms
50ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B78A 77 KB
32 KB 608ms
608ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4916289523661847&output=html&h=250&adk=4176011913&adf=2827111385&w=250&lmt=1678084787&rafmt=12&channel=4430082836&format=250x250&url=https%3A%2F%2Feasy-fengshui.com%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678084786961&bpp=4&bdt=310&idt=287&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D857dc3e5e1b593cd%3AT%3D1678084787%3AS%3DALNI_Mbs74r5W9qrXjsgxUzj6RQep9pWnw&gpic=UID%3D00000bc0f38e9f89%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MZeWBT8eVsXRRfNNnQ4EqsdBINOSg&correlator=395500658622&frm=20&pv=2&ga_vid=1462555817.1678084787&ga_sid=1678084787&ga_hid=1141971450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=1006&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926%2C31072648%2C31072727&oid=2&pvsid=2051008498528973&tmod=1671322955&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=0ywExLuFRL&p=https%3A//easy-fengshui.com&dtd=931

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e6e0b2896daa0cf747b87ac657aeaeadc3b9e65f23c4cd87a4b740ffcde5a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easy-fengshui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 32074
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 06:39:48 GMT
expires: Mon, 06 Mar 2023 06:39:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxX8HzXySbHoGxTyDO3Q0MsivbNF1WPeMafLh6VcCENa1XfjZqwL8ftVOM2MVa2D3G_632j1bKNPe4SoH8M4wzc= Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 102ms
101ms Script
application/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX8HzXySbHoGxTyDO3Q0MsivbNF1WPeMafLh6VcCENa1XfjZqwL8ftVOM2MVa2D3G_632j1bKNPe4SoH8M4wzc=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc4MDg0Nzg3LDg5NjAwMDAwMF0sIjZDNjBCMTczLUJFMEUtNDE1Mi1BNjY1LUFGQzYyQ0FEMDEwRiIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cHM6Ly9lYXN5LWZlbmdzaHVpLmNvbS8iLG51bGwsW1s4LCJVcFR6VUN3ZVZPSSJdLFs5LCJkZSJdLFsxNiwiW3RydWUsdHJ1ZSx0cnVlXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UpTzUCweVOI.es5.O/d=1/rs=AJlcJMw-olW16GoK-0MaWgyCtJJjuaWJRg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4c580235f347a00e215ca15a6662ec5cde7f50bac649df3f616c76e7c944c1d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-h2VH0HMvfU4tcwD9PFxRYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-h2VH0HMvfU4tcwD9PFxRYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 53ms
53ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 52ms
52ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 190 KB
49 KB 706ms
706ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2051008498528973&correlator=852000647630894&eid=31072029%2C31072701%2C44785063&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22489788787%2Ceasy_fengshui_com-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&adks=3129659041&didk=4230366257&sfv=1-0-40&ists=1&fas=8&prev_scp=ic%3D1%26ezoic%3D1%26iid1%3D614728478033215%26tap%3Deasy_fengshui_com-pixel1-614728478033215%26ap%3D9999%26br2%3D16%26ga%3D2497208%26bvr%3D8%26al%3D1006%26reft%3Dn%26d%3D250341%26eb_br%3De66c30deca31b19eda212eeca1258584%26br1%3D24%26bra%3Dmod129&eri=1&sc=1&cookie=ID%3D7f8a955e5581078d%3AT%3D1678084787%3AS%3DALNI_Ma6G3lEk_BEA7zs0AMhXqEg7VVEZw&gpic=UID%3D00000bc0f3163385%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MYHq36mAlS2XlqNgofVtDCYNDuC8A&abxe=1&dt=1678084788005&lmt=1678084788&dlt=1678084786650&idt=494&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Feasy-fengshui.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7&ga_vid=1462555817.1678084787&ga_sid=1678084787&ga_hid=1141971450&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ca1e42809df2cd21894922d1535a36406184ed88dfe665a0ca32dd9b18f68ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50076
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://easy-fengshui.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads_2023022801.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
14 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023022801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0142db7f33a249d1f0861c64f7146ed5e6e05ec48d1614c98bae6b028f7fcd82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 15:49:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13798
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 09:36:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 28 Feb 2024 15:49:02 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 294C 156 B
884 B 674ms
481ms XHR
text/xml 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?correlator=2313350464459725&description_url=https%3A%2F%2Feasy-fengshui.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=640x480%7C400x300%7C1x1&unviewed_position_start=1&url=https%3A%2F%2Feasy-fengshui.com%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22489788787%2F250341-shared-video-1&vid_d=40&vid_kw=Feng%20Shui%2CFeng%20Shui%20Rules%2CBedroom%20feng%20shui%2CBed%20Placement%2CBedroom%20Accessories%2CChinese%20Feng%20Shui&vid_t=Basic%20Feng%20Shui%20Rules%20and%20Tips%20for%20the%20Bedroom&vpa=auto&cust_params=ap%3D1%26d%3D250341%26eb_br%3D736e09a0771285737509ab8954c475a7%26ft%3D0%26ic%3D1%26iid1%3D1643048870057738%26plat%3D1%26t%3D134%26tap%3D250341-shared-video-1-1643048870057738&sdkv=h.3.559.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=2858412214&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.559.1&sid=AE64AD01-7BD4-430C-890E-32041E51590F&nel=0&eid=44748969%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991%2C44785452&top=https%3A%2F%2Feasy-fengshui.com%2F&loc=https%3A%2F%2Feasy-fengshui.com%2F&dt=1678084788014&cookie_enabled=1&scor=4156373998177386&ged=ve4_td1_tt0_pd1_la1000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.559.1_de.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUIVou9u08wQyo939FWg5Ex3--_K3pk4ax8zEWCtL9Rfp9K-gAHWog99BQworqG-iohJWsOa-ljAHarGKyPXtk= Show response
fundingchoicesmessages.google.com/el/ 0
28 B 188ms
81ms XHR
text/html 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUIVou9u08wQyo939FWg5Ex3--_K3pk4ax8zEWCtL9Rfp9K-gAHWog99BQworqG-iohJWsOa-ljAHarGKyPXtk=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--e8rehVyvQ4im42e7MR6Tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://easy-fengshui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Mar 2023 06:39:48 GMT
content-security-policy: script-src 'report-sample' 'nonce--e8rehVyvQ4im42e7MR6Tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://easy-fengshui.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXdCRxMIvA-ZTVJtw-A_aMLeiPcbQXDEHBNup1xa8Kzuu3OM8LQDmCv_A4tyWUGO7lpYgb7vMt_pdJ5fBTktwhtLMiiXmLWMTFs94APRBdivt6q5jLYs5BU6UEUGoy1hyQjX8xY2A== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 109ms
109ms Script
application/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXdCRxMIvA-ZTVJtw-A_aMLeiPcbQXDEHBNup1xa8Kzuu3OM8LQDmCv_A4tyWUGO7lpYgb7vMt_pdJ5fBTktwhtLMiiXmLWMTFs94APRBdivt6q5jLYs5BU6UEUGoy1hyQjX8xY2A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc4MDg0Nzg4LDMxMDAwMDAwXSwiNkM2MEIxNzMtQkUwRS00MTUyLUE2NjUtQUZDNjJDQUQwMTBGIixudWxsLG51bGwsW251bGwsWzcsMTBdLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxLDFdLCJodHRwczovL2Vhc3ktZmVuZ3NodWkuY29tLyIsbnVsbCxbWzgsIlVwVHpVQ3dlVk9JIl0sWzksImRlIl0sWzE2LCJbdHJ1ZSx0cnVlLHRydWVdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f9a1ab7f414c37204a3cfdabac2d389e3115a032be6251d424d07d402169ef4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dDApa7Lr-JKoCyzu8TGcYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dDApa7Lr-JKoCyzu8TGcYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index_video_1_0_init.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 750 B
1 KB 53ms
52ms XHR
application/octet-stream 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_video_1_0_init.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df955c68960b0a017cfc5f2f2e50e3718809e4c64e0482da558c67dfd19425cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:48 GMT
via: 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 750
last-modified: Sun, 05 Mar 2023 11:20:50 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqrbnMW%2FZeanrW2239JWB0%2F56uI9BayHXceF0AoaqhzEAVHe5KPVRpWX8Zp7J%2FL4Wrk%2FglflaSXnfDfjBw7Pmbcf4Gniy%2FGhkx7rgZExSXUDruWVWglfJ0gxYqPZERzsxi8RxTTOlisW6l5n1HtNSe44"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389a86997b3675-FRA
x-mediapackage-request-id: Root=1-64047b12-6d494dac1d3a23493f48ae8b
x-amz-cf-id: L-pXNKriM5O1eyHftnTdiqZQju7-Xdu1zMaXt2oCZkubpxxYAE8wAg==

GET
H2 200 index_video_1_0_1.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 53 KB
53 KB 64ms
63ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_video_1_0_1.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef54889dbe3a25870400057fbc1ac0c149919f9a72a7530c5624ff369c1b241f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:48 GMT
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54196
last-modified: Mon, 06 Mar 2023 06:39:48 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBX0VG7isFtvtOUO7BgLchcsFeiR0C1r7VDJqqb%2BLBhB1ZOOpPEDgouvTjlwunyd79wqqxO%2FROffBNNCyP7xbD%2Falv5Y4x9xEgH9hoymk9dA4EOeydrjTCSwXlGo63Ucna7N4wOZuR0vJF3VT%2Bp%2B%2B4wW"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389a86997d3675-FRA
x-mediapackage-request-id: Root=1-640460cb-1adeef293601073246300594
x-amz-cf-id: Mntl9QdqiMfw9TRzzdVJZV28zEKPE2fzX4i5-tVVnRPliXq3PodM_Q==

GET
H3 200 index_audio_4_0_init.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 638 B
1 KB 378ms
378ms XHR
application/octet-stream 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_audio_4_0_init.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63c4a819b4c958f33d3c7595a39731f0ee1376153811f34d3dc39848ec26295a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:48 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 638
last-modified: Mon, 06 Mar 2023 06:39:48 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDUXzgMiE5acrizZlZsG4lqlqsTYCWefRl3l59SE1%2FNxv%2FG0gIbsXMs5d9C%2Fd1AXZX5Lc0Xy0SgjODFLqQ5CegAlJhYIDbe%2B0TtpUwN4e10ONcKa4ZThw0TPhUZQW4HqXg%2Fbd7j1vmrS4kMKu3iLF%2Frk"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389a87b8dc9043-FRA
x-mediapackage-request-id: Root=1-64058ab4-7769431849af57632d5db2a4
x-amz-cf-id: oYKfMDeoj2UDzJGtiXcUddaCNb_mwlAKeauVTANA8DJNIy_hi-i1Kg==

GET
H3 200 index_audio_4_0_1.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 43 KB
43 KB 60ms
59ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_audio_4_0_1.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3136cfb1a121780a820c16628f03d0bc087212b1adaa4d4ecff40eda85aa7d6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:48 GMT
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43604
last-modified: Mon, 06 Mar 2023 06:39:48 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IliTeh0WlT7tDNz1e6bctnRRmpEvLoJY5kz5o9yELSGMFL%2B3Z8ZKJfpNv5L0Quc%2BV42q3oER45kXXsYlt1ttnY7tqvWYpltcB3N0Um6WG27%2B1oBSEBHczQ6AZIn%2F2x7Ssy9ssGMjn8lie5XOnwyoqzrP"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389a87b8de9043-FRA
x-mediapackage-request-id: Root=1-640460cb-5228d5f2483429e46a29686c
x-amz-cf-id: pRtgC-VsrjXfWBCZBld08gS7xJGVYdMm8QSVVs7yCJ6qzkOB9D8QFw==

GET
H2 200 6183049517649848941
tpc.googlesyndication.com/simgad/ Frame B78A 15 KB
15 KB 293ms
90ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6183049517649848941?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkN76UOB5iBLZVN-MAPKRHFzHEHBA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4916289523661847&output=html&h=250&adk=4176011913&adf=2827111385&w=250&lmt=1678084787&rafmt=12&channel=4430082836&format=250x250&url=https%3A%2F%2Feasy-fengshui.com%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678084786961&bpp=4&bdt=310&idt=287&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D857dc3e5e1b593cd%3AT%3D1678084787%3AS%3DALNI_Mbs74r5W9qrXjsgxUzj6RQep9pWnw&gpic=UID%3D00000bc0f38e9f89%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MZeWBT8eVsXRRfNNnQ4EqsdBINOSg&correlator=395500658622&frm=20&pv=2&ga_vid=1462555817.1678084787&ga_sid=1678084787&ga_hid=1141971450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=1006&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926%2C31072648%2C31072727&oid=2&pvsid=2051008498528973&tmod=1671322955&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=0ywExLuFRL&p=https%3A//easy-fengshui.com&dtd=931

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c14c44f9400c6362d84a6d1e30955fb1b648bbcf248ebff1c6730687cfc17fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 10:20:50 GMT
x-content-type-options: nosniff
age: 418738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15413
x-xss-protection: 0
last-modified: Fri, 03 Dec 2021 18:36:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Feb 2024 10:20:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B78A 0
0 84ms
84ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVGJis4oFZLz0OOWU9u8Pj4qb6AmKnceeb_-sn_afEAsQASCkqLNWYJWCgIC0B6ABmY7Z6gLIAQKoAwHIA8kEqgTZAU_QZkZybKLFTo32gN18_OzHVNd-hFJdAA1acnGQAKivOEPDo10qBIupzFVZhzBHIMA9xfCYAtGFbd5oxVbrWpnOScNn_MjeNByXOmu8h9Q7uuGx5tSQX0SVFG6osNQgvF3asdJLAuKkOI0lmtlq_jA-9gJOxgsD-OGQayNOAFrghNlLz6g1fyZkHPXgBvsBLiThYVn-ai-XQCigbrsSas3R-Uajw4ZOia_35kNIpsjDBJYfwykGCe1JivjFlmoY2h7qLSAtuVNKlTfLKI6AqFfU9j2R8IMO4X3ABJSgtfX5A5IFBAgEGAGSBQQIBRgEoAYCgAfs1PbpAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIePDdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTQ5MTYyODk1MjM2NjE4NDcYAA&sigh=kkblohaIx64&uach_m=[UACH]&cid=CAQSPADUE5ym199WJrnPy_f7Urlga5gQwPpH7mTkgUI-4tz_JYbfooquAiTPQTwT2LSbgBjRdIp572PfLIvdzxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4916289523661847&output=html&h=250&adk=4176011913&adf=2827111385&w=250&lmt=1678084787&rafmt=12&channel=4430082836&format=250x250&url=https%3A%2F%2Feasy-fengshui.com%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678084786961&bpp=4&bdt=310&idt=287&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D857dc3e5e1b593cd%3AT%3D1678084787%3AS%3DALNI_Mbs74r5W9qrXjsgxUzj6RQep9pWnw&gpic=UID%3D00000bc0f38e9f89%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MZeWBT8eVsXRRfNNnQ4EqsdBINOSg&correlator=395500658622&frm=20&pv=2&ga_vid=1462555817.1678084787&ga_sid=1678084787&ga_hid=1141971450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=1006&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926%2C31072648%2C31072727&oid=2&pvsid=2051008498528973&tmod=1671322955&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=0ywExLuFRL&p=https%3A//easy-fengshui.com&dtd=931
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 06 Mar 2023 06:39:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame B78A 22 KB
9 KB 237ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:29:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame B78A 3 KB
1 KB 249ms
51ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 21:53:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame B78A 20 KB
8 KB 242ms
45ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:29:31 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B78A 0
0 245ms
48ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTVTDyfu5v-emWsIp_RW7qWABWlUzbTCskzRh9loCIOdUSqzkzTFdcp65_Th1h6JoOhiGilq_4HpZDQ9DjHo76b7FdnKg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4916289523661847&output=html&h=250&adk=4176011913&adf=2827111385&w=250&lmt=1678084787&rafmt=12&channel=4430082836&format=250x250&url=https%3A%2F%2Feasy-fengshui.com%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678084786961&bpp=4&bdt=310&idt=287&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D857dc3e5e1b593cd%3AT%3D1678084787%3AS%3DALNI_Mbs74r5W9qrXjsgxUzj6RQep9pWnw&gpic=UID%3D00000bc0f38e9f89%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MZeWBT8eVsXRRfNNnQ4EqsdBINOSg&correlator=395500658622&frm=20&pv=2&ga_vid=1462555817.1678084787&ga_sid=1678084787&ga_hid=1141971450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=1006&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926%2C31072648%2C31072727&oid=2&pvsid=2051008498528973&tmod=1671322955&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=0ywExLuFRL&p=https%3A//easy-fengshui.com&dtd=931
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B78A 158 KB
49 KB 266ms
69ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Mar 2023 06:39:48 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame B78A 33 KB
14 KB 252ms
55ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48a3803c66697398863063eaad8263078145e5d97110d0b777a7347640a5afc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 20:07:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37957
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13717
x-xss-protection: 0
server: cafe
etag: 17409078185802295553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 20:07:11 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 294C 0
54 B 906ms
307ms Ping
image/gif 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lewgct7g&c=395500658622&slotId=197750329311&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.559.1_de.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 50ms
50ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 294C 156 B
185 B 548ms
548ms XHR
text/xml 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?correlator=2313350464459725&description_url=https%3A%2F%2Feasy-fengshui.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=640x480%7C400x300%7C1x1&unviewed_position_start=1&url=https%3A%2F%2Feasy-fengshui.com%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22489788787%2F250341-shared-video-1&vid_d=40&vid_kw=Feng%20Shui%2CFeng%20Shui%20Rules%2CBedroom%20feng%20shui%2CBed%20Placement%2CBedroom%20Accessories%2CChinese%20Feng%20Shui&vid_t=Basic%20Feng%20Shui%20Rules%20and%20Tips%20for%20the%20Bedroom&vpa=auto&cust_params=ap%3D1%26d%3D250341%26eb_br%3Ddc3573d5dc41abdf97751be02f53537f%26ft%3D0%26ic%3D1%26iid1%3D1643048870057738%26plat%3D1%26t%3D134%26tap%3D250341-shared-video-1-1643048870057738&sdkv=h.3.559.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2858412214&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.559.1&sid=AE64AD01-7BD4-430C-890E-32041E51590F&nel=0&eid=44748969%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991%2C44785452&top=https%3A%2F%2Feasy-fengshui.com%2F&loc=https%3A%2F%2Feasy-fengshui.com%2F&dlt=1678084786650&idt=1314&dt=1678084788705&cookie=ID%3D857dc3e5e1b593cd-22a7954544dd005e%3AT%3D1678084787%3ART%3D1678084788%3AS%3DALNI_MbXEBJmwVFW1uG1WRbAHN0T_WrbfA&gpic=UID%3D00000bc0f3163385%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MYHq36mAlS2XlqNgofVtDCYNDuC8A&scor=4156373998177386&ged=ve4_td2_tt1_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.559.1_de.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 158ms
42ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 05:40:27 GMT
via: 1.1 google
age: 3561
x-guploader-uploadid: ADPycds1WEeNNHw99qkP3zzuwh-8yCWn-ldQQaffcHAg0Aes9l_mbU2iUw-7VBuEmKTN_6NIf-cksaIMWqe1pntsT7hIqpIPsduu
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
last-modified: Fri, 29 Jul 2022 16:55:09 GMT
server: UploadServer
etag: "f5bc066f146e3dbb049aa6c86c7012e6"
x-goog-generation: 1659113709880056
x-goog-hash: crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1258
accept-ranges: bytes
expires: Mon, 06 Mar 2023 06:40:27 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 32 KB
10 KB 162ms
42ms Script
text/javascript 13.225.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 11:20:10 GMT
content-encoding: gzip
via: 1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:08:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 83480
x-amz-server-side-encryption: AES256
etag: W/"87ee016ad429d1c83712b8d81ccb3c59"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: XYsllKJNy1W0aBOkvpZ_EMG9xiJrfenfSRFlj0XnOU0NUpxpug7QPQ==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 167ms
40ms Script
text/javascript 2600:9000:21f3:a600:a:e047:752:b361
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a600:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 06 Mar 2023 04:08:42 GMT
Via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
Age: 9066
x-amz-server-side-encryption: AES256
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: aRQWvjqRfuErCAuTZobzFxdmoYAJ7rSyjeSZ4YNPthE1bJcJB8s_Dw==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 165ms
50ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b1546ae8f493de03b1ca99f9f955a20785679be18625354b363f2f8311f421b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 Feb 2023 11:21:55 GMT
server: cloudflare
x-amz-request-id: B21V0F22VJP5FG8V
age: 1468
etag: W/"b988c8d91b8a22dcd50f129d3a9d67f1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7a389a8a99af9b94-FRA
x-amz-id-2: /9sMwXcqvgEyjTW3uC6dFiL1VgGHBKiy48ep+6fvhHMJAPYTXyiXQmvOZBH9pADy6GWgbZ0BNwk=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 158ms
54ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 36348
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230037-FRA, cache-yyz4557-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uvmDhTdPs6DUJxrKAJWN4PB%2BipBt0RvEvKxCKnWFnt86YMwAfhUCYGtxZVA%2BOPAOXCDr5AZJ6x3DNPbUZqk7vwuuI%2F8406sElbXpqqb%2BBdluGa2yfNPUzglTgpG3EvIZUnllBlMFvcS62GkRmsg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7a389a8a8867362f-FRA

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 188ms
84ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 07 Mar 2023 06:39:48 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 156ms
42ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 12:51:01 GMT
content-encoding: gzip
age: 1792127
x-guploader-uploadid: ADPycdvujfU_oLUmNVqI4f5BZnpSVte8PDLotLNZgvFd0cC54eAGvZm9f8-b4dRZmf4BnqGEW6yytSvFJRHHxFr_uK-ecw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 13 Feb 2024 12:51:01 GMT

GET
H2 200 container.html Show response
ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8D26 6 KB
3 KB 57ms
53ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easy-fengshui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 06:39:47 GMT
expires: Tue, 05 Mar 2024 06:39:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 greenoaks.gif
easy-fengshui.com/detroitchicago/ 0
51 B 47ms
43ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiNzU3ZjliNy0yOGI0LTRmNmQtNzQ5Zi1lOTgwZDY4ZWZmMDIiLCJkb21haW5faWQiOiIyNTAzNDEiLCJ0X2Vwb2NoIjoxNjc4MDg0Nzg2LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjIxMjMifV19XQ==
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:48 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:48 GMT

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
16 B 47ms
44ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjE0NzI4NDc4MDMzMjE1IiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImVhc3lfZmVuZ3NodWlfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NzgwODQ3ODYsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjE0NzI4NDc4MDMzMjE1IiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImVhc3lfZmVuZ3NodWlfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NzgwODQ3ODYsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiJlNjZjMzBkZWNhMzFiMTllZGEyMTJlZWNhMTI1ODU4NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjE0NzI4NDc4MDMzMjE1IiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImVhc3lfZmVuZ3NodWlfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NzgwODQ3ODYsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDI0LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMjQsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJiNzU3ZjliNy0yOGI0LTRmNmQtNzQ5Zi1lOTgwZDY4ZWZmMDIiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjE0NzI4NDc4MDMzMjE1IiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImVhc3lfZmVuZ3NodWlfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NzgwODQ3ODYsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDAzNDU4OCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjE0NzI4NDc4MDMzMjE1IiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImVhc3lfZmVuZ3NodWlfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NzgwODQ3ODYsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:48 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:48 GMT

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
63 B 47ms
44ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjE0NzI4NDc4MDMzMjE1IiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImVhc3lfZmVuZ3NodWlfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NzgwODQ3ODYsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTAzLTA2In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiNiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIxIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:49 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:49 GMT

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
16 B 46ms
43ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNjE0NzI4NDc4MDMzMjE1IiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImVhc3lfZmVuZ3NodWlfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NzgwODQ3ODYsImF1Y3Rpb25fZXBvY2giOjE2NzgwODQ3ODksImFkX3Bvc2l0aW9uIjo5OTk5LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYjc1N2Y5YjctMjhiNC00ZjZkLTc0OWYtZTk4MGQ2OGVmZjAyIiwiYmlkX2Zsb29yX2luaXRpYWwiOjI0LCJiaWRfZmxvb3JfcHJldiI6bnVsbCwiYmlkX2Zsb29yX2ZpbGxlZCI6MjQsImF1Y3Rpb25fY291bnQiOjEsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjc2NSwibXVsdGlfYWRfdW5pdCI6bnVsbCwibXVsdGlfYWRfY291bnQiOm51bGwsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:48 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:48 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8D71 143 B
166 B 57ms
50ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4916289523661847&output=html&h=250&adk=4176011913&adf=2827111385&w=250&lmt=1678084787&rafmt=12&channel=4430082836&format=250x250&url=https%3A%2F%2Feasy-fengshui.com%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678084786961&bpp=4&bdt=310&idt=287&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D857dc3e5e1b593cd%3AT%3D1678084787%3AS%3DALNI_Mbs74r5W9qrXjsgxUzj6RQep9pWnw&gpic=UID%3D00000bc0f38e9f89%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MZeWBT8eVsXRRfNNnQ4EqsdBINOSg&correlator=395500658622&frm=20&pv=2&ga_vid=1462555817.1678084787&ga_sid=1678084787&ga_hid=1141971450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=1006&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926%2C31072648%2C31072727&oid=2&pvsid=2051008498528973&tmod=1671322955&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=0ywExLuFRL&p=https%3A//easy-fengshui.com&dtd=931
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 06:22:10 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A997 1 KB
643 B 54ms
49ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 86294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 06:41:34 GMT
etag: 48472445140208031
expires: Mon, 06 Mar 2023 06:41:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B78A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 102cad8b6190af1fda37cc6e745e59c6e3f9f971de4b2c45817c1ee1f7773d01

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
16 B 45ms
44ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODU3OTgxNTQ1NjAxNzgwMCIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVhc3lfZmVuZ3NodWlfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjc4MDg0Nzg2LCJhZF9wb3NpdGlvbiI6MTEzMywiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOjEsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjowfV0=
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:48 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:48 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 8D26 4 KB
709 B 152ms
52ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Mar 2023 06:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 05:20:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Mar 2023 06:39:48 GMT

GET
H2 200 89d7ca8249da9b1fce758df22cf4efd3.js Show response
www.gstatic.com/mysidia/ Frame 6BA6 10 KB
5 KB 193ms
53ms Script
text/javascript 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/89d7ca8249da9b1fce758df22cf4efd3.js?tag=client_fast_engine_2019

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2500cea629c6bbfc4ab85693f21ac707f0a92d02f32781a2bea98f7065e4fbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 09:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 509849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4405
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 07:42:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 09:02:20 GMT

GET
H2 200 b74e08c96fd6ffaf41b74858b161eff8.js Show response
www.gstatic.com/mysidia/ Frame 6BA6 148 KB
55 KB 244ms
105ms Script
text/javascript 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b74e08c96fd6ffaf41b74858b161eff8.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e444ac06cccde32f7aead9684732cef25669e4d657c1a617feddffbb30f3bd82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 23:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 373110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56098
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 18:22:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 30 May 2023 23:01:19 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6BA6 4 KB
1 KB 132ms
51ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Mar 2023 06:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 04:51:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Mar 2023 06:39:48 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 6BA6 2 KB
818 B 55ms
51ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:29:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame 6BA6 22 KB
9 KB 44ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:29:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 6BA6 3 KB
1 KB 56ms
52ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 21:53:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 6BA6 20 KB
8 KB 47ms
44ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:29:31 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6BA6 0
0 52ms
48ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRGTmFy7GAmICE7Ka0sSdZNSKIqA5zPpZr8WP3aAdlPq8ToE4RChi-pLRvchz8F9ZWYGlobwQf2fD1UAwPGtK6p0msb3A
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6BA6 158 KB
48 KB 63ms
60ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Mar 2023 06:39:48 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 6BA6 34 KB
14 KB 190ms
54ms Script
text/javascript 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 16:35:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 20:31:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 03 Jun 2023 16:35:01 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/elements/html/ Frame 8D26 20 KB
8 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42380
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8547
x-xss-protection: 0
server: cafe
etag: 17360858034827311943
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:53:28 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8D26 205 B
518 B 234ms
104ms Image
image/png 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:23:03 GMT
x-content-type-options: nosniff
age: 1006
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 05 Mar 2024 06:23:03 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8D26 604 B
694 B 235ms
104ms Image
image/png 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 05:38:36 GMT
x-content-type-options: nosniff
age: 3673
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 05 Mar 2024 05:38:36 GMT

GET
H3 200 index_video_1_0_2.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 49 KB
49 KB 696ms
695ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_video_1_0_2.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d21b0147f19d1d84ade2b65dd96dfac303679b86ce38389210413e8e5292d25d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:49 GMT
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49864
last-modified: Mon, 06 Mar 2023 06:39:49 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKpln1xxTzjnXLAH66nCBuBROPO7VRDUKc3MHpts1Yj1I85%2Bl5m3zB%2Fp4IoWZFdkla9%2FVDDlo4O3com8bfQTSufZHyVlp4SFu%2FZJtu28EgC8a%2BdOXdldL00nuXspYZVbEKYiBHT20hDQuOne00w2ezK4"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389a8b1b4b9043-FRA
x-mediapackage-request-id: Root=1-64058ab5-440d3ce41c9ad3db4cd703f2
x-amz-cf-id: sl8nK4_enVvQfEHjH61JHXDQt9lB3o9i7ph7L_R6eEtV7anjE8ZP4Q==

GET
H3 200 index_audio_4_0_2.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 40 KB
41 KB 606ms
605ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_audio_4_0_2.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45adc2a528fd3a45aa632b8eed770b59df10adcd782c46cea403a79773cc7e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:49 GMT
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41410
last-modified: Mon, 06 Mar 2023 06:39:49 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iokFWtIUuiHMIZ%2Bv0dJgo2240QuQLCDKkC%2B84xfXAjUT6nJUjKl3uZPcyDIM1XZ8ZWhJ%2BXJlU3G%2FEUBIGyCzdn%2B%2BE%2F7V2n7B5AEP6cjwsw%2BxXAjpjR1tBaLOgTUoG%2BEI%2BIihOO4oGrsWsqajdZUNssLE"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389a8b1b4c9043-FRA
x-mediapackage-request-id: Root=1-64058ab5-7a2261f74262b1af2cfbb4df
x-amz-cf-id: _AcA6sp1jqht1EqHk9ECeXOa1aLp_2lTYTwStfzdm6KEQ3cWSVOgew==

GET
H2 200 dpixel
cms.quantserve.com/ Frame A997 35 B
363 B 47ms
43ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOaYuNDtWCemHQ0UXVxq_g4&google_cver=1&google_push=Aa02lx_2CEfpKeLYU2i9wwJ0ChcdKhi6qpuxVxEPpvIqjBf4GjTQe8Ald3eTykuCO3RKqjKscGtorH7GfViWBijBHNim4dSikC7bJW8

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame A997 70 B
265 B 218ms
57ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAnp_mfdhjkCC9NnO5_Zp6g&google_cver=1&google_push=Aa02lx8UcXg93jCZZ4ozVCYPFYxoG7mpG6ebvx442LyemVJ0nEtjzklYnl8aR1q6bMj2xDA5_gghNMC2xfgONYtqXpdD3--IrM0ZFdw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4916289523661847&output=html&h=250&adk=4176011913&adf=2827111385&w=250&lmt=1678084787&rafmt=12&channel=4430082836&format=250x250&url=https%3A%2F%2Feasy-fengshui.com%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678084786961&bpp=4&bdt=310&idt=287&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D857dc3e5e1b593cd%3AT%3D1678084787%3AS%3DALNI_Mbs74r5W9qrXjsgxUzj6RQep9pWnw&gpic=UID%3D00000bc0f38e9f89%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MZeWBT8eVsXRRfNNnQ4EqsdBINOSg&correlator=395500658622&frm=20&pv=2&ga_vid=1462555817.1678084787&ga_sid=1678084787&ga_hid=1141971450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=1006&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926%2C31072648%2C31072727&oid=2&pvsid=2051008498528973&tmod=1671322955&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=0ywExLuFRL&p=https%3A//easy-fengshui.com&dtd=931
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 06 Mar 2023 06:39:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 dds
rtb.openx.net/sync/ Frame A997 43 B
351 B 146ms
50ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEE3lxtA6pgoDoC5-jzDuIJY&google_cver=1&google_push=Aa02lx8vwtLfYPR1mIKnxf966yg9GGAkeJgthz4HugjXOqV8f3YzRJNnD4HsUQD8bCQOAIG_NzjSABhTlvuifdngxKgNt7iWaGDtFA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-4916289523661847&output=html&h=250&adk=4176011913&adf=2827111385&w=250&lmt=1678084787&rafmt=12&channel=4430082836&format=250x250&url=https%3A%2F%2Feasy-fengshui.com%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678084786961&bpp=4&bdt=310&idt=287&shv=r20230301&mjsv=m202302210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D857dc3e5e1b593cd%3AT%3D1678084787%3AS%3DALNI_Mbs74r5W9qrXjsgxUzj6RQep9pWnw&gpic=UID%3D00000bc0f38e9f89%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MZeWBT8eVsXRRfNNnQ4EqsdBINOSg&correlator=395500658622&frm=20&pv=2&ga_vid=1462555817.1678084787&ga_sid=1678084787&ga_hid=1141971450&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=1006&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44777876%2C44759875%2C44759926%2C31072648%2C31072727&oid=2&pvsid=2051008498528973&tmod=1671322955&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=0ywExLuFRL&p=https%3A//easy-fengshui.com&dtd=931
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:48 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: j2kj1i99j4m99vt3sl6t98vbivlgq52f

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A997
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMLKuIUBILwQHwRm2h_vH9Y&google_cver=1&google_push=Aa02lx9xIW8S8ekZbzvZbAfXeNu2kFK7OU6hSCFxCWqjBqhkRqET7EpGY21VKuoVDN1-LJYUxj_...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVXR0NVNjEtMjItRlVOTg==&google_push=Aa02lx9xIW8S8ekZbzvZbAfXeNu2kFK7OU6hSCFxCWqjBqhkRqET7EpGY21VKuoVDN1-LJYUxj_wCatyRS1ZouVLKq0gtviRE6mSfiM

170 B
232 B

59ms
59ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVXR0NVNjEtMjItRlVOTg==&google_push=Aa02lx9xIW8S8ekZbzvZbAfXeNu2kFK7OU6hSCFxCWqjBqhkRqET7EpGY21VKuoVDN1-LJYUxj_wCatyRS1ZouVLKq0gtviRE6mSfiM

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVXR0NVNjEtMjItRlVOTg==&google_push=Aa02lx9xIW8S8ekZbzvZbAfXeNu2kFK7OU6hSCFxCWqjBqhkRqET7EpGY21VKuoVDN1-LJYUxj_wCatyRS1ZouVLKq0gtviRE6mSfiM
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A997
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOfYU6HWzdmgCKJbFFpQbWE&google_cver=1&google_push=Aa02lx_qEPjJr0QsrzS_yMWEuT-jzcYulQ5WGnpPtla0cqFx27mcxe2sF1XnfqmG0cZIMS4i20tc-huW7k-WHfIq...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_qEPjJr0QsrzS_yMWEuT-jzcYulQ5WGnpPtla0cqFx27mcxe2sF1XnfqmG0cZIMS4i20tc-huW7k-WHfIqA_GRf_1_CJDeUA

170 B
329 B

63ms
55ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_qEPjJr0QsrzS_yMWEuT-jzcYulQ5WGnpPtla0cqFx27mcxe2sF1XnfqmG0cZIMS4i20tc-huW7k-WHfIqA_GRf_1_CJDeUA

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 06 Mar 2023 06:39:49 GMT
via: 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx_qEPjJr0QsrzS_yMWEuT-jzcYulQ5WGnpPtla0cqFx27mcxe2sF1XnfqmG0cZIMS4i20tc-huW7k-WHfIqA_GRf_1_CJDeUA
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: hbTkloH6pOs1DIDTKn3DFVW2RmL8ioYspG-Gp9V0kAXIUPiXDniC8Q==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A997
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESELJzoUwRJCZtrpOJsw9TgcY&google_cver=1&google_push=Aa02lx9f0R_aG64GYz082sT6yaWCintyZe5-tAa9jzvxs3wCjVHp4uE5LInqgoGLCMeE2Z1azspEgPz4QzZCM_EnrZ-4-m...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESELJzoUwRJCZtrpOJsw9TgcY&google_cver=1&google_push=Aa02lx9f0R_aG64GYz082sT6yaWCintyZe5-tAa9jzvxs3wCjVHp4uE5LInqgoGLCMeE2Z1azspEgPz4QzZCM_En...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ipQbYq09QByNxQhRXMvm2g&google_push=Aa02lx9f0R_aG64GYz082sT6yaWCintyZe5-tAa9jzvxs3wCjVHp4uE5LInqgoGLCMeE2Z1azspEgPz4QzZCM_E...

170 B
188 B

55ms
55ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ipQbYq09QByNxQhRXMvm2g&google_push=Aa02lx9f0R_aG64GYz082sT6yaWCintyZe5-tAa9jzvxs3wCjVHp4uE5LInqgoGLCMeE2Z1azspEgPz4QzZCM_EnrZ-4-mlgm2zi-VY

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ipQbYq09QByNxQhRXMvm2g&google_push=Aa02lx9f0R_aG64GYz082sT6yaWCintyZe5-tAa9jzvxs3wCjVHp4uE5LInqgoGLCMeE2Z1azspEgPz4QzZCM_EnrZ-4-mlgm2zi-VY
access-control-allow-origin: *
date: Mon, 06 Mar 2023 06:39:49 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A997
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDojJzBjaUJckGZob9zkX7s&google_cver=1&google_push=Aa02lx9cpfpZ0-mtpNzUyRsVKI_3ZbQyrUYHZ-U3oTBBPZwE50P1DMMRQU82mNtPlBKzG7ZcMC...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDojJzBjaUJckGZob9zkX7s&google_cver=1&google_push=Aa02lx9cpfpZ0-mtpNzUyRsVKI_3ZbQyrUYHZ-U3oTBBPZwE50P1DMMRQU82mNtPlBKzG7ZcMC...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1PbXRDMm9sRTJ1SG5tbmVRNUpSSHFlb2xSWnhwVndyaH5B&google_push=Aa02lx9cpfpZ0-mtpNzUyRsVKI_3ZbQyrUYHZ-U3oTBBPZwE50P1DMMRQ...

170 B
232 B

51ms
50ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1PbXRDMm9sRTJ1SG5tbmVRNUpSSHFlb2xSWnhwVndyaH5B&google_push=Aa02lx9cpfpZ0-mtpNzUyRsVKI_3ZbQyrUYHZ-U3oTBBPZwE50P1DMMRQU82mNtPlBKzG7ZcMChGDIoLdeUOQ2wr8RchYnKMxqnzMsY

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1PbXRDMm9sRTJ1SG5tbmVRNUpSSHFlb2xSWnhwVndyaH5B&google_push=Aa02lx9cpfpZ0-mtpNzUyRsVKI_3ZbQyrUYHZ-U3oTBBPZwE50P1DMMRQU82mNtPlBKzG7ZcMChGDIoLdeUOQ2wr8RchYnKMxqnzMsY
date: Mon, 06 Mar 2023 06:39:49 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A997 0
139 B 169ms
51ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KNNyXYXz2WDZmseHG93jkWqQzjTapmXuRguGX2IUPw7MCNX11W3cy535UlSY2LM8P0dJVlbw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 66ms
63ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: a15af39562d911c6bc1f6e675bcb3230e52c5fa9d6ac59db94102016dc28f020

Request headers

Referer: https://easy-fengshui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Mar 2023 06:39:49 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 6c55d854446dcd49e0fc886013ac7cea
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 194ms
65ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://easy-fengshui.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://easy-fengshui.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 06 Mar 2023 06:39:49 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 028c9fa5a722df3f579b589ed9235900

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Feasy-fengshui.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Feasy-fengshui.com%2F&rid=esp&cc=1

85 B
203 B

153ms
152ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Feasy-fengshui.com%2F&rid=esp&cc=1
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 77bcf93b6c4308de5da472ed47db16fc18add3e6e6ea7dddfad4677acb053e1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:49 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-tZvn3h4lsdPH+lY5aEfdfNU+xGU"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://easy-fengshui.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 06 Mar 2023 06:39:49 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://easy-fengshui.com
location: /esp?url=https%3A%2F%2Feasy-fengshui.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 185ms
58ms XHR
application/json 52.48.251.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.251.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-251-105.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ea9c289d8466ccbe72040502b7ca2f25ddd420ab20d6f3f7a17f8b7f0ec330d5

Request headers

Referer: https://easy-fengshui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:49 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://easy-fengshui.com
cache-control: no-cache
x-server: 10.45.14.49
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
326 B 146ms
42ms XHR
text/plain 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://easy-fengshui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://easy-fengshui.com
date: Mon, 06 Mar 2023 06:39:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8D71
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

59ms
58ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 06:39:49 GMT
expires: Mon, 06 Mar 2023 06:39:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 06:39:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame 90CA 36 KB
14 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 14:49:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 14:49:52 GMT

GET
H2 200 si
capi.connatix.com/tr/ 0
330 B 291ms
167ms Image
application/json 104.18.22.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=dceed97a-951e-4c47-b565-c2794ffae817&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.22.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7a389a8c3a239bd4-FRA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B18F 15 KB
6 KB 185ms
62ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=easy-fengshui.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://easy-fengshui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 06:39:48 GMT
server: Kestrel
server-processing-duration-in-ticks: 779453
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 csi
csi.gstatic.com/ Frame 294C 0
234 B 538ms
304ms Ping
image/gif 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lewgctso&c=395500658622&slotId=197750329311&ghmsh_eids=44748969%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991%2C44785452
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.559.1_de.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 89ms
87ms Image
image/gif 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=10.119959849802006

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GMp7xzTlOqsYvpBB62RgjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-GMp7xzTlOqsYvpBB62RgjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 131ms
129ms Image
image/gif 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=5.045234942952382

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-4tiaNjU5DJIKn94YvgphhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:49 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-4tiaNjU5DJIKn94YvgphhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6BA6 0
54 B 406ms
308ms Ping
image/gif 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lewgcu6e&c=1315328083568&slotId=657664041784&qqid=CLHuyv3Yxv0CFbOB_QcdqkMBmw&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b74e08c96fd6ffaf41b74858b161eff8.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hqdefault.jpg
i1.ytimg.com/vi/8LQO4QCPMNk/ Frame 6BA6 11 KB
11 KB 170ms
42ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/8LQO4QCPMNk/hqdefault.jpg

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1888da43b77f67b623843c79c9916f71774042b15517a0470b9b2cb2f70b4fce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 05:06:24 GMT
x-content-type-options: nosniff
age: 5605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11194
x-xss-protection: 0
server: sffe
etag: "1660544573"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Mar 2023 07:06:24 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 707E 1 KB
643 B 44ms
44ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 86295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 06:41:34 GMT
etag: 48472445140208031
expires: Mon, 06 Mar 2023 06:41:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 206
Partial Content videoplayback
rr2---sn-4g5ednss.googlevideo.com/ Frame 6BA6 2 MB
2 MB 207ms
59ms Media
video/mp4 2a00:1450:4001:6b::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-4g5ednss.googlevideo.com/videoplayback?expire=1678113588&ei=tIoFZOLuHa3jx_APjfKh6AM&ip=2a01:4a0:1338:92::7&id=f0b40ee1008f30d9&itag=18&source=youtube&requiressl=yes&mh=Wf&mm=31&mn=sn-4g5ednss&ms=au&mv=m&mvi=2&pl=36&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=33.901&lmt=1676927671669791&mt=1678084381&txp=5430434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgOd5CA9DvbLBfdzXoltJLLPVhxXkBQhTOA7DGWgw3rzYCIQDaLAPspmqbgL63HS97vhy9jErILNW-03YzVatuM5f6vg==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgTtVECgDveZPY1EtsT_N0oBHQTtOtXGdd_cXjsUlWft0CICWHv1l74GnxRzwl_HDEkyhWUHDOGVVA_KTXrNw5pX1d&cpn=fFR1CudMfq4gi-7X

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:6b::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

07797171a7bcce40723a85601551ce1867bf8a082b4e40a167cde372619f314e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 06 Mar 2023 06:39:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 20 Feb 2023 21:14:31 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1694256/1694257
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1694257
Expires: Mon, 06 Mar 2023 06:39:49 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame B18F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=easy-fengshui.com&sn=ChromeSyncframe&so=0&topUrl=easy-fengshui.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=nVH5Q3wxeUZPZldnTUNKQzlxSnlqMXBHVkJ4MmdudkdpTy9saXdhcFIrOC9NdHRSQWJvWDk5TFFUbkZXQmdIYmd2ZDRiWUZHbU5DU0xoaktoRDNrZUVPam5CWTN5VjZIVDBCbDV1T01lVlpyOXRwRTJLRWd4OE15TGIzT3...

449 B
671 B

240ms
43ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=nVH5Q3wxeUZPZldnTUNKQzlxSnlqMXBHVkJ4MmdudkdpTy9saXdhcFIrOC9NdHRSQWJvWDk5TFFUbkZXQmdIYmd2ZDRiWUZHbU5DU0xoaktoRDNrZUVPam5CWTN5VjZIVDBCbDV1T01lVlpyOXRwRTJLRWd4OE15TGIzT3UydEZmb2tITUtFS09lYmd4ZVd5a0JTdjlnenBFNEhmYnQra3lDdGtlOW45bXo3VlJnL0xHalE2YUozNE9TWDZMcnlsZDk0UVVVZGxQeVdnMm45cCtlM2FHSy8xUXg4T0lxUVJ4eVJuejVlVnE3ZUNVQUM3RlBOSUxzY0JMYjEzUlZNVksvWTZXNXJFOWx6YWxTSjBtS043TXpiN1hlNjF6Vy9NNGZaMjR4QVdTcnd1QitFYz18&cppv=2

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

feb3bc258c428eb136ec35817f6f689c2a43dc9f4d876b7fcda7fd42ff60e8d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:48 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1797543
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:49 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=nVH5Q3wxeUZPZldnTUNKQzlxSnlqMXBHVkJ4MmdudkdpTy9saXdhcFIrOC9NdHRSQWJvWDk5TFFUbkZXQmdIYmd2ZDRiWUZHbU5DU0xoaktoRDNrZUVPam5CWTN5VjZIVDBCbDV1T01lVlpyOXRwRTJLRWd4OE15TGIzT3UydEZmb2tITUtFS09lYmd4ZVd5a0JTdjlnenBFNEhmYnQra3lDdGtlOW45bXo3VlJnL0xHalE2YUozNE9TWDZMcnlsZDk0UVVVZGxQeVdnMm45cCtlM2FHSy8xUXg4T0lxUVJ4eVJuejVlVnE3ZUNVQUM3RlBOSUxzY0JMYjEzUlZNVksvWTZXNXJFOWx6YWxTSjBtS043TXpiN1hlNjF6Vy9NNGZaMjR4QVdTcnd1QitFYz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 381305
content-length: 0
expires: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 707E 0
104 B 264ms
82ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDs5PPwEKUmnF6Mzp34eNnI&google_cver=1&google_push=Aa02lx-FBi3VDimx6tvCZurRBmvxFc4gvJaF1Ua9UeitiApxZBLp6tGMrf-mlk_jRwc2ID4Ub3-eSv8SW2Ky51eR8AiWKV3F4a3L
Requested by: Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:49 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 707E
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDl2VWc71BTtPU25ccsaoKU&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEDl2VWc71BTtPU25ccsaoKU&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UlVnT2FFWTUxUHo0dkg1&google_gid=CAESEDl2VWc71BTtPU25ccsaoKU&google_cver=1&google_push=Aa02lx9m1TNlFv_JO0fXtqUkIwysXcMwbVV3DE4JX8ULbou...

170 B
188 B

52ms
51ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UlVnT2FFWTUxUHo0dkg1&google_gid=CAESEDl2VWc71BTtPU25ccsaoKU&google_cver=1&google_push=Aa02lx9m1TNlFv_JO0fXtqUkIwysXcMwbVV3DE4JX8ULbouc2ElQMW2V1BhDWSeQH_VztsAPozL-5IovGL8KzVmcLbhZbTV9dfb_

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 06 Mar 2023 06:39:48 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-769-g9857bbc#rel-ec2-master i-04a4a3c9d6b291794@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UlVnT2FFWTUxUHo0dkg1&google_gid=CAESEDl2VWc71BTtPU25ccsaoKU&google_cver=1&google_push=Aa02lx9m1TNlFv_JO0fXtqUkIwysXcMwbVV3DE4JX8ULbouc2ElQMW2V1BhDWSeQH_VztsAPozL-5IovGL8KzVmcLbhZbTV9dfb_
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 707E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJK7-O3dt3CksGiimD6_cQM&google_cver=1&google_push=Aa02lx_BmMnGj3up8syQOr1PUG_SmZkqU6v_Cm7Vlkqq9p5xeugif-gtrDCVOyUri6hRgqRYqny...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVXR0NVOTYtMTItSVNK&google_push=Aa02lx_BmMnGj3up8syQOr1PUG_SmZkqU6v_Cm7Vlkqq9p5xeugif-gtrDCVOyUri6hRgqRYqny8ddDMesv_gH-pMexYyKPpr01I

170 B
188 B

53ms
53ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVXR0NVOTYtMTItSVNK&google_push=Aa02lx_BmMnGj3up8syQOr1PUG_SmZkqU6v_Cm7Vlkqq9p5xeugif-gtrDCVOyUri6hRgqRYqny8ddDMesv_gH-pMexYyKPpr01I

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVXR0NVOTYtMTItSVNK&google_push=Aa02lx_BmMnGj3up8syQOr1PUG_SmZkqU6v_Cm7Vlkqq9p5xeugif-gtrDCVOyUri6hRgqRYqny8ddDMesv_gH-pMexYyKPpr01I
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
Expires: 0

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 707E 0
35 B 209ms
43ms Image
text/plain 3.72.124.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEPcVpC7v1a6rskwf5bZJ_xY&google_cver=1&google_push=Aa02lx-ehZ0SVZ9Zbk0dXa76GWhx8SwjXSwtv2tSLAgMdFRUJAcrb-1hKW4zg4XXxtkQxIAXq0Wanw7OJXOIsGENaK-o7xBrKRWG
Requested by: Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.72.124.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-124-192.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:49 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 707E
Redirect Chain

https://ads.avads.net/sync/ggl?google_gid=CAESEEvSpc22GIFPUNLnlNYTHvo&google_cver=1&google_push=Aa02lx9CA2jI-jj8KK2HZabNyRqiW1SW6UDt15u-8YqmZlKvPzTQn5YK0q0ISMLW7OYy5OM0hdjm30BHmUr8CFjVeHp_AWl2GOSxcA
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=MjAzZTRmMmYtYTZlNi00YWVlLTlkMDctNzdhZGVmMTI1ZGI0&google_push=Aa02lx9CA2jI-jj8KK2HZabNyRqiW1SW6UDt15u-8YqmZlKvPzTQn5YK0q0ISMLW7OYy5OM...

170 B
188 B

51ms
50ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=MjAzZTRmMmYtYTZlNi00YWVlLTlkMDctNzdhZGVmMTI1ZGI0&google_push=Aa02lx9CA2jI-jj8KK2HZabNyRqiW1SW6UDt15u-8YqmZlKvPzTQn5YK0q0ISMLW7OYy5OM0hdjm30BHmUr8CFjVeHp_AWl2GOSxcA

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=MjAzZTRmMmYtYTZlNi00YWVlLTlkMDctNzdhZGVmMTI1ZGI0&google_push=Aa02lx9CA2jI-jj8KK2HZabNyRqiW1SW6UDt15u-8YqmZlKvPzTQn5YK0q0ISMLW7OYy5OM0hdjm30BHmUr8CFjVeHp_AWl2GOSxcA
date: Mon, 06 Mar 2023 06:39:48 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
content-length: 0

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame 707E
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESEEleAnbx7NDhA9BelYigurY&google_cver=1&google_push=Aa02lx-SC0HHSZA8li60S7gIkT6Uxx_YSaxK2YcEQGQWjmMhF450Y8zPsWdItAw6K_zQaftUpswHQKtMHcbVg7klNgunmkXwOfbFUA
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAa02lx-SC0HHSZA8li60S7gIkT6Uxx_YSaxK2YcEQGQWjmMh...

43 B
1 KB

127ms
43ms

Image
image/gif

162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAa02lx-SC0HHSZA8li60S7gIkT6Uxx_YSaxK2YcEQGQWjmMhF450Y8zPsWdItAw6K_zQaftUpswHQKtMHcbVg7klNgunmkXwOfbFUA

Protocol

HTTP/1.1

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 06 Mar 2023 06:39:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

date: Mon, 06 Mar 2023 06:39:49 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAa02lx-SC0HHSZA8li60S7gIkT6Uxx_YSaxK2YcEQGQWjmMhF450Y8zPsWdItAw6K_zQaftUpswHQKtMHcbVg7klNgunmkXwOfbFUA
x-download-options: noopen
vary: Accept
content-length: 273
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 707E
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEKuQ097Kqh8YrnaXXFWrWpg&google_cver=1&google_push=Aa02lx9HN3SI9PZuc...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEKuQ097Kqh8YrnaXXFWrWpg%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDI3NTkyNDU3Mjc2MjA2MjEzNA%3D%3D&google_gid=CAESEKuQ097Kqh8YrnaXXFWrWpg&google_cver=1&google_push=Aa02lx9HN3SI9PZucDIZCla95gZI1dReFA...

170 B
188 B

52ms
51ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDI3NTkyNDU3Mjc2MjA2MjEzNA%3D%3D&google_gid=CAESEKuQ097Kqh8YrnaXXFWrWpg&google_cver=1&google_push=Aa02lx9HN3SI9PZucDIZCla95gZI1dReFAkf6fDdSiaFf1wU09ir8mpS-01xKYfYr2TifHf_LIgnxRvMdrEfmid2XpKujcJVF1AO

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 06 Mar 2023 06:39:49 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.106; 80.255.7.106; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c2dac780-f627-4ebc-814a-b87b8db6381d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NDI3NTkyNDU3Mjc2MjA2MjEzNA%3D%3D&google_gid=CAESEKuQ097Kqh8YrnaXXFWrWpg&google_cver=1&google_push=Aa02lx9HN3SI9PZucDIZCla95gZI1dReFAkf6fDdSiaFf1wU09ir8mpS-01xKYfYr2TifHf_LIgnxRvMdrEfmid2XpKujcJVF1AO
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 707E 0
12 B 56ms
54ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KBxpg2hMvfZhTpyjAZYs_5X5fUAzGqGtMMoqLRg4naiB6TRpagm-gM9vJu_vxRA2h3HIhAhF_JiA

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:49 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 54ms
53ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 54ms
54ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 294C 156 B
142 B 520ms
518ms XHR
text/xml 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?correlator=2313350464459725&description_url=https%3A%2F%2Feasy-fengshui.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=640x480%7C400x300%7C1x1&unviewed_position_start=1&url=https%3A%2F%2Feasy-fengshui.com%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22489788787%2F250341-shared-video-1&vid_d=40&vid_kw=Feng%20Shui%2CFeng%20Shui%20Rules%2CBedroom%20feng%20shui%2CBed%20Placement%2CBedroom%20Accessories%2CChinese%20Feng%20Shui&vid_t=Basic%20Feng%20Shui%20Rules%20and%20Tips%20for%20the%20Bedroom&vpa=auto&cust_params=ap%3D1%26d%3D250341%26eb_br%3D45a351e981f435b4c20fafca8a5d741c%26ft%3D0%26ic%3D1%26iid1%3D1643048870057738%26plat%3D1%26t%3D134%26tap%3D250341-shared-video-1-1643048870057738&sdkv=h.3.559.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2858412214&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.559.1&sid=AE64AD01-7BD4-430C-890E-32041E51590F&a3p=EhwKDWNyd2RjbnRybC5uZXQYmKSXreswSABSAghkEhkKCnB1YmNpZC5vcmcY_aWXreswSABSAghqEhcKCHJ0YmhvdXNlGJekl63rMEgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiYpJet6zBIAFICCGQSGQoKdWlkYXBpLmNvbRiYpJet6zBIAFICCGQSFAoFb3BlbngYmKSXreswSABSAghkEhsKDGlkNS1zeW5jLmNvbRiYpJet6zBIAFICCGQ.&nel=0&eid=44748969%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991%2C44785452&top=https%3A%2F%2Feasy-fengshui.com%2F&loc=https%3A%2F%2Feasy-fengshui.com%2F&dlt=1678084786650&idt=1314&dt=1678084789272&cookie=ID%3D857dc3e5e1b593cd-22a7954544dd005e%3AT%3D1678084787%3ART%3D1678084788%3AS%3DALNI_MbXEBJmwVFW1uG1WRbAHN0T_WrbfA&gpic=UID%3D00000bc0f3163385%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MYHq36mAlS2XlqNgofVtDCYNDuC8A&scor=4156373998177386&ged=ve4_td2_tt1_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.559.1_de.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU-_UMJikAwFRD-zu_1QH9NKGnubP3ZLdhsb4rTVZJHtHryKEA7fzYQP5ozwaibBrBNsR2uOUEOjDpW5D1ql29yQf-O8I6-W2H84Nkmn0dwnzKJkyWLs_vKv-NNyx9WU0o9LXTygg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 83ms
83ms XHR
text/html 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU-_UMJikAwFRD-zu_1QH9NKGnubP3ZLdhsb4rTVZJHtHryKEA7fzYQP5ozwaibBrBNsR2uOUEOjDpW5D1ql29yQf-O8I6-W2H84Nkmn0dwnzKJkyWLs_vKv-NNyx9WU0o9LXTygg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0MsfU8MUtZPxlmoqSxWBBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://easy-fengshui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Mar 2023 06:39:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-0MsfU8MUtZPxlmoqSxWBBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://easy-fengshui.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame A7B8 0
176 B 192ms
90ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://easy-fengshui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Mon, 06 Mar 2023 06:39:49 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame 0155 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 14:49:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 14:49:52 GMT

GET
H2 200 dark-bottom.css
easy-fengshui.com/ezoic/styles/ 3 KB
868 B 44ms
42ms Stylesheet
text/css 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/ezoic/styles/dark-bottom.css
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/ezoic/cookieconsent.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.39 (Ubuntu) /
Resource Hash: 94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:49 GMT
content-encoding: br
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: Apache/2.4.39 (Ubuntu)
etag: "bd7-5f5afbb5bf0c0-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex
content-length: 726

POST
H2 204 greenoaks.gif
easy-fengshui.com/detroitchicago/ 0
16 B 42ms
41ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiNzU3ZjliNy0yOGI0LTRmNmQtNzQ5Zi1lOTgwZDY4ZWZmMDIiLCJkb21haW5faWQiOiIyNTAzNDEiLCJ0X2Vwb2NoIjoxNjc4MDg0Nzg2LCJkYXRhIjpbeyJuYW1lIjoiaXNfYWRfYmxvY2tlZCIsInZhbCI6ImZhbHNlIn1dfV0=
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:49 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:49 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 89ms
88ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023022801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99763ca9417f2643ce1c05693b501795f54074d7181ac25882dd84ccee4b95c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11273
x-xss-protection: 0

GET
H3 200 index_audio_4_0_3.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 40 KB
41 KB 613ms
612ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_audio_4_0_3.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bc213b2817b7ac13a1bffdb6cfd8d468127367234856c61d71a5ec29750ae7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:50 GMT
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41411
last-modified: Mon, 06 Mar 2023 06:39:50 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fz2mkD0x6KhaZ5ZhRidD7thIwHQ8cK8mu%2FkgsoVCd4TcgYNaYWvec%2FlI%2BtnecxD6Xi793E0dwEQLOoRpWrp94MHJiThgY1%2Bg%2Bcntl9FjsAlTF%2BsRQLxXyBzrjLG5vpMJM%2B010tGrX9%2FJek3NQbEi4He5"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389a8fce6b9043-FRA
x-mediapackage-request-id: Root=1-64058ab5-4652300313b632467c082b57
x-amz-cf-id: YRUl_PaasBjcob4Kb6JxM51bf-t9nTA3hoDndkRs9mJFA8Nga3NQQA==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 06 Mar 2023 06:39:49 GMT

GET
H3 200 index_video_1_0_3.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 122 KB
123 KB 734ms
733ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_video_1_0_3.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3c29623aaab8fedbbe88580ae2c726d3de75e0e7c1f70eb37b7755d6379c74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:50 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 124865
last-modified: Mon, 06 Mar 2023 06:39:50 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04%2Fh3ojfRYjVd3NJoMcjEUYkW80vUNhNTSnO6LQ0AD6E5vCm0tMNOe27hmi8mFjVh6kEycdkhbSmAFU7g5xwSWCe9WuRcReTDkD%2FfUf6k3pdCZZX1D0XfMscUt96G0c2VBwsiGDFk8puvcrC0VepUa5N"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389a900e979043-FRA
x-mediapackage-request-id: Root=1-64058ab6-595ba22f5265ebea1145a5f7
x-amz-cf-id: 0V4JWtr5z_JEkXIbSPvngki3-uc0l-dohIR6Hc-i9OQ9pbUhwnf6dg==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A57F 13 KB
5 KB 46ms
43ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easy-fengshui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 30604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 22:09:45 GMT
expires: Mon, 04 Mar 2024 22:09:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B344 783 B
534 B 52ms
50ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

baf878cc708bd8cb39a5bfc15dd9360e9a162a3d0fb140ce22867f84658a3fb1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hyrqSVyQM5ZDh2E5_typ0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://easy-fengshui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-hyrqSVyQM5ZDh2E5_typ0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 06:39:49 GMT
expires: Mon, 06 Mar 2023 06:39:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 51ms
50ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 51ms
50ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 294C 156 B
142 B 549ms
549ms XHR
text/xml 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?correlator=2313350464459725&description_url=https%3A%2F%2Feasy-fengshui.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=640x480%7C400x300%7C1x1&unviewed_position_start=1&url=https%3A%2F%2Feasy-fengshui.com%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22489788787%2F250341-shared-video-1&vid_d=40&vid_kw=Feng%20Shui%2CFeng%20Shui%20Rules%2CBedroom%20feng%20shui%2CBed%20Placement%2CBedroom%20Accessories%2CChinese%20Feng%20Shui&vid_t=Basic%20Feng%20Shui%20Rules%20and%20Tips%20for%20the%20Bedroom&vpa=auto&cust_params=ap%3D1%26d%3D250341%26eb_br%3D76163170a8636ae5b88417f095893e08%26ft%3D0%26ic%3D1%26iid1%3D1643048870057738%26plat%3D1%26t%3D134%26tap%3D250341-shared-video-1-1643048870057738&sdkv=h.3.559.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=3541963038&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.559.1&sid=AE64AD01-7BD4-430C-890E-32041E51590F&a3p=EhwKDWNyd2RjbnRybC5uZXQYmKSXreswSABSAghkEhkKCnB1YmNpZC5vcmcY_aWXreswSABSAghqEhcKCHJ0YmhvdXNlGJekl63rMEgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiYpJet6zBIAFICCGQSGQoKdWlkYXBpLmNvbRiYpJet6zBIAFICCGQSFAoFb3BlbngYmKSXreswSABSAghkEhsKDGlkNS1zeW5jLmNvbRiYpJet6zBIAFICCGQ.&nel=0&eid=44748969%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991%2C44785452&top=https%3A%2F%2Feasy-fengshui.com%2F&loc=https%3A%2F%2Feasy-fengshui.com%2F&dlt=1678084786650&idt=1314&dt=1678084789823&cookie=ID%3D857dc3e5e1b593cd-22a7954544dd005e%3AT%3D1678084787%3ART%3D1678084788%3AS%3DALNI_MbXEBJmwVFW1uG1WRbAHN0T_WrbfA&gpic=UID%3D00000bc0f3163385%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MYHq36mAlS2XlqNgofVtDCYNDuC8A&scor=4156373998177386&ged=ve4_td3_tt2_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.559.1_de.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B344 0
0 74ms
73ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023022801&jk=2051008498528973&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame A57F 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 14:49:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 14:49:52 GMT

GET
H3 200 google_caf.js Show response
fundingchoicesmessages.google.com/f/AGSKWxWWp3HSvEAqfQ3Jen3S37C6L1mmamClgyO22hFbHSLm2M7FoyEoD6KtAn4bDVbaaGg5TjRDdCMtyrOeAJEYNuI_ro-6xtQpk4jkRnS3i21-ITW2kSORXv4DsZOWOP-VFiYx-p1p6eEEiKBNp5s0NVWnLEc6y... 54 B
110 B 82ms
82ms Script
application/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWWp3HSvEAqfQ3Jen3S37C6L1mmamClgyO22hFbHSLm2M7FoyEoD6KtAn4bDVbaaGg5TjRDdCMtyrOeAJEYNuI_ro-6xtQpk4jkRnS3i21-ITW2kSORXv4DsZOWOP-VFiYx-p1p6eEEiKBNp5s0NVWnLEc6yyqcS5u89-3foFkifpD45VaFCG4F1uYQ/_/Ads_Fix./ads_728_/ads728x90_/google_caf.js?/adengine.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UpTzUCweVOI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMw-olW16GoK-0MaWgyCtJJjuaWJRg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4bb742125e422634b8497ad34c809ca32a01659d928609b8d4b2b7b0a83815c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6KCBDmUd7j54LKKZ5KOE4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-6KCBDmUd7j54LKKZ5KOE4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 44ms
41ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:55:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:55:34 GMT

POST
H3 204 AGSKWxU-_UMJikAwFRD-zu_1QH9NKGnubP3ZLdhsb4rTVZJHtHryKEA7fzYQP5ozwaibBrBNsR2uOUEOjDpW5D1ql29yQf-O8I6-W2H84Nkmn0dwnzKJkyWLs_vKv-NNyx9WU0o9LXTygg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 80ms
79ms XHR
text/html 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU-_UMJikAwFRD-zu_1QH9NKGnubP3ZLdhsb4rTVZJHtHryKEA7fzYQP5ozwaibBrBNsR2uOUEOjDpW5D1ql29yQf-O8I6-W2H84Nkmn0dwnzKJkyWLs_vKv-NNyx9WU0o9LXTygg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--fju-DBx15SZSxykZpJpFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://easy-fengshui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Mar 2023 06:39:49 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--fju-DBx15SZSxykZpJpFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://easy-fengshui.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 grapefruit.gif
easy-fengshui.com/detroitchicago/ 0
16 B 41ms
41ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/detroitchicago/grapefruit.gif?orig=0&v=W3sidHlwZSI6InZpZGVvIiwidmlkZW9faW1wcmVzc2lvbl9pZCI6IjhjYzc3Mjc4LThmODMtNDI0Yi1hNzA3LTc4NmZhZjNkM2EwNCIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInRfZXBvY2giOjE2NzgwODQ3ODYsImRhdGEiOlt7Im5hbWUiOiJ2aWRlb19zdGFydCIsInZhbCI6IjIwMjMtMDMtMDYgMDY6Mzk6NDcifV19LHsidHlwZSI6InZpZGVvIiwidmlkZW9faW1wcmVzc2lvbl9pZCI6IjhjYzc3Mjc4LThmODMtNDI0Yi1hNzA3LTc4NmZhZjNkM2EwNCIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInRfZXBvY2giOjE2NzgwODQ3ODYsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWRfc3RhcnQiLCJ2YWwiOiIxIn1dfSx7InR5cGUiOiJ2aWRlbyIsInZpZGVvX2ltcHJlc3Npb25faWQiOiI4Y2M3NzI3OC04ZjgzLTQyNGItYTcwNy03ODZmYWYzZDNhMDQiLCJkb21haW5faWQiOiIyNTAzNDEiLCJ0X2Vwb2NoIjoxNjc4MDg0Nzg2LCJkYXRhIjpbeyJuYW1lIjoiaGVhcmRfc3RhcnQiLCJ2YWwiOiIwIn1dfV0=
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:49 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:49 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B78A 42 B
64 B 83ms
82ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvj_YohfR4JqUHB8XTepO2YXsttagnNW1jnbytVyXPSVBf3VwAWVOXgtdF8br_o3Q7gW7p00NFnz_W3bTxW4Yddbcpg88s0Q-bhi0_7JjodfRoFpU-fKVbcBLojaFecbLVh3hN68g&sai=AMfl-YSq6ETga1HHBMfKHd_CqLN3GDNeL2RJpeZ4LXDprUM2oeC3yZzMN_tQFe9wPIbvo6XlqOAwu36frrsHGV1b4ssrO3RWLRB3CGh21h32UCsCWf8rqPrUozgOiEk_&sig=Cg0ArKJSzJJOJcb0TcWBEAE&cid=CAQSPADUE5ym199WJrnPy_f7Urlga5gQwPpH7mTkgUI-4tz_JYbfooquAiTPQTwT2LSbgBjRdIp572PfLIvdzxgB&id=lidar2&mcvt=1000&p=0,0,208,250&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=0.93&if=1&vu=1&app=0&itpl=4&adk=4176011913&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678084787893&rpt=1023&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU-_UMJikAwFRD-zu_1QH9NKGnubP3ZLdhsb4rTVZJHtHryKEA7fzYQP5ozwaibBrBNsR2uOUEOjDpW5D1ql29yQf-O8I6-W2H84Nkmn0dwnzKJkyWLs_vKv-NNyx9WU0o9LXTygg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 79ms
79ms XHR
text/html 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU-_UMJikAwFRD-zu_1QH9NKGnubP3ZLdhsb4rTVZJHtHryKEA7fzYQP5ozwaibBrBNsR2uOUEOjDpW5D1ql29yQf-O8I6-W2H84Nkmn0dwnzKJkyWLs_vKv-NNyx9WU0o9LXTygg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2wEYKcdG4CjJBhQNiNiAMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://easy-fengshui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Mar 2023 06:39:50 GMT
content-security-policy: script-src 'report-sample' 'nonce-2wEYKcdG4CjJBhQNiNiAMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://easy-fengshui.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vpp.gif
easy-fengshui.com/detroitchicago/ 43 B
141 B 42ms
41ms Image
image/gif 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easy-fengshui.com/detroitchicago/vpp.gif?e=%5B%7B%22url%22%3A%22https%3A%2F%2Feasy-fengshui.com%2F%22%2C%22pageview_id%22%3A%22b757f9b7-28b4-4f6d-749f-e980d68eff02%22%2C%22template_id%22%3A134%2C%22player_name%22%3A%22ezoicvideo%22%2C%22domain_id%22%3A250341%2C%22media_src%22%3A%22blob%3Ahttps%3A%2F%2Feasy-fengshui.com%2F8c9f0102-937c-4fe3-8e77-9e70a29f249b%22%7D%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:50 GMT
content-encoding: br
vary: Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Sun, 05 Mar 2023 06:39:50 GMT

POST
H3 204 AGSKWxU-_UMJikAwFRD-zu_1QH9NKGnubP3ZLdhsb4rTVZJHtHryKEA7fzYQP5ozwaibBrBNsR2uOUEOjDpW5D1ql29yQf-O8I6-W2H84Nkmn0dwnzKJkyWLs_vKv-NNyx9WU0o9LXTygg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 77ms
76ms XHR
text/html 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU-_UMJikAwFRD-zu_1QH9NKGnubP3ZLdhsb4rTVZJHtHryKEA7fzYQP5ozwaibBrBNsR2uOUEOjDpW5D1ql29yQf-O8I6-W2H84Nkmn0dwnzKJkyWLs_vKv-NNyx9WU0o9LXTygg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2MA4wk4DaiK7xHY4R0gbwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://easy-fengshui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Mar 2023 06:39:50 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2MA4wk4DaiK7xHY4R0gbwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://easy-fengshui.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU-_UMJikAwFRD-zu_1QH9NKGnubP3ZLdhsb4rTVZJHtHryKEA7fzYQP5ozwaibBrBNsR2uOUEOjDpW5D1ql29yQf-O8I6-W2H84Nkmn0dwnzKJkyWLs_vKv-NNyx9WU0o9LXTygg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 81ms
81ms XHR
text/html 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU-_UMJikAwFRD-zu_1QH9NKGnubP3ZLdhsb4rTVZJHtHryKEA7fzYQP5ozwaibBrBNsR2uOUEOjDpW5D1ql29yQf-O8I6-W2H84Nkmn0dwnzKJkyWLs_vKv-NNyx9WU0o9LXTygg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Jyv7j0xX0YR2uWCru0c4Ug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://easy-fengshui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Mar 2023 06:39:50 GMT
content-security-policy: script-src 'report-sample' 'nonce-Jyv7j0xX0YR2uWCru0c4Ug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://easy-fengshui.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXHoJ6TOVZa32ReiC0iiGWsbMJut89_iarShuxyMwVnL03PfxjXfL-UkJMftImcuOlWtSLOb9GQSfKCR2bNH8j11xbL4haOLszh6SY96s2I6q7dA_OR1YzxdLZVLY24at359BGJGw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 99ms
99ms Script
application/javascript 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXHoJ6TOVZa32ReiC0iiGWsbMJut89_iarShuxyMwVnL03PfxjXfL-UkJMftImcuOlWtSLOb9GQSfKCR2bNH8j11xbL4haOLszh6SY96s2I6q7dA_OR1YzxdLZVLY24at359BGJGw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc4MDg0NzkwLDkwMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNywxMCw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMSwxLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9lYXN5LWZlbmdzaHVpLmNvbS8iLG51bGwsW1s4LCJVcFR6VUN3ZVZPSSJdLFs5LCJkZSJdLFsxNiwiW3RydWUsdHJ1ZSx0cnVlXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b3e5e8b8d89a50642fff5c645551f90adab3578ff8011d76f58ceef067c8bcb2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3IwMwulNWYZ97yAP7OXKEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:50 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3IwMwulNWYZ97yAP7OXKEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A57F 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GH-46A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:50 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 AGSKWxVxFZLgMvYsYSSRV1EA2UbWZkf6kMtlmFmg_mP_fIuuJUfYLCSn3samSZfaFd-WS_m1UeIR2Tbit4X0w82cOFR8WhUXMx3gfvzBLyDMQzteCpUDODD9DAwRVYg_2Cg27EHNk1wgow== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 81ms
81ms XHR
text/html 2a00:1450:400d:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVxFZLgMvYsYSSRV1EA2UbWZkf6kMtlmFmg_mP_fIuuJUfYLCSn3samSZfaFd-WS_m1UeIR2Tbit4X0w82cOFR8WhUXMx3gfvzBLyDMQzteCpUDODD9DAwRVYg_2Cg27EHNk1wgow==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BSh0jIM9OtvtltocjKgqxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://easy-fengshui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Mar 2023 06:39:50 GMT
content-security-policy: script-src 'report-sample' 'nonce-BSh0jIM9OtvtltocjKgqxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://easy-fengshui.com
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
16 B 44ms
41ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjE0NzI4NDc4MDMzMjE1IiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImVhc3lfZmVuZ3NodWlfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NzgwODQ3ODYsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlsxNjAwLDEyMDBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2MTQ3Mjg0NzgwMzMyMTUiLCJkb21haW5faWQiOiIyNTAzNDEiLCJ1bml0IjoiZWFzeV9mZW5nc2h1aV9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY3ODA4NDc4NiwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYjc1N2Y5YjctMjhiNC00ZjZkLTc0OWYtZTk4MGQ2OGVmZjAyIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2MTQ3Mjg0NzgwMzMyMTUiLCJkb21haW5faWQiOiIyNTAzNDEiLCJ1bml0IjoiZWFzeV9mZW5nc2h1aV9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY3ODA4NDc4NiwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYjc1N2Y5YjctMjhiNC00ZjZkLTc0OWYtZTk4MGQ2OGVmZjAyIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiJ1bmRlZmluZWQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:50 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:50 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 50ms
50ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 48ms
48ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 294C 156 B
142 B 154ms
154ms XHR
text/xml 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?correlator=2313350464459725&description_url=https%3A%2F%2Feasy-fengshui.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=640x480%7C400x300%7C1x1&unviewed_position_start=1&url=https%3A%2F%2Feasy-fengshui.com%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22489788787%2F250341-shared-video-1&vid_d=40&vid_kw=Feng%20Shui%2CFeng%20Shui%20Rules%2CBedroom%20feng%20shui%2CBed%20Placement%2CBedroom%20Accessories%2CChinese%20Feng%20Shui&vid_t=Basic%20Feng%20Shui%20Rules%20and%20Tips%20for%20the%20Bedroom&vpa=auto&cust_params=ap%3D1%26d%3D250341%26eb_br%3Dc16fac08e79a971524b1c6834f5caad3%26ft%3D0%26ic%3D1%26iid1%3D1643048870057738%26plat%3D1%26t%3D134%26tap%3D250341-shared-video-1-1643048870057738&sdkv=h.3.559.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=3541963038&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.559.1&sid=AE64AD01-7BD4-430C-890E-32041E51590F&a3p=EhwKDWNyd2RjbnRybC5uZXQYmKSXreswSABSAghkEhkKCnB1YmNpZC5vcmcY_aWXreswSABSAghqEhcKCHJ0YmhvdXNlGJekl63rMEgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiYpJet6zBIAFICCGQSGQoKdWlkYXBpLmNvbRiYpJet6zBIAFICCGQSFAoFb3BlbngYmKSXreswSABSAghkEhsKDGlkNS1zeW5jLmNvbRiYpJet6zBIAFICCGQ.&nel=0&eid=44748969%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991%2C44785452&top=https%3A%2F%2Feasy-fengshui.com%2F&loc=https%3A%2F%2Feasy-fengshui.com%2F&dlt=1678084786650&idt=1314&dt=1678084790384&cookie=ID%3D857dc3e5e1b593cd-22a7954544dd005e%3AT%3D1678084787%3ART%3D1678084788%3AS%3DALNI_MbXEBJmwVFW1uG1WRbAHN0T_WrbfA&gpic=UID%3D00000bc0f3163385%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MYHq36mAlS2XlqNgofVtDCYNDuC8A&scor=4156373998177386&ged=ve4_td3_tt2_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.559.1_de.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index_audio_4_0_4.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 40 KB
41 KB 411ms
411ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_audio_4_0_4.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e17f10f3a9e3f973c9a5de97ce8ce84f79b4653f26e8c2ab8c1fd906e8eda95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:50 GMT
via: 1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41411
last-modified: Mon, 06 Mar 2023 06:39:50 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIA8uhCW27kHds8%2Bv93ogkQCfS7uKDbZN3YkKYQrCtT96cEXjlzvO29%2BSFaS%2FwazPQHSeoKHcY7mifRg43a1oatx71BZ00xgC9v7JIWjbzOVLa6fgSf0%2FUFDuTOkqu8ybGNppNx0AbovCm9KRMT%2BYnVj"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389a94293b9043-FRA
x-mediapackage-request-id: Root=1-64058ab6-390a69281fd88cd73e1d9bf7
x-amz-cf-id: mWE-kUKYjymPze5d9KJaRdINR9GlwvgkEvpyoo9jhbli99mIm2dvFQ==

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 49ms
48ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 50ms
49ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 294C 156 B
142 B 430ms
429ms XHR
text/xml 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?correlator=2313350464459725&description_url=https%3A%2F%2Feasy-fengshui.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=640x480%7C400x300%7C1x1&unviewed_position_start=1&url=https%3A%2F%2Feasy-fengshui.com%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22489788787%2F250341-shared-video-1&vid_d=40&vid_kw=Feng%20Shui%2CFeng%20Shui%20Rules%2CBedroom%20feng%20shui%2CBed%20Placement%2CBedroom%20Accessories%2CChinese%20Feng%20Shui&vid_t=Basic%20Feng%20Shui%20Rules%20and%20Tips%20for%20the%20Bedroom&vpa=auto&cust_params=ap%3D1%26d%3D250341%26eb_br%3D86802a923a1f32517e4c5d3b6d550271%26ft%3D0%26ic%3D1%26iid1%3D1643048870057738%26plat%3D1%26t%3D134%26tap%3D250341-shared-video-1-1643048870057738&sdkv=h.3.559.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=3541963038&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.559.1&sid=AE64AD01-7BD4-430C-890E-32041E51590F&a3p=EhwKDWNyd2RjbnRybC5uZXQYmKSXreswSABSAghkEhkKCnB1YmNpZC5vcmcY_aWXreswSABSAghqEhcKCHJ0YmhvdXNlGJekl63rMEgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiYpJet6zBIAFICCGQSGQoKdWlkYXBpLmNvbRiYpJet6zBIAFICCGQSFAoFb3BlbngYmKSXreswSABSAghkEhsKDGlkNS1zeW5jLmNvbRiYpJet6zBIAFICCGQ.&nel=0&eid=44748969%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991%2C44785452&top=https%3A%2F%2Feasy-fengshui.com%2F&loc=https%3A%2F%2Feasy-fengshui.com%2F&dlt=1678084786650&idt=1314&dt=1678084790553&cookie=ID%3D857dc3e5e1b593cd-22a7954544dd005e%3AT%3D1678084787%3ART%3D1678084788%3AS%3DALNI_MbXEBJmwVFW1uG1WRbAHN0T_WrbfA&gpic=UID%3D00000bc0f3163385%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MYHq36mAlS2XlqNgofVtDCYNDuC8A&scor=4156373998177386&ged=ve4_td4_tt3_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.559.1_de.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 6BA6 0
54 B 308ms
307ms Ping
image/gif 2404:6800:4004:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lewgcu6l&c=1315328083568&slotId=657664041784&qqid=CLHuyv3Yxv0CFbOB_QcdqkMBmw&umsem=0&ple=1&ape=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b74e08c96fd6ffaf41b74858b161eff8.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:820::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:50 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
567 B 475ms
474ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2051008498528973&correlator=3036490570215143&eid=31072029%2C31072701%2C44785063&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22489788787%2Ceasy_fengshui_com-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=6&adks=3140113942&didk=2508133916&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D5357630458078874%26eid%3D5357630458078874%26t%3D134%26d%3D250341%26t1%3D134%26pvc%3D0%26ap%3D1191%26sap%3D1191%26as%3Drevenue%26plat%3D1%26bra%3Dmod129%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Deasy_fengshui_com-edge-1-5357630458078874%26eb_br%3Dad0061a38dd7c6f7bcb692aee88dfda4%26eba%3D1%26ebss%3D10061%2C10015%26asau%3D6150187837%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D14%26br2%3D14%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C4276%2C18%2C1428%2C3052%2C3856%26lb%3D28%26reqt%3D1678084790593&eri=1&sc=1&cookie=ID%3D857dc3e5e1b593cd-22a7954544dd005e%3AT%3D1678084787%3ART%3D1678084788%3AS%3DALNI_MbXEBJmwVFW1uG1WRbAHN0T_WrbfA&gpic=UID%3D00000bc0f3163385%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MYHq36mAlS2XlqNgofVtDCYNDuC8A&abxe=1&dt=1678084790601&lmt=1678084790&dlt=1678084786650&idt=494&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Feasy-fengshui.com%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7&ga_vid=1462555817.1678084787&ga_sid=1678084787&ga_hid=1141971450&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmKSXreswSABSAghkEhkKCnB1YmNpZC5vcmcY_aWXreswSABSAghqEsIBCghydGJob3VzZRKsAXJSbVpjRFdZZnYrUUhUcy9EZ013d2d4d0liMXllYk40cFBJN1FHVitaWEtYcms0dEI0dStxUTRXVGEvVklKa0xnelllN29BYmpaTTRLSnFuZ0s2b1k3TlBWQ2FQV0c4LysvY1V4MlU0cnJZNlpsbXhEd0JtTlJ2aWpVekwrTE9DK3hyR08yZVUyR0c4a0NkL2lyNEJMUThJUTJEQ0k4UUlUWEdMRDBiemZRTT0Yj6iXreswSAASHQoOZXNwLmNyaXRlby5jb20YmKSXreswSABSAghkEhkKCnVpZGFwaS5jb20YmKSXreswSABSAghkEj4KBW9wZW54EixleUpwSWpvaWVERnpOMXBoYWtKUlJYbEJhWFZRVTNWMVMxQjJVVDA5SW4wPRiZqZet6zBIABIbCgxpZDUtc3luYy5jb20YoKeXreswSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c48464d45ee33f212ce14cd3a74e44e33b005590a9a8ee80c0f558f399dab270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 538
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://easy-fengshui.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
577 B 454ms
453ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2051008498528973&correlator=1793346128312067&eid=31072029%2C31072701%2C44785063&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22489788787%2Ceasy_fengshui_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=7&adks=2260493737&didk=4055843434&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D162533688047963%26eid%3D162533688047963%26t%3D134%26d%3D250341%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod129%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Deasy_fengshui_com-medrectangle-2-162533688047963%26eb_br%3D7432360301409ae695ba255f16fbcf06%26eba%3D1%26ebss%3D10061%2C10015%26asau%3D6150187837%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D20%26br2%3D18%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C4276%2C18%2C1428%2C3052%2C3053%26lb%3D38%26reqt%3D1678084790589&eri=1&sc=1&cookie=ID%3D857dc3e5e1b593cd-22a7954544dd005e%3AT%3D1678084787%3ART%3D1678084788%3AS%3DALNI_MbXEBJmwVFW1uG1WRbAHN0T_WrbfA&gpic=UID%3D00000bc0f3163385%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MYHq36mAlS2XlqNgofVtDCYNDuC8A&abxe=1&dt=1678084790609&lmt=1678084790&dlt=1678084786650&idt=494&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Feasy-fengshui.com%2F&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7&ga_vid=1462555817.1678084787&ga_sid=1678084787&ga_hid=1141971450&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmKSXreswSABSAghkEhkKCnB1YmNpZC5vcmcY_aWXreswSABSAghqEsIBCghydGJob3VzZRKsAXJSbVpjRFdZZnYrUUhUcy9EZ013d2d4d0liMXllYk40cFBJN1FHVitaWEtYcms0dEI0dStxUTRXVGEvVklKa0xnelllN29BYmpaTTRLSnFuZ0s2b1k3TlBWQ2FQV0c4LysvY1V4MlU0cnJZNlpsbXhEd0JtTlJ2aWpVekwrTE9DK3hyR08yZVUyR0c4a0NkL2lyNEJMUThJUTJEQ0k4UUlUWEdMRDBiemZRTT0Yj6iXreswSAASHQoOZXNwLmNyaXRlby5jb20YmKSXreswSABSAghkEhkKCnVpZGFwaS5jb20YmKSXreswSABSAghkEj4KBW9wZW54EixleUpwSWpvaWVERnpOMXBoYWtKUlJYbEJhWFZRVTNWMVMxQjJVVDA5SW4wPRiZqZet6zBIABIbCgxpZDUtc3luYy5jb20YoKeXreswSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10e22b90a9cf9350570451f00cae31ff23653f93dd934b597f71367a110efed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 548
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://easy-fengshui.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
567 B 501ms
500ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2051008498528973&correlator=120545413760873&eid=31072029%2C31072701%2C44785063&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22489788787%2Ceasy_fengshui_com-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=8&adks=478332810&didk=2508132885&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D6892190754035060%26eid%3D6892190754035060%26t%3D134%26d%3D250341%26t1%3D134%26pvc%3D0%26ap%3D1192%26sap%3D1192%26as%3Drevenue%26plat%3D1%26bra%3Dmod129%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Deasy_fengshui_com-edge-2-6892190754035060%26eb_br%3De66c30deca31b19eda212eeca1258584%26eba%3D1%26ebss%3D10061%2C10015%26asau%3D6150187837%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D24%26br2%3D22%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C4276%2C18%2C1428%2C3053%26lb%3D46%26reqt%3D1678084790595&eri=1&sc=1&cookie=ID%3D857dc3e5e1b593cd-22a7954544dd005e%3AT%3D1678084787%3ART%3D1678084788%3AS%3DALNI_MbXEBJmwVFW1uG1WRbAHN0T_WrbfA&gpic=UID%3D00000bc0f3163385%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MYHq36mAlS2XlqNgofVtDCYNDuC8A&abxe=1&dt=1678084790613&lmt=1678084790&dlt=1678084786650&idt=494&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Feasy-fengshui.com%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7&ga_vid=1462555817.1678084787&ga_sid=1678084787&ga_hid=1141971450&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmKSXreswSABSAghkEhkKCnB1YmNpZC5vcmcY_aWXreswSABSAghqEsIBCghydGJob3VzZRKsAXJSbVpjRFdZZnYrUUhUcy9EZ013d2d4d0liMXllYk40cFBJN1FHVitaWEtYcms0dEI0dStxUTRXVGEvVklKa0xnelllN29BYmpaTTRLSnFuZ0s2b1k3TlBWQ2FQV0c4LysvY1V4MlU0cnJZNlpsbXhEd0JtTlJ2aWpVekwrTE9DK3hyR08yZVUyR0c4a0NkL2lyNEJMUThJUTJEQ0k4UUlUWEdMRDBiemZRTT0Yj6iXreswSAASHQoOZXNwLmNyaXRlby5jb20YmKSXreswSABSAghkEhkKCnVpZGFwaS5jb20YmKSXreswSABSAghkEj4KBW9wZW54EixleUpwSWpvaWVERnpOMXBoYWtKUlJYbEJhWFZRVTNWMVMxQjJVVDA5SW4wPRiZqZet6zBIABIbCgxpZDUtc3luYy5jb20YoKeXreswSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

911278c96e081d629c984f85b93e7cdb5c2baf7142541a1b6e9797c63e157874

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 538
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://easy-fengshui.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index_video_1_0_4.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 39 KB
40 KB 568ms
568ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_video_1_0_4.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d082957fa5d792a997b5a5764411df45da4132e9b843a054408da63bbef5a67a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:51 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40286
last-modified: Mon, 06 Mar 2023 06:39:51 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kE8dQEU%2FKrAi4u%2Fbm%2FHdKZCeFWAcZdGXN0FeVlQfZ%2Bha3tfO5wiAMlvUwbGm7gUTcwsfPBYbgQk7na27K%2Fhn6zxhl61T3FvKWndUhvjhw4S95fNSEwEYnRrmH9Y%2FV6bIYLYhw0vsFtdU4pHQUhsVn80A"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389a957a179043-FRA
x-mediapackage-request-id: Root=1-64058ab6-42dfe04d0ce31039236e3e65
x-amz-cf-id: 61PfIP9h2VGjhP7YpNJF7nTQtYt1A2xZQHJ8jklfhCGYBt8eL3kPpA==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023022801&jk=2051008498528973&bg=!fX6lfirNAAbv3-2Ez987ADkAdvg8WribA5HPps0qCdJZ4RxF4ibqgRuqazGOHT05ySdaNXfan-YrMqa42pf7zSO2I9PF0knBn60CAAAAblIAAAAEaAEHCgAUik2AUWCPVIt302_b4ui8Fy6TaDCZAqSwaRDHjdso1cQSC6rqiEBsFAW0L9r3vgA0vjdxYdUqzELgZm3VORTz59-J_FdmU7-I-rGYuLwF00q7cyPUPvN4bE_VaY83PyqlTPFZPPokMly_qhKALd7V-qrQysYCuX2OGHWTKyxXYSGaEp6mA3YQXIYS56Waz1yO5m_HRMzlRLRYOEu9Uc4SIXw2oXIDvMFizbfFFHoVeQHGcd5bfVg4NtFn7MCnlivqH4SJS-8m9diF_2yevJrdhVeweMe3AXz8bcM1Y8gtTYQm0dsJhzpsfJL-uz58okoCZA8wTyiBSPXv76up0cCfU8IcmHE0A5RhZembEsPEpMZMzvcDRQj2Pg8Vqt-MWjz37CcX6IzkawITg18QuiC_4MhICkXlIPAxcxL33BzriTzyEvd2RJycZyYv773q0YnR6wZdY8k94VnQgHRSLZQngNPkBF2OJewj2QoQVpaMyxnYKkXw88RNxk9MHRmlvU66vOYQsZ4_yapbMlPOgRgQ0GSkUElmTF9x_nHTU5xFO84Ge5bSZRIlbrTUyAiEyndeRd9w2v7yYXrtvpaSHF576CXWYpFHelA4zJ64KOPdEysDC1wtVZAJ29mvtmZqy3oRum8jQ787vCw_XkJyTNeAl_rxQdBKJiEyLTs4VGCSby5bDYYLC-Wz-nED9kkxmTBKsqyinQDRBLq1p_s5fxCdHx3n7tdqHZL4yTdZGRQIVSaSS5-wOXSt3HkuEENKyccUFq4xF7MP822ZHGb0pFoV06sgHldO_ufVhJNNxiefxSPJjMiunzffKibWBCvUXMhQ68uAvV5Qx4zClUEnw6n4GSp388F6Awx5KuYYATAg4fsHkY8bx4f9_aENI_aRfnfdWLhsNaLbX9GqO4zB9gHNNaPNUY7wxAtaKDka
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 index_audio_4_0_5.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 40 KB
41 KB 600ms
600ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_audio_4_0_5.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b06a9c627a410082f572f9908a7b5cc3676b2ec5f173d35cc30cc1bfa7ca63b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:51 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40972
last-modified: Mon, 06 Mar 2023 06:39:51 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6hMFG%2FwJJMPnDS%2BS5aEZ%2FX9M4nzAidAzD1vRwSMGXQuG%2FdrYLVolYk15CiZ%2FInoG3%2FeP4y%2BQ1vM%2BkUX37x5Sx1AOYIliWW8lU5POWCIsYM%2F0si3hkb0dfdlUdUGAx6fMk9jGHnjZe7sU1FgOqFc5I8u"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389a975b839043-FRA
x-mediapackage-request-id: Root=1-64058ab7-6b0f4f181f83f7041bbd7753
x-amz-cf-id: Pupg3j-bmaLBeDytwQ98B1pRK7ej8cjGiCqygvekZpTAz65WCVIomQ==

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 53ms
52ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 51ms
51ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 294C 156 B
142 B 415ms
414ms XHR
text/xml 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?correlator=2313350464459725&description_url=https%3A%2F%2Feasy-fengshui.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=640x480%7C400x300%7C1x1&unviewed_position_start=1&url=https%3A%2F%2Feasy-fengshui.com%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22489788787%2F250341-shared-video-1&vid_d=40&vid_kw=Feng%20Shui%2CFeng%20Shui%20Rules%2CBedroom%20feng%20shui%2CBed%20Placement%2CBedroom%20Accessories%2CChinese%20Feng%20Shui&vid_t=Basic%20Feng%20Shui%20Rules%20and%20Tips%20for%20the%20Bedroom&vpa=auto&cust_params=ap%3D1%26d%3D250341%26eb_br%3D60474211daf1dfd4d90000ea01f56c30%26ft%3D0%26ic%3D1%26iid1%3D1643048870057738%26plat%3D1%26t%3D134%26tap%3D250341-shared-video-1-1643048870057738&sdkv=h.3.559.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=3541963038&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.559.1&sid=AE64AD01-7BD4-430C-890E-32041E51590F&a3p=EhwKDWNyd2RjbnRybC5uZXQYmKSXreswSABSAghkEhkKCnB1YmNpZC5vcmcY_aWXreswSABSAghqEhcKCHJ0YmhvdXNlGJekl63rMEgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiYpJet6zBIAFICCGQSGQoKdWlkYXBpLmNvbRiYpJet6zBIAFICCGQSFAoFb3BlbngYmKSXreswSABSAghkEhsKDGlkNS1zeW5jLmNvbRiYpJet6zBIAFICCGQ.&nel=0&eid=44748969%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991%2C44785452&top=https%3A%2F%2Feasy-fengshui.com%2F&loc=https%3A%2F%2Feasy-fengshui.com%2F&dlt=1678084786650&idt=1314&dt=1678084790998&cookie=ID%3D857dc3e5e1b593cd-22a7954544dd005e%3AT%3D1678084787%3ART%3D1678084788%3AS%3DALNI_MbXEBJmwVFW1uG1WRbAHN0T_WrbfA&gpic=UID%3D00000bc0f3163385%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MYHq36mAlS2XlqNgofVtDCYNDuC8A&scor=4156373998177386&ged=ve4_td4_tt3_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.559.1_de.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index_video_1_0_5.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 26 KB
27 KB 650ms
650ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_video_1_0_5.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33ee19be104afc917d617cd770f15a4d981dbd3139821b5104d8a0d8b3619dae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:51 GMT
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27050
last-modified: Mon, 06 Mar 2023 06:39:51 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MmetMIuRxqFye7Ob0L5mFxLB967NV39ONB8Hu%2BbaIkG60EyWeACY2wm8Dkj6d1WZaaeq0dM7eNIy6gxd5XmPfkEiAdnRpNWAWKUSUY1v2Nx8%2F%2Fa9%2FphVHppAAI6g6vWmVACvRwe6QYiSMaOkRckRm39"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389a99ad069043-FRA
x-mediapackage-request-id: Root=1-64058ab7-56b04eca3112bfa426951ce8
x-amz-cf-id: rslL_dDyNix302zo5svsPFYwqiZLAeo_WK-WcmKpiSB5kECyk5lEBA==

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 294C 156 B
142 B 395ms
395ms XHR
text/xml 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?correlator=2313350464459725&description_url=https%3A%2F%2Feasy-fengshui.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=640x480%7C400x300%7C1x1&unviewed_position_start=1&url=https%3A%2F%2Feasy-fengshui.com%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22489788787%2F250341-shared-video-1&vid_d=40&vid_kw=Feng%20Shui%2CFeng%20Shui%20Rules%2CBedroom%20feng%20shui%2CBed%20Placement%2CBedroom%20Accessories%2CChinese%20Feng%20Shui&vid_t=Basic%20Feng%20Shui%20Rules%20and%20Tips%20for%20the%20Bedroom&vpa=auto&cust_params=ap%3D1%26d%3D250341%26eb_br%3D60474211daf1dfd4d90000ea01f56c30%26ft%3D0%26ic%3D1%26iid1%3D1643048870057738%26plat%3D1%26t%3D134%26tap%3D250341-shared-video-1-1643048870057738&sdkv=h.3.559.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=3541963038&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.559.1&sid=AE64AD01-7BD4-430C-890E-32041E51590F&a3p=EhwKDWNyd2RjbnRybC5uZXQYmKSXreswSABSAghkEhkKCnB1YmNpZC5vcmcY_aWXreswSABSAghqEhcKCHJ0YmhvdXNlGJekl63rMEgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiYpJet6zBIAFICCGQSGQoKdWlkYXBpLmNvbRiYpJet6zBIAFICCGQSFAoFb3BlbngYmKSXreswSABSAghkEhsKDGlkNS1zeW5jLmNvbRiYpJet6zBIAFICCGQ.&nel=0&eid=44748969%2C44765701%2C44777649%2C44781409%2C44781753%2C44782991%2C44785452&top=https%3A%2F%2Feasy-fengshui.com%2F&loc=https%3A%2F%2Feasy-fengshui.com%2F&dlt=1678084786650&idt=1314&dt=1678084791521&cookie=ID%3D857dc3e5e1b593cd-22a7954544dd005e%3AT%3D1678084787%3AS%3DALNI_MbXEBJmwVFW1uG1WRbAHN0T_WrbfA&gpic=UID%3D00000bc0f3163385%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MYHq36mAlS2XlqNgofVtDCYNDuC8A&scor=4156373998177386&ged=ve4_td5_tt4_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.559.1_de.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index_audio_4_0_6.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 40 KB
41 KB 538ms
538ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_audio_4_0_6.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c3fc598e97db88e9591acce88af0ee37d8a480e8ba48745786a24399b77729b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:52 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41410
last-modified: Mon, 06 Mar 2023 06:39:52 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1n%2BxVizQEFnhXJUo1ZzKXlkGrFeQ6s2Yg1%2FZPWBtoGRsRBGxbPgxewZiNH0XFyz2eGs3U%2Fd1K317w6Sqv0QPGwj%2B4npS%2BxhZAZjVION2VpV3q0YBOZnUuvGI7Sja5X%2BWkAOw4bgvNvsW4ecALj1YvAG7"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389a9bbe5b9043-FRA
x-mediapackage-request-id: Root=1-64058ab7-085e98f954d692105a3d064a
x-amz-cf-id: l_SQ6WrrZnGfZCv42C2_SfG8MRNr-VUmYZMRgHt2vLToKQuM489kkg==

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1018 B 166ms
47ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-53
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 06 Mar 2023 06:39:52 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 884305
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTSvV3FSM2qEInaNnEVEFJpX13sKEKqUfxHkmCDNRqIC98ijYuQ6slvGzpIkOe0GKGrSZV16WND8M0L42a1Y%2FR19xr9YuQDeL7cLlhk6OjVPytJ7LOlLThIP%2FxzbZewBqvWjfY9Nk7II70%2BF"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7a389a9e6869bbcb-FRA

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
506 B 282ms
127ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9691b20174742046e221125d9d01b3&cmd=bid&eidquantcast.com=P0-1007042381-1678084787332&eidpubcid.org=54352419-c854-46be-8bef-0cb884b96b37&secure=1&us_privacy=1---
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-53
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: fbf8b3ad8906a7d8225553508cd653329c930b8e0443bf82efabe2bb1652388f

Request headers

Referer: https://easy-fengshui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Mar 2023 06:39:52 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://easy-fengshui.com
access-control-allow-credentials: true
content-length: 80

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
113 B 290ms
136ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9691b20174742046e221125d9d01b3&cmd=bid&eidquantcast.com=P0-1007042381-1678084787332&eidpubcid.org=54352419-c854-46be-8bef-0cb884b96b37&secure=1&us_privacy=1---
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-53
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: f180f560d82a7ab2310ceb4a1321e4783e227ad0a236d3b0356090bdeffe72e9

Request headers

Referer: https://easy-fengshui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Mar 2023 06:39:52 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://easy-fengshui.com
access-control-allow-credentials: true
content-length: 80

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
113 B 287ms
133ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9691b20174742046e2211258fd01b2&cmd=bid&eidquantcast.com=P0-1007042381-1678084787332&eidpubcid.org=54352419-c854-46be-8bef-0cb884b96b37&secure=1&us_privacy=1---
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-53
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 266ff87113e10d2f93c635bc255331b2b3e1931b8e5a767cc9bf37e61639c05d

Request headers

Referer: https://easy-fengshui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Mar 2023 06:39:52 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://easy-fengshui.com
access-control-allow-credentials: true
content-length: 80

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
113 B 290ms
136ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9691b20174742046e2211258fd01b2&cmd=bid&eidquantcast.com=P0-1007042381-1678084787332&eidpubcid.org=54352419-c854-46be-8bef-0cb884b96b37&secure=1&us_privacy=1---
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-53
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 30a8cbe1fdca539da81c7b465dd141662356ac5e4f71f5e1ce3a21f9f88114b4

Request headers

Referer: https://easy-fengshui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Mar 2023 06:39:52 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://easy-fengshui.com
access-control-allow-credentials: true
content-length: 80

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
113 B 291ms
137ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9699b701747420431021125b3b0010&cmd=bid&eidquantcast.com=P0-1007042381-1678084787332&eidpubcid.org=54352419-c854-46be-8bef-0cb884b96b37&secure=1&us_privacy=1---
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-53
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: f9c708dab78f918ac429ae790d68f13cbe12e678a4d984e83eb4d9582c5a342e

Request headers

Referer: https://easy-fengshui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Mar 2023 06:39:52 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://easy-fengshui.com
access-control-allow-credentials: true
content-length: 80

GET
H2 200 vad.gif
easy-fengshui.com/porpoiseant/ 43 B
120 B 44ms
43ms Image
image/gif 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://easy-fengshui.com/porpoiseant/vad.gif?e=%7B%22ad_filled%22%3A0%2C%22error_message%22%3A%22AdError%201009%3A%20The%20VAST%20response%20document%20is%20empty.%22%2C%22url%22%3A%22https%3A%2F%2Feasy-fengshui.com%2F%22%2C%22pageview_id%22%3A%22b757f9b7-28b4-4f6d-749f-e980d68eff02%22%2C%22visit_uuid%22%3A%22043ad337-c4db-4991-70bd-ceb7e1615690%22%2C%22template_id%22%3A134%2C%22domain_id%22%3A250341%2C%22video_ad_impression_id%22%3A%2200a4cc95-2586-41d5-a3b5-d07b47a7d591%22%2C%22vab_test_id%22%3A%22vmod1-c%22%2C%22vab_test_val%22%3A%22%22%2C%22uuid%22%3A%2200a4cc95-2586-41d5-a3b5-d07b47a7d591%22%2C%22play_cnt%22%3A0%2C%22pause_cnt%22%3A0%2C%22completed%22%3Afalse%2C%22errored%22%3Afalse%2C%22skipped%22%3Afalse%2C%22clicked%22%3Afalse%2C%22viewable%22%3Afalse%2C%22ad_position%22%3A%22start%22%2C%22video_impression_id%22%3A%228cc77278-8f83-424b-a707-786faf3d3a04%22%2C%22ad_client%22%3A%22Google%20IMA%22%2C%22ad_system%22%3A%22Google%20Ad%20Manager%22%2C%22total_ads%22%3A0%2C%22ad_index%22%3A1%2C%22owner_domain_id%22%3A250126%2C%22player_name%22%3A%22ezvideojs%22%2C%22is_outstream%22%3Afalse%2C%22impression_id%22%3A1643048870057738%2C%22ad_unit%22%3A%22250341-shared-video-1%22%2C%22ad_src%22%3A%22https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fcorrelator%3D13709797307%26description_url%3Dhttps%253A%252F%252Feasy-fengshui.com%252F%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26sz%3D640x480%257C400x300%257C1x1%26unviewed_position_start%3D1%26url%3Dhttps%253A%252F%252Feasy-fengshui.com%252F%26ad_type%3Dvideo%26hl%3Dde%26impl%3Ds%26max_ad_duration%3D240000%26min_ad_duration%3D4500%26npa%3D0%26tfcd%3D0%26vad_type%3Dlinear%26vpmute%3D1%26vpos%3Dpreroll%26iu%3D%2F1254144%2C22489788787%2F250341-shared-video-1%26vid_d%3D40%26vid_kw%3DFeng%2BShui%252CFeng%2BShui%2BRules%252CBedroom%2Bfeng%2Bshui%252CBed%2BPlacement%252CBedroom%2BAccessories%252CChinese%2BFeng%2BShui%26vid_t%3DBasic%2BFeng%2BShui%2BRules%2Band%2BTips%2Bfor%2Bthe%2BBedroom%26vpa%3Dauto%26cust_params%3Dap%253D1%2526d%253D250341%2526eb_br%253D60474211daf1dfd4d90000ea01f56c30%2526ft%253D0%2526ic%253D1%2526iid1%253D1643048870057738%2526plat%253D1%2526t%253D134%2526tap%253D250341-shared-video-1-1643048870057738%22%2C%22param_gen%22%3A%22DefaultOptimizedPods%22%2C%22position_gen%22%3A%22Even%22%2C%22vad_type%22%3A%22linear%22%2C%22skippable%22%3Atrue%2C%22min_ad_length%22%3A4500%2C%22max_ad_length%22%3A240000%2C%22ad_type%22%3A%22video%22%2C%22allowed_ad_sizes%22%3A%22640x480%7C400x300%7C1x1%22%2C%22t_pageview_time%22%3A1678084786%2C%22bidders%22%3A%22%5B%5D%22%2C%22received_bidders%22%3A%22%5B%5D%22%2C%22video_position_id%22%3A1%2C%22auction_retry_count%22%3A7%2C%22fallback_type%22%3A%22exponential%22%2C%22bid_floor_gen%22%3A%22defaultVideoAdBidFloor%22%2C%22winning_bid_floor%22%3A0%2C%22max_hb_bid%22%3A0%2C%22bid_floor_type%22%3A0%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:51 GMT
content-encoding: br
vary: Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Sun, 05 Mar 2023 06:39:51 GMT

GET
H2 200 wp-emoji-release.min.js Show response
easy-fengshui.com/wp-includes/js/ 18 KB
5 KB 109ms
108ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a41fb5dfc2e5f42d85e76ccd718d24ab17e17644ecc5ccbd2d06e150148cf29f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:52 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;11b66cd30ff539ddd322f5b7a0a68a4d;2-250341-5;bf77b312-f620-4cf7-4816-d6720d8eaecf
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: W/"62907f10-48b9-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
content-type: application/javascript
cache-control: public, max-age=31536000
x-ez-minify-js: 0.47% 18530 / 18617

GET
H2 200 jquery.min.js Show response
easy-fengshui.com/wp-includes/js/jquery/ 92 KB
30 KB 190ms
190ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/wp-includes/js/jquery/jquery.min.js?screx=1&sxcb=1a&ver=3.6.1
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7408992c59bd0542e87e0d368aedc4e70d4567bc189cfd169371823768e85cd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:52 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;a4e67770011bbc8cf8d6179692b601ee;2-250341-5;b983e7ae-6275-40f0-4ebb-1bd3e0d78d6f
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: W/"6364df47-15e54-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
content-type: application/javascript
cache-control: public, max-age=31536000
x-ez-minify-js: 0.14% 94111 / 94244

GET
H2 200 frontend.min.js Show response
easy-fengshui.com/wp-content/plugins/link-whisper-premium/js/ 5 KB
2 KB 196ms
194ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/wp-content/plugins/link-whisper-premium/js/frontend.min.js?screx=1&sxcb=1a&ver=1676666472
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2877be55d7a39fc91423546426e2218fac7ce92d93e9c49be99533fca698dfd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:52 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;68661c5b62c6515a22ce490699c64ad4;2-250341-5;53567fcf-99f8-4de1-6476-4bf82eed2c50
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: W/"63efe668-128e-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
content-type: application/javascript
cache-control: public, max-age=31536000
x-ez-minify-js: 0.06% 4843 / 4846

GET
H2 200 front.min.js Show response
easy-fengshui.com/wp-content/plugins/table-of-contents-plus/ 6 KB
2 KB 155ms
153ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/wp-content/plugins/table-of-contents-plus/front.min.js?screx=1&sxcb=1a&ver=2302
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 23c3766560f822d668a96abc491be27de5d5e64ec261044d33cb5ba012bedb58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:52 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;e3460c50df240bec72575843a26a600f;2-250341-5;934d9447-ee22-4486-6186-4062ede424aa
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: W/"63efe66e-180f-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
content-type: application/javascript
cache-control: public, max-age=31536000
x-ez-minify-js: 0.14% 6476 / 6485

GET
H2 200 js.cookie.min.js Show response
easy-fengshui.com/wp-content/plugins/ad-invalid-click-protector/assets/js/ 1 KB
818 B 195ms
193ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/wp-content/plugins/ad-invalid-click-protector/assets/js/js.cookie.min.js?screx=1&sxcb=1a&ver=3.0.0
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6ca44caa743f976b97e6bbca105b2ba1493a8695d8552738700e00433e24044b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:52 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;e1fa8f3ca9bf95ebc47b2f9852b8a7c4;2-250341-5;34730758-42cf-44f4-7e48-8ee6cb7bf56f
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 676
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: W/"624ed3ec-5dc-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
content-type: application/javascript
cache-control: public, max-age=31536000
x-ez-minify-js: 0.26% 1530 / 1534

GET
H2 200 jquery.iframetracker.min.js Show response
easy-fengshui.com/wp-content/plugins/ad-invalid-click-protector/assets/js/ 3 KB
1 KB 113ms
111ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/wp-content/plugins/ad-invalid-click-protector/assets/js/jquery.iframetracker.min.js?screx=1&sxcb=1a&ver=2.1.0
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 16c1988a2309e89ab90cb88e42eb8868bd934adb24f7c5fe9c4577b091a9d54b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:52 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ms;d4c9d3b90c9855bb90ebe04d46ffa53e;2-250341-5;eca6d0bd-f885-41c0-5fb3-52ccf7bfd9f3
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 1117
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: W/"624ed3ec-c72-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
content-type: application/javascript
cache-control: public, max-age=31536000
x-ez-minify-js: 0.18% 3302 / 3308

GET
H2 200 aicp.min.js Show response
easy-fengshui.com/wp-content/plugins/ad-invalid-click-protector/assets/js/ 777 B
515 B 187ms
186ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/wp-content/plugins/ad-invalid-click-protector/assets/js/aicp.min.js?screx=1&sxcb=1a&ver=1.0
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1e0a52e09f6a82103811fb05011f1487605df55d406ecaad89c68999d67f8ae0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:52 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;8b32f6c6a2ecdbc2b6deab6e073a3ef6;2-250341-5;bd2edcb4-09b8-41fd-7f48-29bd7e7c0efa
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 376
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: W/"624ed3ec-309-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
content-type: application/javascript
cache-control: public, max-age=31536000
x-ez-minify-js: 0.00% 777 / 777

GET
H2 200 sassy-social-share-public.js Show response
easy-fengshui.com/wp-content/plugins/sassy-social-share/public/js/ 111 KB
37 KB 114ms
114ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?screx=1&sxcb=1a&ver=3.3.46
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 28f8b896c7166250a04bcf961069e2df841ba956f3da9d308a718034f877dc4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:52 UTC
content-encoding: br
display: staticcontent_sol
x-ezoic-cdn: Hit ds;ds;f65097ca60c56adb718d3f7676f784cf;2-250341-5;6f51ef2a-a2a4-4807-7a06-e7640634208c
x-proxy-cache-info: DT:1
x-middleton-display: staticcontent_sol
x-middleton-response: 200
host-header: 8441280b0c35cbc1147f8ba998a563a7
response: 200
last-modified: Mon, 27 Feb 2023 14:59:55 GMT
server: nginx
etag: W/"63efe66a-1d4ca-gzip"
x-origin-cache-control: max-age=31536000
vary: Accept-Encoding,User-Agent,Origin
content-type: application/javascript
cache-control: public, max-age=31536000
x-ez-minify-js: 5.17% 114033 / 120254

GET
H3 200 index_video_1_0_6.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 126 KB
126 KB 722ms
722ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_video_1_0_6.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd5e4396515dd743bd0aebf5fc9588334e462c2045237339319f02e083f648a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:52 GMT
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 128696
last-modified: Mon, 06 Mar 2023 06:39:52 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5sGVlIlxa8QuHEmzBk%2B02seWwJGXfM8zZ5SPUW9SXriMt31GfSH2BCMobSzMG%2FRtSCzfzYW4Uoho7P%2FmjvsPA413143CkvEKRuAGTle%2B7ZA94Eanb%2Fz1MJ56GfLwSNw66o6FGInqWY3esi3DDZP%2Fz%2Fc"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389a9e68369043-FRA
x-mediapackage-request-id: Root=1-64058ab8-7025dc334f2bd0af0b320e3e
x-amz-cf-id: T1RLsQyQ1NjWUt6U03v8boIiTbHjilzAgtvrKaHk_iSRYv7cUH8KDg==

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
23 KB 130ms
48ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 06 Mar 2023 06:39:52 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 90483
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uXLNn2ugqrqZIS5YXQUicpDX5PiWM%2Fkh4tJ6KcJTzv4gw1kVJKIl1xQ1j2wo2hmsFepTOF9FHEIFf72xFlPlGcumT7XVDmrCLj1%2B5buT8Ilm4gLLo6ddPcBTxAwcF8ByEWHol7%2BL4rOnme4R"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7a389a9f382b91ff-FRA

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 51ms
50ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 50ms
49ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 997 B
465 B 450ms
449ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2051008498528973&correlator=444884839691858&eid=31072029%2C31072701%2C44785063&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22489788787%2Ceasy_fengshui_com-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=9&adks=478332810&didk=2508132885&sfv=1-0-40&ris=2&rcs=2&prev_scp=a%3D%257C0%257C%26iid1%3D6892190754035060%26eid%3D6892190754035060%26t%3D134%26d%3D250341%26t1%3D134%26pvc%3D0%26ap%3D1192%26sap%3D1192%26as%3Drevenue%26plat%3D1%26bra%3Dmod129%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Deasy_fengshui_com-edge-2-6892190754035060%26eb_br%3D2e8b8c60843e52e5aaa1e3a52287a2bb%26eba%3D1%26ebss%3D10061%2C10015%26asau%3D6150187837%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D8%26br2%3D22%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C4276%2C18%2C1428%2C3053%2C18%2C1428%2C3052%2C3053%2C3856%26lb%3D24%26reqt%3D1678084791125&eri=1&sc=1&cookie=ID%3D857dc3e5e1b593cd-22a7954544dd005e%3AT%3D1678084787%3AS%3DALNI_MbXEBJmwVFW1uG1WRbAHN0T_WrbfA&gpic=UID%3D00000bc0f3163385%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MYHq36mAlS2XlqNgofVtDCYNDuC8A&abxe=1&dt=1678084792140&lmt=1678084792&dlt=1678084786650&idt=494&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Feasy-fengshui.com%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7&ga_vid=1462555817.1678084787&ga_sid=1678084787&ga_hid=1141971450&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmKSXreswSABSAghkEhkKCnB1YmNpZC5vcmcY_aWXreswSABSAghqEsIBCghydGJob3VzZRKsAXJSbVpjRFdZZnYrUUhUcy9EZ013d2d4d0liMXllYk40cFBJN1FHVitaWEtYcms0dEI0dStxUTRXVGEvVklKa0xnelllN29BYmpaTTRLSnFuZ0s2b1k3TlBWQ2FQV0c4LysvY1V4MlU0cnJZNlpsbXhEd0JtTlJ2aWpVekwrTE9DK3hyR08yZVUyR0c4a0NkL2lyNEJMUThJUTJEQ0k4UUlUWEdMRDBiemZRTT0Yj6iXreswSAASHQoOZXNwLmNyaXRlby5jb20YmKSXreswSABSAghkEhkKCnVpZGFwaS5jb20YmKSXreswSABSAghkEj4KBW9wZW54EixleUpwSWpvaWVERnpOMXBoYWtKUlJYbEJhWFZRVTNWMVMxQjJVVDA5SW4wPRiZqZet6zBIABIbCgxpZDUtc3luYy5jb20YoKeXreswSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6586648e49662b1184982f356c4f473f2c78f270da364b4566571148ca4487c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 436
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://easy-fengshui.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 997 B
464 B 496ms
496ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2051008498528973&correlator=1152478982661871&eid=31072029%2C31072701%2C44785063&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22489788787%2Ceasy_fengshui_com-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=10&adks=3140113942&didk=2508133916&sfv=1-0-40&ris=2&rcs=2&prev_scp=a%3D%257C0%257C%26iid1%3D5357630458078874%26eid%3D5357630458078874%26t%3D134%26d%3D250341%26t1%3D134%26pvc%3D0%26ap%3D1191%26sap%3D1191%26as%3Drevenue%26plat%3D1%26bra%3Dmod129%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Deasy_fengshui_com-edge-1-5357630458078874%26eb_br%3D33dd523f8e4dda158f0aa99686dda7f2%26eba%3D1%26ebss%3D10061%2C10015%26asau%3D6150187837%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D6%26br2%3D14%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C4276%2C18%2C1428%2C3052%2C3856%2C18%2C1428%2C3052%2C3856%26lb%3D14%26reqt%3D1678084791123&eri=1&sc=1&cookie=ID%3D857dc3e5e1b593cd-22a7954544dd005e%3AT%3D1678084787%3AS%3DALNI_MbXEBJmwVFW1uG1WRbAHN0T_WrbfA&gpic=UID%3D00000bc0f3163385%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MYHq36mAlS2XlqNgofVtDCYNDuC8A&abxe=1&dt=1678084792151&lmt=1678084792&dlt=1678084786650&idt=494&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Feasy-fengshui.com%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7&ga_vid=1462555817.1678084787&ga_sid=1678084787&ga_hid=1141971450&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmKSXreswSABSAghkEhkKCnB1YmNpZC5vcmcY_aWXreswSABSAghqEsIBCghydGJob3VzZRKsAXJSbVpjRFdZZnYrUUhUcy9EZ013d2d4d0liMXllYk40cFBJN1FHVitaWEtYcms0dEI0dStxUTRXVGEvVklKa0xnelllN29BYmpaTTRLSnFuZ0s2b1k3TlBWQ2FQV0c4LysvY1V4MlU0cnJZNlpsbXhEd0JtTlJ2aWpVekwrTE9DK3hyR08yZVUyR0c4a0NkL2lyNEJMUThJUTJEQ0k4UUlUWEdMRDBiemZRTT0Yj6iXreswSAASHQoOZXNwLmNyaXRlby5jb20YmKSXreswSABSAghkEhkKCnVpZGFwaS5jb20YmKSXreswSABSAghkEj4KBW9wZW54EixleUpwSWpvaWVERnpOMXBoYWtKUlJYbEJhWFZRVTNWMVMxQjJVVDA5SW4wPRiZqZet6zBIABIbCgxpZDUtc3luYy5jb20YoKeXreswSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e24481ab117f8ea5c8a8515090256ce7ae2aab680c8a6f78f840f323c046f2b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 435
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://easy-fengshui.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1004 B
470 B 480ms
479ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2051008498528973&correlator=3630922066701842&eid=31072029%2C31072701%2C44785063&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22489788787%2Ceasy_fengshui_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=11&adks=2260493737&didk=4055843434&sfv=1-0-40&ris=2&rcs=2&prev_scp=a%3D%257C0%257C%26iid1%3D162533688047963%26eid%3D162533688047963%26t%3D134%26d%3D250341%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod129%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Deasy_fengshui_com-medrectangle-2-162533688047963%26eb_br%3D2e8b8c60843e52e5aaa1e3a52287a2bb%26eba%3D1%26ebss%3D10061%2C10015%26asau%3D6150187837%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D8%26br2%3D18%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C4276%2C18%2C1428%2C3052%2C3053%2C18%2C1428%2C3052%2C3053%2C3856%26lb%3D20%26reqt%3D1678084791124&eri=1&sc=1&cookie=ID%3D857dc3e5e1b593cd-22a7954544dd005e%3AT%3D1678084787%3AS%3DALNI_MbXEBJmwVFW1uG1WRbAHN0T_WrbfA&gpic=UID%3D00000bc0f3163385%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MYHq36mAlS2XlqNgofVtDCYNDuC8A&abxe=1&dt=1678084792155&lmt=1678084792&dlt=1678084786650&idt=494&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Feasy-fengshui.com%2F&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7&ga_vid=1462555817.1678084787&ga_sid=1678084787&ga_hid=1141971450&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmKSXreswSABSAghkEhkKCnB1YmNpZC5vcmcY_aWXreswSABSAghqEsIBCghydGJob3VzZRKsAXJSbVpjRFdZZnYrUUhUcy9EZ013d2d4d0liMXllYk40cFBJN1FHVitaWEtYcms0dEI0dStxUTRXVGEvVklKa0xnelllN29BYmpaTTRLSnFuZ0s2b1k3TlBWQ2FQV0c4LysvY1V4MlU0cnJZNlpsbXhEd0JtTlJ2aWpVekwrTE9DK3hyR08yZVUyR0c4a0NkL2lyNEJMUThJUTJEQ0k4UUlUWEdMRDBiemZRTT0Yj6iXreswSAASHQoOZXNwLmNyaXRlby5jb20YmKSXreswSABSAghkEhkKCnVpZGFwaS5jb20YmKSXreswSABSAghkEj4KBW9wZW54EixleUpwSWpvaWVERnpOMXBoYWtKUlJYbEJhWFZRVTNWMVMxQjJVVDA5SW4wPRiZqZet6zBIABIbCgxpZDUtc3luYy5jb20YoKeXreswSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b090762817567e64845a54e10639f18d9bcea2abb40d567544ce9c6ada08f366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 441
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://easy-fengshui.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index_audio_4_0_7.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 40 KB
41 KB 563ms
562ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_audio_4_0_7.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 126ac5334a5bb8100a6ff16a54f62a0957adb7a1d704974bfc87a34e918a0168

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:52 GMT
via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41411
last-modified: Mon, 06 Mar 2023 06:39:52 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FyVCySYVLJ0%2BMtd40cFXb8TGcJfr2uXy68p1btYBWxUQNzM3s2hh9jQ%2FU6FtS18a7zwXMGaCRAYTHDZ%2F5gA76vO5NNTMKCuWUA3p6b1xL84xSm2OoxQL0LadMRrugvkAPE49toxu%2FYaj20B8Om3jugM"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389a9fc90b9043-FRA
x-mediapackage-request-id: Root=1-64058ab8-018401471cb9b120263eb8a1
x-amz-cf-id: 9RQAihxUXai-uisGDzIuZe3FRqT7nzxrcRaxMtvskXbAR3RZoqn4rw==

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 48ms
48ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 48ms
48ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=easy-fengshui.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 123 KB
44 KB 606ms
606ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2051008498528973&correlator=4390504027451171&eid=31072029%2C31072701%2C44785063&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22489788787%2Ceasy_fengshui_com-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=12&adks=478332810&didk=2508132885&sfv=1-0-40&ris=1&rcs=3&prev_scp=a%3D%257C0%257C%26iid1%3D6892190754035060%26eid%3D6892190754035060%26t%3D134%26d%3D250341%26t1%3D134%26pvc%3D0%26ap%3D1192%26sap%3D1192%26as%3Drevenue%26plat%3D1%26bra%3Dmod129%26ic%3D4%26at%3Dbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Deasy_fengshui_com-edge-2-6892190754035060%26eb_br%3Dzero%26eba%3D1%26ebss%3D10061%2C10015%26asau%3D6150187837%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D0%26br2%3D22%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C4276%2C18%2C1428%2C3053%2C18%2C1428%2C3052%2C3053%2C3856%2C18%2C1428%2C3052%2C3053%2C3856%26lb%3D8%26reqt%3D1678084792645%26ss38%3D1%26ss9%3D1&eri=1&sc=1&cookie=ID%3D857dc3e5e1b593cd-22a7954544dd005e%3AT%3D1678084787%3AS%3DALNI_MbXEBJmwVFW1uG1WRbAHN0T_WrbfA&gpic=UID%3D00000bc0f3163385%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MYHq36mAlS2XlqNgofVtDCYNDuC8A&abxe=1&dt=1678084792649&lmt=1678084792&dlt=1678084786650&idt=494&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Feasy-fengshui.com%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7&ga_vid=1462555817.1678084787&ga_sid=1678084787&ga_hid=1141971450&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmKSXreswSABSAghkEhkKCnB1YmNpZC5vcmcY_aWXreswSABSAghqEsIBCghydGJob3VzZRKsAXJSbVpjRFdZZnYrUUhUcy9EZ013d2d4d0liMXllYk40cFBJN1FHVitaWEtYcms0dEI0dStxUTRXVGEvVklKa0xnelllN29BYmpaTTRLSnFuZ0s2b1k3TlBWQ2FQV0c4LysvY1V4MlU0cnJZNlpsbXhEd0JtTlJ2aWpVekwrTE9DK3hyR08yZVUyR0c4a0NkL2lyNEJMUThJUTJEQ0k4UUlUWEdMRDBiemZRTT0Yj6iXreswSAASHQoOZXNwLmNyaXRlby5jb20YmKSXreswSABSAghkEhkKCnVpZGFwaS5jb20YmKSXreswSABSAghkEj4KBW9wZW54EixleUpwSWpvaWVERnpOMXBoYWtKUlJYbEJhWFZRVTNWMVMxQjJVVDA5SW4wPRiZqZet6zBIABIbCgxpZDUtc3luYy5jb20YoKeXreswSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39e837347fa7662f433f7c95624cabf3afe34ecb591af2679b2ea7779fbeec89

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMGJ5v_Yxv0CFbKf_Qcd-XgMQQ&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMGJ5v_Yxv0CFbKf_Qcd-XgMQQ&gqi=&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
date: Mon, 06 Mar 2023 06:39:53 GMT
x-content-type-options: nosniff
content-encoding: br
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45215
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://easy-fengshui.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 85 KB
29 KB 625ms
625ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2051008498528973&correlator=1657730588898919&eid=31072029%2C31072701%2C44785063&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22489788787%2Ceasy_fengshui_com-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=13&adks=3140113942&didk=2508133916&sfv=1-0-40&ris=1&rcs=3&prev_scp=a%3D%257C0%257C%26iid1%3D5357630458078874%26eid%3D5357630458078874%26t%3D134%26d%3D250341%26t1%3D134%26pvc%3D0%26ap%3D1191%26sap%3D1191%26as%3Drevenue%26plat%3D1%26bra%3Dmod129%26ic%3D4%26at%3Dbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Deasy_fengshui_com-edge-1-5357630458078874%26eb_br%3Dzero%26eba%3D1%26ebss%3D10061%2C10015%26asau%3D6150187837%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D0%26br2%3D14%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3053%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C4276%2C18%2C1428%2C3052%2C3856%2C18%2C1428%2C3052%2C3856%2C18%2C1428%2C3052%2C3856%26lb%3D6%26reqt%3D1678084792655%26ss38%3D1%26ss9%3D1&eri=1&sc=1&cookie=ID%3D857dc3e5e1b593cd-22a7954544dd005e%3AT%3D1678084787%3AS%3DALNI_MbXEBJmwVFW1uG1WRbAHN0T_WrbfA&gpic=UID%3D00000bc0f3163385%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MYHq36mAlS2XlqNgofVtDCYNDuC8A&abxe=1&dt=1678084792659&lmt=1678084792&dlt=1678084786650&idt=494&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Feasy-fengshui.com%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7&ga_vid=1462555817.1678084787&ga_sid=1678084787&ga_hid=1141971450&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmKSXreswSABSAghkEhkKCnB1YmNpZC5vcmcY_aWXreswSABSAghqEsIBCghydGJob3VzZRKsAXJSbVpjRFdZZnYrUUhUcy9EZ013d2d4d0liMXllYk40cFBJN1FHVitaWEtYcms0dEI0dStxUTRXVGEvVklKa0xnelllN29BYmpaTTRLSnFuZ0s2b1k3TlBWQ2FQV0c4LysvY1V4MlU0cnJZNlpsbXhEd0JtTlJ2aWpVekwrTE9DK3hyR08yZVUyR0c4a0NkL2lyNEJMUThJUTJEQ0k4UUlUWEdMRDBiemZRTT0Yj6iXreswSAASHQoOZXNwLmNyaXRlby5jb20YmKSXreswSABSAghkEhkKCnVpZGFwaS5jb20YmKSXreswSABSAghkEj4KBW9wZW54EixleUpwSWpvaWVERnpOMXBoYWtKUlJYbEJhWFZRVTNWMVMxQjJVVDA5SW4wPRiZqZet6zBIABIbCgxpZDUtc3luYy5jb20YoKeXreswSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab4951c5ded40829c20b79fdc202d5174b39409f2f895487de1c38b01b38e164

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17896160517819465728/160x600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17896160517819465728/160x600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPDI5__Yxv0CFbGL_QcdWigMhQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/17896160517819465728/160x600/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17896160517819465728/160x600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17896160517819465728/160x600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPDI5__Yxv0CFbGL_QcdWigMhQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/17896160517819465728/160x600/index.html
date: Mon, 06 Mar 2023 06:39:53 GMT
x-content-type-options: nosniff
content-encoding: br
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29347
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://easy-fengshui.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
13 KB 450ms
450ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2051008498528973&correlator=290967312273017&eid=31072029%2C31072701%2C44785063&output=ldjh&gdfp_req=1&vrg=2023022801&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22489788787%2Ceasy_fengshui_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ifi=14&adks=2260493737&didk=4055843434&sfv=1-0-40&ris=1&rcs=3&prev_scp=a%3D%257C0%257C%26iid1%3D162533688047963%26eid%3D162533688047963%26t%3D134%26d%3D250341%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod129%26ic%3D4%26at%3Dbf%26adr%3D399%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Deasy_fengshui_com-medrectangle-2-162533688047963%26eb_br%3Dzero%26eba%3D1%26ebss%3D10061%2C10015%26asau%3D6150187837%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D0%26br2%3D18%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2688%2C2693%2C2761%2C2763%2C2764%2C2765%2C3044%2C3045%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C4276%2C18%2C1428%2C3052%2C3053%2C18%2C1428%2C3052%2C3053%2C3856%2C18%2C1428%2C3052%2C3053%2C3856%26lb%3D8%26reqt%3D1678084792672%26ss38%3D1%26ss9%3D1&eri=1&sc=1&cookie=ID%3D857dc3e5e1b593cd-22a7954544dd005e%3AT%3D1678084787%3AS%3DALNI_MbXEBJmwVFW1uG1WRbAHN0T_WrbfA&gpic=UID%3D00000bc0f3163385%3AT%3D1678084787%3ART%3D1678084787%3AS%3DALNI_MYHq36mAlS2XlqNgofVtDCYNDuC8A&abxe=1&dt=1678084792676&lmt=1678084792&dlt=1678084786650&idt=494&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Feasy-fengshui.com%2F&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&psts=AD37Y7uz8T0XjPxIYx7gBlMU_3u7%2CAD37Y7uz8T0XjPxIYx7gBlMU_3u7&ga_vid=1462555817.1678084787&ga_sid=1678084787&ga_hid=1141971450&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYmKSXreswSABSAghkEhkKCnB1YmNpZC5vcmcY_aWXreswSABSAghqEsIBCghydGJob3VzZRKsAXJSbVpjRFdZZnYrUUhUcy9EZ013d2d4d0liMXllYk40cFBJN1FHVitaWEtYcms0dEI0dStxUTRXVGEvVklKa0xnelllN29BYmpaTTRLSnFuZ0s2b1k3TlBWQ2FQV0c4LysvY1V4MlU0cnJZNlpsbXhEd0JtTlJ2aWpVekwrTE9DK3hyR08yZVUyR0c4a0NkL2lyNEJMUThJUTJEQ0k4UUlUWEdMRDBiemZRTT0Yj6iXreswSAASHQoOZXNwLmNyaXRlby5jb20YmKSXreswSABSAghkEhkKCnVpZGFwaS5jb20YmKSXreswSABSAghkEj4KBW9wZW54EixleUpwSWpvaWVERnpOMXBoYWtKUlJYbEJhWFZRVTNWMVMxQjJVVDA5SW4wPRiZqZet6zBIABIbCgxpZDUtc3luYy5jb20YoKeXreswSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be0bc1ed805eb246f07c3efbc4d8cb5bd0237612b10ef083dedde40455f3b40f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13022
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://easy-fengshui.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index_video_1_0_7.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 63 KB
64 KB 310ms
309ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_video_1_0_7.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c734c5fdc27b951cb017302173f988ef8703c8d28fcccc78543c7767371d7f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64344
last-modified: Mon, 06 Mar 2023 06:39:53 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNBPXKOs0%2B0u6zg6t0CMI3lbnWeWZ27wFz%2BGoad4TM5AjvLPPMrTqyVqac2Qeecm4H%2BTVG58Qh3rMpixPrdohbCJ0o5KcKVomPuVODPmBiP2glv630aJC%2B6YuGnuYzvF%2BZ43l8ycRxUpn0Pug%2Bj82xdR"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389aa3cbce9043-FRA
x-mediapackage-request-id: Root=1-64058ab8-59c061e7645396040a613bf5
x-amz-cf-id: a2MCFHkhnkqvG0jHAKL2IJ_3b_jD9ov58EQH5g8yrTjpY6XdAfawiA==

GET
H3 200 index_audio_4_0_8.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 40 KB
41 KB 660ms
660ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_audio_4_0_8.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89034913edadd54fa431c5415ad5c8e7a04de17e613eec67bd030674ee456c39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:53 GMT
via: 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41411
last-modified: Mon, 06 Mar 2023 06:39:53 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAK%2B42Bbh46js4b1otZFh75IMaPyx81E2mtyF0XVnYCc2Ni%2BM4bux0mpX2NLecqW9DDxIUad%2BtQSetF8dwFQ3PI2UXJnpqWNF5s8LuU%2Bm7c8ao4UpOgLtQd8KDsReJeplCZKaTpWPw8iIloq9cVuuuM0"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389aa3dbdb9043-FRA
x-mediapackage-request-id: Root=1-64058ab9-36b9260003ecaed97746a873
x-amz-cf-id: iHFUZ1lpA4KnrSkC3gZkKyx1okkyISspcgG90Oa57SZezcZP_imHBw==

GET
H3 200 container.html Show response
ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5C50 6 KB
3 KB 53ms
52ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easy-fengshui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 06:39:47 GMT
expires: Tue, 05 Mar 2024 06:39:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
142 B 41ms
40ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYyNTMzNjg4MDQ3OTYzIiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWFzeV9mZW5nc2h1aV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NzgwODQ3ODYsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI0In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxNjI1MzM2ODgwNDc5NjMiLCJkb21haW5faWQiOiIyNTAzNDEiLCJ1bml0IjoiZGl2LWdwdC1hZC1lYXN5X2ZlbmdzaHVpX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY3ODA4NDc4NiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYjc1N2Y5YjctMjhiNC00ZjZkLTc0OWYtZTk4MGQ2OGVmZjAyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiemVybyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYyNTMzNjg4MDQ3OTYzIiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWFzeV9mZW5nc2h1aV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NzgwODQ3ODYsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDAwMiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDAwMiwiYmlkX2Zsb29yX3ByZXYiOjAuMDAwMDgsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE2MjUzMzY4ODA0Nzk2MyIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVhc3lfZmVuZ3NodWlfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjc4MDg0Nzg2LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJiNzU3ZjliNy0yOGI0LTRmNmQtNzQ5Zi1lOTgwZDY4ZWZmMDIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ4MTc3MzU0MjAsImNyZWF0aXZlX2lkIjoxMzgyNDYxMDU4NDIsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODI0NjEwNTg0MiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYyNTMzNjg4MDQ3OTYzIiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWFzeV9mZW5nc2h1aV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NzgwODQ3ODYsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNDgxNzczNTQyMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:53 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:53 GMT

GET
H3 200 4817735420 Show response
go.ezodn.com/dac/ 0
631 B 70ms
70ms XHR
text/plain 2606:4700:e2::ac40:8817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/dac/4817735420
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/porpoiseant/banger.js?cb=195-0&bv=187&v=73&PageSpeed=off
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:53 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
last-modified: Mon, 06 Mar 2023 03:36:50 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/plain
access-control-allow-origin: https://easy-fengshui.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eer3g%2BN8Tkbg6AQH7pBQWl0L2Ke3gBCFCEtbkyVyLqkzR7uejqnMYsdQCmzm%2Bhid9F%2FhYgUM4jMChJAbSC8AFo260oPCivKqggaOPEYBomEe4UmAofaGsNfRmbcsOuFBij2qYaWrgT4s4A8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges: bytes
cf-ray: 7a389aa54d103625-FRA
access-control-allow-headers: Content-Type

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
16 B 42ms
41ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYyNTMzNjg4MDQ3OTYzIiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWFzeV9mZW5nc2h1aV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NzgwODQ3ODYsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDMtMDYifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI2In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjEifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:53 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:53 GMT

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
16 B 48ms
47ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTYyNTMzNjg4MDQ3OTYzIiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWFzeV9mZW5nc2h1aV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NzgwODQ3ODYsImF1Y3Rpb25fZXBvY2giOjE2NzgwODQ3OTMsImFkX3Bvc2l0aW9uIjoxMTAwLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYjc1N2Y5YjctMjhiNC00ZjZkLTc0OWYtZTk4MGQ2OGVmZjAyIiwiYmlkX2Zsb29yX2luaXRpYWwiOjM4LCJiaWRfZmxvb3JfcHJldiI6OCwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYXVjdGlvbl9jb3VudCI6NCwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NDY3LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjQ4MTc3MzU0MjB9XQ==
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:53 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:53 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5C50 0
0 85ms
84ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ChCvtuIoFZKWVLviA9u8P8aac2AvPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02Mzk2ODQ0NzQyNDk3MjA4yAEJ4AIAqAMBqgT8AU_QPZbPxCUdB4rxhGZbwI81sHlUWhzB3e4jVn6qtJK5mY24MDkPoyyXo-ABEbDAzvTwBvWtLICWMMISVyng0gv6aEERWDc9tm4D-J0sUKS8YLjfjbWYB7p8sjpYWRJqENPSl5kagY3ThdA4Apq0xqvc3hHk90z3XWE6CSewCxDEo2vqiMohaRouTlzByU9MkfuyhGXlio5KZKsM4KYWw74puPXEcEEbsk1Yi-O1FIB2EMd4uqD2TE3PH3KUaS2C8wV8T6AsQC6SgB5GYlmVHSG8fhrTf52A74fjpCIfGGwAiFQ5wtYZz_ejYNGfdOqUMVb3yYN6A7H_OkQlYeAEAYAGytbPu7jU7ezLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTgyMjIyNTI5NTg3ODQxNzaACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNjM5Njg0NDc0MjQ5NzIwOBi-yQc&sigh=tufy7wvJXFA&uach_m=[UACH]&cid=CAQSPADUE5ymqYaP6Ez6b5FyJSOGDXeeiFcpNRJ4jWnICSs9P3PT12Dwwve2VMjWrIWWM-lRhUFEC9gssWprDRgB&tpd=AGWhJmsbnbrCYWTukwUtL5mCN0CzpUoa-20-x_tF0rg8lq-ddF44UKKkHE2vTDt6moa5MlTw2KGJ4bLlrBGru6X30epNiRo91Iks6at3GY32xRz__Kaw6vIcq5_za85kkYLq44YPwFRCW90UY6bOK9G16AKTN-QdXMwb7B2uzsu-RNFQbfiyjAezoXQf39pE2MwTIdDSH0RfkhqkpkmPg4r-ZQdcpxDnKhoROOrEU9c24TvydXZklmkZAnyIFLgWCunssU8iqfFf6g71ntNEcnj0lCTrI88TavUgSauz0nY8-1nSvXSPhyf6wQURD_27hQqz-EttZDXUYEdpWw-m64b5ARUGuWSNpN4Ge9KwXrQ4xEptByJ38UHcpBBW2qj2arN3ZDZ3IEi_Y3lQUzUZ664kbIbQTOgMfW1FSIo989eTrsakgzYEMuwz3pL87DhQvCPikhViMWFISiishHFeeUVmB83Mt296FlUkVsMhNEOKSjCmLwS3GDeSQf9sXw8QVd9zZbtXjcy_qMY9MPCaL3umzK8aEbjyRBETOc4gt01RvLddopMWBplD8ds2-hQAeYLVcCMy3w-hUntOFj_BrfJ3LQLTU9kE8j-NMRqjw0wyWgU_aeKOyAxOABEODWwLk-aGXiiIbIXRRCb9t-5DEqKuW40nW29G_-TyzXF_q_IjQBc2aPpHF2NDeiN3UGzoDfcNl862aUFIg2oT_RAzabbFgURd3CAWYfrusfWiQsjLGokhEujERd3EjR2p5lJeYPG8X9HMn64A97Mtjig3cYiEP9op7Q6QXN0z7bHAkGzzzJ1e7n0LybymkqXZH11qZViakPhh4hDUHAHteQneCP3VcEk9PrmI5KXG3bglF_5ob4ZyRDYi_W3lJo8KtCobbVWOhWeaDDsrkd-JG-IJwZqmw28DdLewbCXOq3oSV7o8Z_5l3Yl4mPT801gzUccBehXNUpSfDfFYQXM5E63qG8QcaXzj-aNDYSwz-CUWwdhFc7x5aKJjQcbeYFE-0eF5ZOOJx9cuU7eV7ju7q5RA87g8y-d2Jo_QIBZZZnY5tgfer14x2p2xQnePka0gAYrMRLAfRBqDH7wI0Gy9hQb4KwbGW70YcLlL6nPG2L1SGwjljeCK-q9T4TI
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 5C50 3 KB
2 KB 197ms
58ms Script
application/x-javascript 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkdRNFpHRXhaRGt0TlRWaE55MDNOelkzTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1NTAzNzI0Mjk2OTQyOTUxMjYvNjYyMjMzNi80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3SkFFLUVjcTEwQnNKSTZuMzdKY3R2OC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTUwMzcyNDI5Njk0Mjk1MTI2L3pyaC8wLzk0LzMxLzk5OS8zMjIvMmEwMTo0YTA6MTMzODo6LzAuMDAwLzE2NzgwODQ3OTIvMTY3ODA5NzM5Mi80L3B1Yi02Mzk2ODQ0NzQyNDk3MjA4Lw/8vKwcJhB8XB1WS6eQ3AOqc9KcZg&nodeid=3750&group=zrh&auctionid=7550372429694295126&pbs_auctionid=7550372429694295126&shardkey=7550372429694295126&sid=4562306&cid=6622336&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.88&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCylFhuIoFZKWVLviA9u8P8aac2AvPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02Mzk2ODQ0NzQyNDk3MjA4yAEJ4AIAqAMBqgT_AU_QPZbPxCUdB4rxhGZbwI81sHlUWhzB3e4jVn6qtJK5mY24MDkPoyyXo-ABEbDAzvTwBvWtLICWMMISVyng0gv6aEERWDc9tm4D-J0sUKS8YLjfjbWYB7p8sjpYWRJqENPSl5kagY3ThdA4Apq0xqvc3hHk90z3XWE6CSewCxDEo2vqiMohaRouTlzByU9MkfuyhGXlio5KZKsM4KYWw74puPXEcEEbsk1Yi-O1FIB2EMd4uqD2TE3PH3KUaS2C8wV8T6AsQC6SgB5GYlmVHSG8fhrTf53C7aZxCJ67H-GkwP_hgnnp0uOp3NuxbAsp8RZYMyJkL6lRo_gi7AlCY-AEAYAGytbPu7jU7ezLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTgyMjIyNTI5NTg3ODQxNzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2F1FaZSoTOONlXEtRTM3CpjzV46Q%26client%3Dca-pub-6396844742497208%26adurl%3D
Requested by: Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.381.0 /
Resource Hash: 44fc64c34b3ef84f4f56cce445805ed882a1cae0acb0535f39628db5510d2825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 06 Mar 2023 06:39:53 GMT
x-mm-nodeid: 3750
Content-Encoding: gzip
x-mm-bid-request-time: 1678084792
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: close
x-mm-handled-by-owner: true
Last-Modified: Mon, 06 Mar 2023 06:39:52 GMT
Server: MMBD/3.381.0
x-mm-latency: 17 (1)
Content-Type: application/x-javascript; charset=UTF-8
x-mm-dbg: NotCount
Cache-Control: no-cache
x-mm-host: cdg-router-x53, zrh-bidder-x136
x-mm-lag: 1
Expires: Mon, 06 Mar 2023 06:39:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 5C50 3 KB
1 KB 45ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 21:53:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 5C50 20 KB
8 KB 45ms
42ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:29:31 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5C50 24 KB
6 KB 46ms
43ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 00:05:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 369250
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 01 Mar 2024 00:05:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C50 158 KB
48 KB 52ms
49ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Mar 2023 06:39:53 GMT

GET
H3 200 container.html Show response
ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 277A 6 KB
3 KB 54ms
54ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easy-fengshui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 06:39:47 GMT
expires: Tue, 05 Mar 2024 06:39:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
62 B 47ms
41ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjg5MjE5MDc1NDAzNTA2MCIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVhc3lfZmVuZ3NodWlfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY3ODA4NDc4NiwiYWRfcG9zaXRpb24iOjExOTIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYjc1N2Y5YjctMjhiNC00ZjZkLTc0OWYtZTk4MGQ2OGVmZjAyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjQifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY4OTIxOTA3NTQwMzUwNjAiLCJkb21haW5faWQiOiIyNTAzNDEiLCJ1bml0IjoiZGl2LWdwdC1hZC1lYXN5X2ZlbmdzaHVpX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2NzgwODQ3ODYsImFkX3Bvc2l0aW9uIjoxMTkyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6Inplcm8ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY4OTIxOTA3NTQwMzUwNjAiLCJkb21haW5faWQiOiIyNTAzNDEiLCJ1bml0IjoiZGl2LWdwdC1hZC1lYXN5X2ZlbmdzaHVpX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2NzgwODQ3ODYsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDAwMiwiYWRfcG9zaXRpb24iOjExOTIsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDAwMiwiYmlkX2Zsb29yX3ByZXYiOjAuMDAwMDgsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY4OTIxOTA3NTQwMzUwNjAiLCJkb21haW5faWQiOiIyNTAzNDEiLCJ1bml0IjoiZGl2LWdwdC1hZC1lYXN5X2ZlbmdzaHVpX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2NzgwODQ3ODYsImFkX3Bvc2l0aW9uIjoxMTkyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MjQ2MTA1ODQyIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2ODkyMTkwNzU0MDM1MDYwIiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWFzeV9mZW5nc2h1aV9jb20tZWRnZS0yLTAiLCJ0X2Vwb2NoIjoxNjc4MDg0Nzg2LCJhZF9wb3NpdGlvbiI6MTE5MiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJiNzU3ZjliNy0yOGI0LTRmNmQtNzQ5Zi1lOTgwZDY4ZWZmMDIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ4MTc3MzU0MjAsImNyZWF0aXZlX2lkIjoxMzgyNDYxMDU4NDIsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjQ4MTc3MzU0MjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:52 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:52 GMT

GET
H3 200 4817735420 Show response
go.ezodn.com/dac/ 0
591 B 51ms
45ms XHR
text/plain 2606:4700:e2::ac40:8817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/dac/4817735420
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/porpoiseant/banger.js?cb=195-0&bv=187&v=73&PageSpeed=off
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
last-modified: Mon, 06 Mar 2023 03:36:50 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/plain
access-control-allow-origin: https://easy-fengshui.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35hKcm5lW0xtOtCrS6qGQH9eCiSaav5uQ2WoUuJPXoNt6AA3ftUmqXMCeM6JZPnXD3hVShZ4F1awLcMKBzUNKLjHtfsc1Yw8dG%2FxYJh53UZHsmNa6vEzwPdKX5nwbPcckSDdfLIK8nE2vxQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges: bytes
cf-ray: 7a389aa64df23625-FRA
access-control-allow-headers: Content-Type

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
16 B 49ms
43ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjg5MjE5MDc1NDAzNTA2MCIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVhc3lfZmVuZ3NodWlfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY3ODA4NDc4NiwiYWRfcG9zaXRpb24iOjExOTIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYjc1N2Y5YjctMjhiNC00ZjZkLTc0OWYtZTk4MGQ2OGVmZjAyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMy0wMy0wNiJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjYifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:53 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:53 GMT

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
16 B 48ms
44ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNjg5MjE5MDc1NDAzNTA2MCIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVhc3lfZmVuZ3NodWlfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY3ODA4NDc4NiwiYXVjdGlvbl9lcG9jaCI6MTY3ODA4NDc5MywiYWRfcG9zaXRpb24iOjExOTIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJiNzU3ZjliNy0yOGI0LTRmNmQtNzQ5Zi1lOTgwZDY4ZWZmMDIiLCJiaWRfZmxvb3JfaW5pdGlhbCI6NDYsImJpZF9mbG9vcl9wcmV2Ijo4LCJiaWRfZmxvb3JfZmlsbGVkIjowLCJhdWN0aW9uX2NvdW50Ijo0LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo2NDYsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMH1d
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:52 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:52 GMT

GET
H3 200 container.html Show response
ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 433A 6 KB
3 KB 55ms
55ms Document
text/html 2a00:1450:400d:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://easy-fengshui.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 06:39:47 GMT
expires: Tue, 05 Mar 2024 06:39:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
16 B 42ms
40ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTM1NzYzMDQ1ODA3ODg3NCIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVhc3lfZmVuZ3NodWlfY29tLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY3ODA4NDc4NiwiYWRfcG9zaXRpb24iOjExOTEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYjc1N2Y5YjctMjhiNC00ZjZkLTc0OWYtZTk4MGQ2OGVmZjAyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo3MTYxNDM5NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0Mzc3NSwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI0In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1MzU3NjMwNDU4MDc4ODc0IiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWFzeV9mZW5nc2h1aV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjc4MDg0Nzg2LCJhZF9wb3NpdGlvbiI6MTE5MSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJiNzU3ZjliNy0yOGI0LTRmNmQtNzQ5Zi1lOTgwZDY4ZWZmMDIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjcxNjE0Mzk0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNzc1LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiemVybyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTM1NzYzMDQ1ODA3ODg3NCIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVhc3lfZmVuZ3NodWlfY29tLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY3ODA4NDc4NiwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAuMDAwMDAyLCJhZF9wb3NpdGlvbiI6MTE5MSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDAyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDAwNiwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYjc1N2Y5YjctMjhiNC00ZjZkLTc0OWYtZTk4MGQ2OGVmZjAyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo3MTYxNDM5NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0Mzc3NSwiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjUzNTc2MzA0NTgwNzg4NzQiLCJkb21haW5faWQiOiIyNTAzNDEiLCJ1bml0IjoiZGl2LWdwdC1hZC1lYXN5X2ZlbmdzaHVpX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2NzgwODQ3ODYsImFkX3Bvc2l0aW9uIjoxMTkxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NzE2MTQzOTQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM3NzUsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDA0Mzc3NSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTM1NzYzMDQ1ODA3ODg3NCIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVhc3lfZmVuZ3NodWlfY29tLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY3ODA4NDc4NiwiYWRfcG9zaXRpb24iOjExOTEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYjc1N2Y5YjctMjhiNC00ZjZkLTc0OWYtZTk4MGQ2OGVmZjAyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo3MTYxNDM5NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0Mzc3NSwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNzE2MTQzOTQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:53 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:53 GMT

GET
H3 200 71614394 Show response
go.ezodn.com/dac/ 0
594 B 77ms
75ms XHR
text/plain 2606:4700:e2::ac40:8817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/dac/71614394
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/porpoiseant/banger.js?cb=195-0&bv=187&v=73&PageSpeed=off
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:8817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:53 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
last-modified: Mon, 06 Mar 2023 03:37:06 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/plain
access-control-allow-origin: https://easy-fengshui.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=09SMFJwd67gvkLj4eVyvsI98nQTFd9Atb8A0Qk0WszVITj7yeG3em5%2FEa9nha2pXIN1bDigtAhoymtaew6vqwc7uE4ALFGswTQuFkNtkBI2YVCXdMI88SopkiaJUL1yd%2FVgyTamOoDbvMsM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges: bytes
cf-ray: 7a389aa66e0c3625-FRA
access-control-allow-headers: Content-Type

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
16 B 47ms
45ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTM1NzYzMDQ1ODA3ODg3NCIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVhc3lfZmVuZ3NodWlfY29tLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY3ODA4NDc4NiwiYWRfcG9zaXRpb24iOjExOTEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYjc1N2Y5YjctMjhiNC00ZjZkLTc0OWYtZTk4MGQ2OGVmZjAyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo3MTYxNDM5NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0Mzc3NSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDMtMDYifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiI2In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjEifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:53 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:53 GMT

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
16 B 47ms
46ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNTM1NzYzMDQ1ODA3ODg3NCIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVhc3lfZmVuZ3NodWlfY29tLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY3ODA4NDc4NiwiYXVjdGlvbl9lcG9jaCI6MTY3ODA4NDc5MywiYWRfcG9zaXRpb24iOjExOTEsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJiNzU3ZjliNy0yOGI0LTRmNmQtNzQ5Zi1lOTgwZDY4ZWZmMDIiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MjgsImJpZF9mbG9vcl9wcmV2Ijo2LCJiaWRfZmxvb3JfZmlsbGVkIjowLCJhdWN0aW9uX2NvdW50Ijo0LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo2NTcsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6NzE2MTQzOTR9XQ==
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:53 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:53 GMT

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
16 B 47ms
46ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYyNTMzNjg4MDQ3OTYzIiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWFzeV9mZW5nc2h1aV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NzgwODQ3ODYsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMzE1In0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMTA1In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2ODkyMTkwNzU0MDM1MDYwIiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWFzeV9mZW5nc2h1aV9jb20tZWRnZS0yLTAiLCJ0X2Vwb2NoIjoxNjc4MDg0Nzg2LCJhZF9wb3NpdGlvbiI6MTE5MiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJiNzU3ZjliNy0yOGI0LTRmNmQtNzQ5Zi1lOTgwZDY4ZWZmMDIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ4MTc3MzU0MjAsImNyZWF0aXZlX2lkIjoxMzgyNDYxMDU4NDIsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjE0NDAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjMwMCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoidHJ1ZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTM1NzYzMDQ1ODA3ODg3NCIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVhc3lfZmVuZ3NodWlfY29tLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY3ODA4NDc4NiwiYWRfcG9zaXRpb24iOjExOTEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYjc1N2Y5YjctMjhiNC00ZjZkLTc0OWYtZTk4MGQ2OGVmZjAyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo3MTYxNDM5NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0Mzc3NSwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMzAwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4NTc5ODE1NDU2MDE3ODAwIiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWFzeV9mZW5nc2h1aV9jb20tYm94LTEtMCIsInRfZXBvY2giOjE2NzgwODQ3ODYsImFkX3Bvc2l0aW9uIjoxMTMzLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOjEsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjExMDkifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjEwMDYifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:53 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:53 GMT

GET
H3 200 index_video_1_0_8.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 115 KB
116 KB 754ms
753ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_video_1_0_8.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02a3ec3568817b27fd7df01a40953bfd56beed4abaf23ac7a6306f069e5bb4e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:54 GMT
via: 1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 117708
last-modified: Mon, 06 Mar 2023 06:39:53 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pcyNt%2FCuswbeZXzIv%2ByqrupvbX0ZZo4m8ur9yncNJnAaVhwSlHHZJIaPWqfvgaS2t5qBxVemdlcbwG9HwWM8bx0oDS8dhs3s%2B8607Vmiaw0KrRztrIBk0nJI76x2g2CJ1Zy22tRHeU6vX%2BjQL8jxVsG"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389aa66dcc9043-FRA
x-mediapackage-request-id: Root=1-64058ab9-2ef066944bde11ec3d6dff63
x-amz-cf-id: JXbwrmvNWD6tNj6XUA0jrfXQLYr2XOebjXb36rUjbl9tBVChDMuabw==

GET
H3 200 Responsive_listing.html Show response
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame F2FB 4 KB
1 KB 41ms
41ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 1016
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 16:55:43 GMT
etag: 11900953634711111692
expires: Mon, 06 Mar 2023 16:55:43 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 277A 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CsnWauIoFZMHNLbK_9u8P-fGxiAS5y5Wpb4btyLioDOiqtpWLAxABIPT5xiVglYKAgLQHoAHqr-iYA8gBCakCda6mCKjXsT7gAgCoAwHIA8sEqgTvAU_QSdjvZy1vE8EjCq7TScjzAlDPNgg84J4NQKkQNcODhy362YNbs5SVVM_vJIGWKb4QPzSM-JxYM9QfYllj5RWyDBPquSILXhS9ziRLwDIsqSjYQJEV0hQr1nZMiqnu5urjzKIA-SAenyPMaSHS4Ttit2aFSByiK88u3PDh0mtzTFkavp1RYwWQJFbik5P4YGdX1MGe7d84UYWoOttku3bZucNQOPaaBzkKp7PfyQS3PHUr_Pd9KJt6SyyFuED7OxqqyWAUGdH7iEARhqRHO_FZnTPZm1P3sESej50jXNBBbjHar1LCVvTJI_O-9iiNwATJt8PFkwPgBAGSBQQIBBgBkgUECAUYBKAGLoAH_s-XZ6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCMuAHSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tODIyMjI1Mjk1ODc4NDE3NoAKA8gLAdgTAogUA9AVAYAXAbIXHgocCAASFHB1Yi02Mzk2ODQ0NzQyNDk3MjA4GL7JBw&sigh=bue6_d81Bq4&uach_m=[UACH]&cid=CAQSPADUE5ymD7LdwZB2hyOeva3sRYEExmhlM2zMUGETW8kDWIYtYswWtEWp-Nh-kSsJfYRi7196HzPzDghMhhgB&template_id=494
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame 277A 22 KB
9 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:29:31 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17896160517819465728/160x600/ Frame ECAC 81 KB
19 KB 41ms
40ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17896160517819465728/160x600/index.html

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

939bd5e7cc2c0d907e58df3a1871bb0d1230329575c45933e484ba2dd67c153f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 372017
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 19604
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 23:19:36 GMT
expires: Thu, 29 Feb 2024 23:19:36 GMT
last-modified: Fri, 21 Oct 2022 15:46:23 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 433A 0
0 87ms
87ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CcVdCuIoFZPCML7GX9u8P2tCwqAiBmI6VbdbRuuS8ENrZHhABIPT5xiVglYKAgLQHoAG18qr9A8gBCeACAKgDAcgDAqoE8QFP0Ph1T9uRIgScfNQGBwHGNQWcz3i5el8q-mivLDq2QHBH3XMXyLlPTGxbxJkkJpcWe3xgwcvs6R3CJZIhbqrkvnBcpsUhC8hPY0TVqYDdEpPilrL6UVrvgy6A7YtDmaIpU1WdK6ftFMPGhCSEJlN3BxmLdvwWoZnpUr3cwt2ysqOYr3fbRDh16XCR2CfegBbU5wHLAwpqcNS-NF8MYWHkVMLgGLUkTyB_FZ4FM6puDbzUkFLEd-Euy4GFoeQQSHElASpulP9qMXOis4xZFie-GeLfO8rTfkzfNo2iXqaCrDsQTEg48E9aj_cdu3aRR76LwAT6tJ3ongTgBAGSBQQIBBgBkgUECAUYBKAGXYAHs43VAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENKmAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi04MjIyMjUyOTU4Nzg0MTc2gAoDyAsB2BMNiBQB0BUBgBcBshceChwIABIUcHViLTYzOTY4NDQ3NDI0OTcyMDgYvskH&sigh=1DCmAV3izmw&uach_m=[UACH]&cid=CAQSPADUE5ymhMEeMJ2q8uF1ECF-grzDPoJuQyiN2-w35u_CfRY3FdEym6QpRmm2OZk_gVKFRGzTKekaM562ohgB
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 433A 3 KB
1 KB 141ms
141ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 21:53:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 433A 20 KB
8 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:29:31 GMT

GET
H/1.1 200
OK vd0t4hz2g700 Show response
hal9000.redintelligence.net/zone/ Frame 5C50 10 KB
4 KB 144ms
41ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/vd0t4hz2g700?subid=&gdpr=1&gdpr_consent=li&rnd=7550372429694295126&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DKsq_S__ISkvCqYrbT9FQDA%26exch_seat%3D20035004448%26mt_aid%3D7550372429694295126%26mt_id%3D6622336%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddf936405-8ab9-4f01-b403-5f1d41963b97%26mt_cid%3Ddf936405-8ab9-4f01-b403-5f1d41963b97%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCylFhuIoFZKWVLviA9u8P8aac2AvPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02Mzk2ODQ0NzQyNDk3MjA4yAEJ4AIAqAMBqgT_AU_QPZbPxCUdB4rxhGZbwI81sHlUWhzB3e4jVn6qtJK5mY24MDkPoyyXo-ABEbDAzvTwBvWtLICWMMISVyng0gv6aEERWDc9tm4D-J0sUKS8YLjfjbWYB7p8sjpYWRJqENPSl5kagY3ThdA4Apq0xqvc3hHk90z3XWE6CSewCxDEo2vqiMohaRouTlzByU9MkfuyhGXlio5KZKsM4KYWw74puPXEcEEbsk1Yi-O1FIB2EMd4uqD2TE3PH3KUaS2C8wV8T6AsQC6SgB5GYlmVHSG8fhrTf53C7aZxCJ67H-GkwP_hgnnp0uOp3NuxbAsp8RZYMyJkL6lRo_gi7AlCY-AEAYAGytbPu7jU7ezLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTgyMjIyNTI5NTg3ODQxNzb6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2F1FaZSoTOONlXEtRTM3CpjzV46Q%2526client%253Dca-pub-6396844742497208%2526adurl%253D%26redirect%3D
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 6f4b433cd59f24fe408f546e04bbcd8ee034298daad5d92880ff7b75e3136c3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 06 Mar 2023 06:39:53 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3443
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 5C50 49 B
330 B 159ms
66ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=7550372429694295126&node_id=3750&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkdRNFpHRXhaRGt0TlRWaE55MDNOelkzTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1NTAzNzI0Mjk2OTQyOTUxMjYvNjYyMjMzNi80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3SkFFLUVjcTEwQnNKSTZuMzdKY3R2OC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTUwMzcyNDI5Njk0Mjk1MTI2L3pyaC8wLzk0LzMxLzk5OS8zMjIvMmEwMTo0YTA6MTMzODo6LzAuMDAwLzE2NzgwODQ3OTIvMTY3ODA5NzM5Mi80L3B1Yi02Mzk2ODQ0NzQyNDk3MjA4Lw/8vKwcJhB8XB1WS6eQ3AOqc9KcZg&nodeid=3750&group=zrh&auctionid=7550372429694295126&pbs_auctionid=7550372429694295126&shardkey=7550372429694295126&sid=4562306&cid=6622336&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.88&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCylFhuIoFZKWVLviA9u8P8aac2AvPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02Mzk2ODQ0NzQyNDk3MjA4yAEJ4AIAqAMBqgT_AU_QPZbPxCUdB4rxhGZbwI81sHlUWhzB3e4jVn6qtJK5mY24MDkPoyyXo-ABEbDAzvTwBvWtLICWMMISVyng0gv6aEERWDc9tm4D-J0sUKS8YLjfjbWYB7p8sjpYWRJqENPSl5kagY3ThdA4Apq0xqvc3hHk90z3XWE6CSewCxDEo2vqiMohaRouTlzByU9MkfuyhGXlio5KZKsM4KYWw74puPXEcEEbsk1Yi-O1FIB2EMd4uqD2TE3PH3KUaS2C8wV8T6AsQC6SgB5GYlmVHSG8fhrTf53C7aZxCJ67H-GkwP_hgnnp0uOp3NuxbAsp8RZYMyJkL6lRo_gi7AlCY-AEAYAGytbPu7jU7ezLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTgyMjIyNTI5NTg3ODQxNzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2F1FaZSoTOONlXEtRTM3CpjzV46Q%26client%3Dca-pub-6396844742497208%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.381.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 06 Mar 2023 06:39:53 GMT
Server: MMBD/3.381.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x85, zrh-bidder-x136
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 06 Mar 2023 06:39:52 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 5C50 43 B
404 B 222ms
75ms Image
image/gif 92.123.37.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=7550372429694295126&v3=651871&v4=4562306&v5=6622336&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkdRNFpHRXhaRGt0TlRWaE55MDNOelkzTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1NTAzNzI0Mjk2OTQyOTUxMjYvNjYyMjMzNi80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3SkFFLUVjcTEwQnNKSTZuMzdKY3R2OC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTUwMzcyNDI5Njk0Mjk1MTI2L3pyaC8wLzk0LzMxLzk5OS8zMjIvMmEwMTo0YTA6MTMzODo6LzAuMDAwLzE2NzgwODQ3OTIvMTY3ODA5NzM5Mi80L3B1Yi02Mzk2ODQ0NzQyNDk3MjA4Lw/8vKwcJhB8XB1WS6eQ3AOqc9KcZg&nodeid=3750&group=zrh&auctionid=7550372429694295126&pbs_auctionid=7550372429694295126&shardkey=7550372429694295126&sid=4562306&cid=6622336&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.88&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCylFhuIoFZKWVLviA9u8P8aac2AvPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02Mzk2ODQ0NzQyNDk3MjA4yAEJ4AIAqAMBqgT_AU_QPZbPxCUdB4rxhGZbwI81sHlUWhzB3e4jVn6qtJK5mY24MDkPoyyXo-ABEbDAzvTwBvWtLICWMMISVyng0gv6aEERWDc9tm4D-J0sUKS8YLjfjbWYB7p8sjpYWRJqENPSl5kagY3ThdA4Apq0xqvc3hHk90z3XWE6CSewCxDEo2vqiMohaRouTlzByU9MkfuyhGXlio5KZKsM4KYWw74puPXEcEEbsk1Yi-O1FIB2EMd4uqD2TE3PH3KUaS2C8wV8T6AsQC6SgB5GYlmVHSG8fhrTf53C7aZxCJ67H-GkwP_hgnnp0uOp3NuxbAsp8RZYMyJkL6lRo_gi7AlCY-AEAYAGytbPu7jU7ezLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTgyMjIyNTI5NTg3ODQxNzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2F1FaZSoTOONlXEtRTM3CpjzV46Q%26client%3Dca-pub-6396844742497208%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.37.164 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-37-164.deploy.static.akamaitechnologies.com
Software: MT3 569 46451a0 master zrh-pixel-x27 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 06 Mar 2023 06:39:53 GMT
Server: MT3 569 46451a0 master zrh-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Mon, 06 Mar 2023 06:39:52 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 5C50 49 B
330 B 151ms
58ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=7550372429694295126&st=4562306&time=1678084793&nodeid=3750
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTkdRNFpHRXhaRGt0TlRWaE55MDNOelkzTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1NTAzNzI0Mjk2OTQyOTUxMjYvNjYyMjMzNi80NTYyMzA2LzQvS3hmM2hodU8waVhhNGlINmh5V3o3SkFFLUVjcTEwQnNKSTZuMzdKY3R2OC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTUwMzcyNDI5Njk0Mjk1MTI2L3pyaC8wLzk0LzMxLzk5OS8zMjIvMmEwMTo0YTA6MTMzODo6LzAuMDAwLzE2NzgwODQ3OTIvMTY3ODA5NzM5Mi80L3B1Yi02Mzk2ODQ0NzQyNDk3MjA4Lw/8vKwcJhB8XB1WS6eQ3AOqc9KcZg&nodeid=3750&group=zrh&auctionid=7550372429694295126&pbs_auctionid=7550372429694295126&shardkey=7550372429694295126&sid=4562306&cid=6622336&bp=a_agiica&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.88&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCylFhuIoFZKWVLviA9u8P8aac2AvPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02Mzk2ODQ0NzQyNDk3MjA4yAEJ4AIAqAMBqgT_AU_QPZbPxCUdB4rxhGZbwI81sHlUWhzB3e4jVn6qtJK5mY24MDkPoyyXo-ABEbDAzvTwBvWtLICWMMISVyng0gv6aEERWDc9tm4D-J0sUKS8YLjfjbWYB7p8sjpYWRJqENPSl5kagY3ThdA4Apq0xqvc3hHk90z3XWE6CSewCxDEo2vqiMohaRouTlzByU9MkfuyhGXlio5KZKsM4KYWw74puPXEcEEbsk1Yi-O1FIB2EMd4uqD2TE3PH3KUaS2C8wV8T6AsQC6SgB5GYlmVHSG8fhrTf53C7aZxCJ67H-GkwP_hgnnp0uOp3NuxbAsp8RZYMyJkL6lRo_gi7AlCY-AEAYAGytbPu7jU7ezLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTgyMjIyNTI5NTg3ODQxNzb6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2F1FaZSoTOONlXEtRTM3CpjzV46Q%26client%3Dca-pub-6396844742497208%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.381.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 06 Mar 2023 06:39:53 GMT
Server: MMBD/3.381.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x88, zrh-bidder-x136
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Mon, 06 Mar 2023 06:39:52 GMT

GET
H3 200 Configurable_01_122.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F2FB 74 KB
25 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 01:50:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25356
x-xss-protection: 0
server: cafe
etag: 15511454539072389427
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 07 Mar 2023 01:50:01 GMT

GET
H3 200 Responsive_listing.js Show response
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame F2FB 199 KB
65 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 02:07:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66166
x-xss-protection: 0
server: cafe
etag: 5199203132765013944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 07 Mar 2023 02:07:38 GMT

GET
H3 200 Responsive_listing.css
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame F2FB 11 KB
2 KB 52ms
51ms Stylesheet
text/css 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:36:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29031
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1758
x-xss-protection: 0
server: cafe
etag: 15825927903621683888
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 06 Mar 2023 22:36:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 277A 3 KB
1 KB 119ms
118ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 21:53:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 277A 20 KB
8 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 18:29:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Mar 2023 18:29:31 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame ECAC 16 KB
6 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17896160517819465728/160x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 05:05:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5650
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 07 Mar 2023 05:05:43 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame ECAC 34 KB
13 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17896160517819465728/160x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:22:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 07 Mar 2023 04:22:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 433A 0
0 48ms
48ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQTUmgqiVyOtXDIK_iynxy_FVHFBUxxzU9O79eVASiJjVjA9rCECD-lqO-Lh0yuTi84peYT_9iICefcrpbil91WDHX84g
Requested by: Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 433A 158 KB
48 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Mar 2023 06:39:53 GMT

GET
DATA 200
OK truncated
/ Frame 433A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6107708906a0e42a641492563f496eaf6e60d3d8f16e8959552529e14bd99089

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 l
www.google.com/ads/measurement/ Frame 277A 0
0 48ms
48ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQRiS66QpqNLOz9SA1PkiCEggNrXXWseLJvodwFsx9NOJrzmFtcKnOPnspAJEo8_i2JbkzG8tYUr3FcTnUS_b50LRMZ0w
Requested by: Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 277A 158 KB
48 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 06 Mar 2023 06:39:53 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F2FB 34 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 04:22:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8254
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 07 Mar 2023 04:22:19 GMT

GET
DATA 200
OK truncated
/ Frame 277A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa3ac0d7a9c6f61ab3ceb9b0c3a157d4d369e84955659ce69d81fa72f198c189

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17896160517819465728/160x600/ Frame ECAC 3 KB
3 KB 41ms
41ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17896160517819465728/160x600/Logo.png

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d6bf212551d0d73f02a62d4c317004ef9a56631cfb3615a6e6e45519e93ee7d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 03 Mar 2023 08:06:45 GMT
x-content-type-options: nosniff
age: 253988
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3046
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 15:46:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Mar 2024 08:06:45 GMT

GET
H3 200 CTA.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17896160517819465728/160x600/ Frame ECAC 3 KB
3 KB 42ms
41ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17896160517819465728/160x600/CTA.png

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb43a04359c7334c6cc6551d81f9e5ec0ceac67b6e158319f6da7195bda3b33f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 01 Mar 2023 20:44:17 GMT
x-content-type-options: nosniff
age: 381336
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3095
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 15:46:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Feb 2024 20:44:17 GMT

GET
H3 200 Sub.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17896160517819465728/160x600/ Frame ECAC 9 KB
9 KB 47ms
46ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17896160517819465728/160x600/Sub.png

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ead4182fc526e266914f8a9169391b104d2d22138b3307c310de5fdf3f8eca59

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 28 Feb 2023 23:04:59 GMT
x-content-type-options: nosniff
age: 459294
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9622
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 15:46:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Feb 2024 23:04:59 GMT

GET
H3 200 Title.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17896160517819465728/160x600/ Frame ECAC 12 KB
12 KB 48ms
48ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17896160517819465728/160x600/Title.png

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0302fcf9ee08aa92dc83d60a9016ea9b622c772d1d67552c9b8e42efaad02dd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 01 Mar 2023 20:44:17 GMT
x-content-type-options: nosniff
age: 381336
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11918
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 15:46:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Feb 2024 20:44:17 GMT

GET
H3 200 BG.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17896160517819465728/160x600/ Frame ECAC 31 KB
31 KB 43ms
42ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17896160517819465728/160x600/BG.jpg

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51ae2a6d7177b3c5e74e25844b26e0271028a782ff499879989a765d76ee0f2c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 03 Mar 2023 06:46:02 GMT
x-content-type-options: nosniff
age: 258831
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31867
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 15:46:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Mar 2024 06:46:02 GMT

GET
H/1.1 200
OK request.php Show response
hal90003.redintelligence.net/ Frame 5C50 4 KB
2 KB 213ms
99ms Script
application/x-javascript 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request.php?zone=vd0t4hz2g700&nw=20&renderingType=javascript&namespace=76d3276945&subid=&uid=0be19938abbaff2d&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DKsq_S__ISkvCqYrbT9FQDA%26exch_seat%3D20035004448%26mt_aid%3D7550372429694295126%26mt_id%3D6622336%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddf936405-8ab9-4f01-b403-5f1d41963b97%26mt_cid%3Ddf936405-8ab9-4f01-b403-5f1d41963b97%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCylFhuIoFZKWVLviA9u8P8aac2AvPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02Mzk2ODQ0NzQyNDk3MjA4yAEJ4AIAqAMBqgT_AU_QPZbPxCUdB4rxhGZbwI81sHlUWhzB3e4jVn6qtJK5mY24MDkPoyyXo-ABEbDAzvTwBvWtLICWMMISVyng0gv6aEERWDc9tm4D-J0sUKS8YLjfjbWYB7p8sjpYWRJqENPSl5kagY3ThdA4Apq0xqvc3hHk90z3XWE6CSewCxDEo2vqiMohaRouTlzByU9MkfuyhGXlio5KZKsM4KYWw74puPXEcEEbsk1Yi-O1FIB2EMd4uqD2TE3PH3KUaS2C8wV8T6AsQC6SgB5GYlmVHSG8fhrTf53C7aZxCJ67H-GkwP_hgnnp0uOp3NuxbAsp8RZYMyJkL6lRo_gi7AlCY-AEAYAGytbPu7jU7ezLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTgyMjIyNTI5NTg3ODQxNzb6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2F1FaZSoTOONlXEtRTM3CpjzV46Q%2526client%253Dca-pub-6396844742497208%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=9853184281988&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/vd0t4hz2g700?subid=&gdpr=1&gdpr_consent=li&rnd=7550372429694295126&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DKsq_S__ISkvCqYrbT9FQDA%26exch_seat%3D20035004448%26mt_aid%3D7550372429694295126%26mt_id%3D6622336%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddf936405-8ab9-4f01-b403-5f1d41963b97%26mt_cid%3Ddf936405-8ab9-4f01-b403-5f1d41963b97%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCylFhuIoFZKWVLviA9u8P8aac2AvPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02Mzk2ODQ0NzQyNDk3MjA4yAEJ4AIAqAMBqgT_AU_QPZbPxCUdB4rxhGZbwI81sHlUWhzB3e4jVn6qtJK5mY24MDkPoyyXo-ABEbDAzvTwBvWtLICWMMISVyng0gv6aEERWDc9tm4D-J0sUKS8YLjfjbWYB7p8sjpYWRJqENPSl5kagY3ThdA4Apq0xqvc3hHk90z3XWE6CSewCxDEo2vqiMohaRouTlzByU9MkfuyhGXlio5KZKsM4KYWw74puPXEcEEbsk1Yi-O1FIB2EMd4uqD2TE3PH3KUaS2C8wV8T6AsQC6SgB5GYlmVHSG8fhrTf53C7aZxCJ67H-GkwP_hgnnp0uOp3NuxbAsp8RZYMyJkL6lRo_gi7AlCY-AEAYAGytbPu7jU7ezLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTgyMjIyNTI5NTg3ODQxNzb6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2F1FaZSoTOONlXEtRTM3CpjzV46Q%2526client%253Dca-pub-6396844742497208%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d5ceca19f2aeb63326d763c3e6a126b02d33813c9fd3780d8df82977e40d7a45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 06 Mar 2023 06:39:53 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 23922200019749900951411012255003
Connection: close
Content-Length: 1301
Expires: Mon, 06 Mar 2023 06:39:53 +0100

GET
H2 200 css
fonts.googleapis.com/ Frame F2FB 6 KB
768 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Mar 2023 06:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 06:39:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Mar 2023 06:39:53 GMT

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame F2FB 36 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 14:49:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 14:49:52 GMT

GET
H3 200 2089416103879142170
tpc.googlesyndication.com/simgad/ Frame F2FB 8 KB
8 KB 44ms
44ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2089416103879142170

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43ce2e7be01c27ef3d0e2857602d7e150a1135a7b269dccd5582af48b1e9725

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 23:05:04 GMT
x-content-type-options: nosniff
age: 286489
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8526
x-xss-protection: 0
last-modified: Wed, 30 Sep 2020 13:15:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Mar 2024 23:05:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F2FB 15 KB
16 KB 137ms
40ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 01:29:06 GMT
x-content-type-options: nosniff
age: 18647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Mar 2024 01:29:06 GMT

GET
H3 200 index_audio_4_0_9.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 40 KB
41 KB 601ms
600ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_audio_4_0_9.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b650b17b817dab9ef4f91009022b1772f71a5b6913944091fd05f2c5ad6b3d28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:54 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41410
last-modified: Mon, 06 Mar 2023 06:39:54 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKT8CE30UOY4SoZN2vV3FigMbLqz%2Fk1xYdlfSnIt7cSTXb3jH9JVWxSGWTK9SjV4nxtNeWwBZyws5sKfdFPJxXrKr1LAVMoM9lA3KSjZH%2BXT32T4ug3eQax25q7gWXYp%2F1EPlxrEweIwC5ORqxvxjNeS"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389aa8bf9f9043-FRA
x-mediapackage-request-id: Root=1-64058ab9-5d484ae13ba5a6b2170f49a1
x-amz-cf-id: NkkdVz3TVbbWH7ZBRmtv4cmvY5ZyFHZLyhrRSEGQqmIEztuL3d4SbA==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F2FB 15 KB
16 KB 140ms
54ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:37:51 GMT
x-content-type-options: nosniff
age: 248522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 09:37:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F2FB 15 KB
15 KB 170ms
85ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 06:19:10 GMT
x-content-type-options: nosniff
age: 260443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 06:19:10 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 5F77
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=23922200019749900951411012255003&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=23922200019749900951411012255003&actionid=981741&produktid=&dt_url=

0
607 B

167ms
50ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=23922200019749900951411012255003&actionid=981741&produktid=&dt_url=

Requested by

Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=vd0t4hz2g700&nw=20&renderingType=javascript&namespace=76d3276945&subid=&uid=0be19938abbaff2d&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DKsq_S__ISkvCqYrbT9FQDA%26exch_seat%3D20035004448%26mt_aid%3D7550372429694295126%26mt_id%3D6622336%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddf936405-8ab9-4f01-b403-5f1d41963b97%26mt_cid%3Ddf936405-8ab9-4f01-b403-5f1d41963b97%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCylFhuIoFZKWVLviA9u8P8aac2AvPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02Mzk2ODQ0NzQyNDk3MjA4yAEJ4AIAqAMBqgT_AU_QPZbPxCUdB4rxhGZbwI81sHlUWhzB3e4jVn6qtJK5mY24MDkPoyyXo-ABEbDAzvTwBvWtLICWMMISVyng0gv6aEERWDc9tm4D-J0sUKS8YLjfjbWYB7p8sjpYWRJqENPSl5kagY3ThdA4Apq0xqvc3hHk90z3XWE6CSewCxDEo2vqiMohaRouTlzByU9MkfuyhGXlio5KZKsM4KYWw74puPXEcEEbsk1Yi-O1FIB2EMd4uqD2TE3PH3KUaS2C8wV8T6AsQC6SgB5GYlmVHSG8fhrTf53C7aZxCJ67H-GkwP_hgnnp0uOp3NuxbAsp8RZYMyJkL6lRo_gi7AlCY-AEAYAGytbPu7jU7ezLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTgyMjIyNTI5NTg3ODQxNzb6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2F1FaZSoTOONlXEtRTM3CpjzV46Q%2526client%253Dca-pub-6396844742497208%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=9853184281988&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 06 Mar 2023 06:39:53 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Mon, 06 Mar 2023 07:39:53 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Mon, 06 Mar 2023 06:39:54 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=23922200019749900951411012255003&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40028
X-IPLB-Request-ID: 50FF076A:E24A_91EFC182:01BB_64058AB9_93AD2C5:C02B

GET
H2 200 / Show response
adv.office-partner.de/ Frame 26C3 930 B
931 B 236ms
59ms Document
text/html 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=vd0t4hz2g700&nw=20&renderingType=javascript&namespace=76d3276945&subid=&uid=0be19938abbaff2d&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DKsq_S__ISkvCqYrbT9FQDA%26exch_seat%3D20035004448%26mt_aid%3D7550372429694295126%26mt_id%3D6622336%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddf936405-8ab9-4f01-b403-5f1d41963b97%26mt_cid%3Ddf936405-8ab9-4f01-b403-5f1d41963b97%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCylFhuIoFZKWVLviA9u8P8aac2AvPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02Mzk2ODQ0NzQyNDk3MjA4yAEJ4AIAqAMBqgT_AU_QPZbPxCUdB4rxhGZbwI81sHlUWhzB3e4jVn6qtJK5mY24MDkPoyyXo-ABEbDAzvTwBvWtLICWMMISVyng0gv6aEERWDc9tm4D-J0sUKS8YLjfjbWYB7p8sjpYWRJqENPSl5kagY3ThdA4Apq0xqvc3hHk90z3XWE6CSewCxDEo2vqiMohaRouTlzByU9MkfuyhGXlio5KZKsM4KYWw74puPXEcEEbsk1Yi-O1FIB2EMd4uqD2TE3PH3KUaS2C8wV8T6AsQC6SgB5GYlmVHSG8fhrTf53C7aZxCJ67H-GkwP_hgnnp0uOp3NuxbAsp8RZYMyJkL6lRo_gi7AlCY-AEAYAGytbPu7jU7ezLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTgyMjIyNTI5NTg3ODQxNzb6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2F1FaZSoTOONlXEtRTM3CpjzV46Q%2526client%253Dca-pub-6396844742497208%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=9853184281988&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Mon, 06 Mar 2023 06:39:54 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Mon, 13 Mar 2023 06:39:54 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: atvi

GET
H2

200

htlp Show response
futalis.de/ Frame 4322
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=23922200019749900951411012255003&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2364595180

350 B
401 B

138ms
45ms

Document
text/html

49.12.16.151
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2364595180
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=vd0t4hz2g700&nw=20&renderingType=javascript&namespace=76d3276945&subid=&uid=0be19938abbaff2d&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DKsq_S__ISkvCqYrbT9FQDA%26exch_seat%3D20035004448%26mt_aid%3D7550372429694295126%26mt_id%3D6622336%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddf936405-8ab9-4f01-b403-5f1d41963b97%26mt_cid%3Ddf936405-8ab9-4f01-b403-5f1d41963b97%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCylFhuIoFZKWVLviA9u8P8aac2AvPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02Mzk2ODQ0NzQyNDk3MjA4yAEJ4AIAqAMBqgT_AU_QPZbPxCUdB4rxhGZbwI81sHlUWhzB3e4jVn6qtJK5mY24MDkPoyyXo-ABEbDAzvTwBvWtLICWMMISVyng0gv6aEERWDc9tm4D-J0sUKS8YLjfjbWYB7p8sjpYWRJqENPSl5kagY3ThdA4Apq0xqvc3hHk90z3XWE6CSewCxDEo2vqiMohaRouTlzByU9MkfuyhGXlio5KZKsM4KYWw74puPXEcEEbsk1Yi-O1FIB2EMd4uqD2TE3PH3KUaS2C8wV8T6AsQC6SgB5GYlmVHSG8fhrTf53C7aZxCJ67H-GkwP_hgnnp0uOp3NuxbAsp8RZYMyJkL6lRo_gi7AlCY-AEAYAGytbPu7jU7ezLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTgyMjIyNTI5NTg3ODQxNzb6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2F1FaZSoTOONlXEtRTM3CpjzV46Q%2526client%253Dca-pub-6396844742497208%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=9853184281988&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-1.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 06 Mar 2023 06:39:53 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2364595180
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame 5C50 2 KB
2 KB 249ms
118ms Script
text/html 35.177.30.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=23922200019749900951411012255003&nw=1
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.30.54 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-30-54.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 7794da2d442708314bfc4917526841a6d6920f49f9a6f7e2ef0b9e2749e3bd7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:54 GMT
last-modified: Mon, 06 Mar 2023 06:39:53 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Mon, 06 Mar 2023 06:40:53 GMT

GET
H2

200

activityi;dc_pre=CLjJsoDZxv0CFRRVGAod15gOOg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6172240517234.748 Show response
5994599.fls.doubleclick.net/ Frame 9305
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6172240517234.748?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjJsoDZxv0CFRRVGAod15gOOg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6172240517234.748?

391 B
327 B

97ms
94ms

Document
text/html

142.251.208.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjJsoDZxv0CFRRVGAod15gOOg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6172240517234.748?

Requested by

Host: easy-fengshui.com
URL: https://easy-fengshui.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f6.1e100.net

Software

cafe /

Resource Hash

8604a9c66003151f0f574b79abb7bfa51c33057ed61f0b1b70fc5f4ccd756474

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 06:39:54 GMT
expires: Mon, 06 Mar 2023 06:39:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 06 Mar 2023 06:39:54 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjJsoDZxv0CFRRVGAod15gOOg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6172240517234.748?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90003.redintelligence.net/ Frame 7399 7 KB
2 KB 123ms
41ms Document
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request_content.php?s=23922200019749900951411012255003&a=b01237a4
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=vd0t4hz2g700&nw=20&renderingType=javascript&namespace=76d3276945&subid=&uid=0be19938abbaff2d&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DKsq_S__ISkvCqYrbT9FQDA%26exch_seat%3D20035004448%26mt_aid%3D7550372429694295126%26mt_id%3D6622336%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddf936405-8ab9-4f01-b403-5f1d41963b97%26mt_cid%3Ddf936405-8ab9-4f01-b403-5f1d41963b97%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCylFhuIoFZKWVLviA9u8P8aac2AvPh46bXMCG2YLGAsCNtwEQASAAYJWCgIC0B4IBF2NhLXB1Yi02Mzk2ODQ0NzQyNDk3MjA4yAEJ4AIAqAMBqgT_AU_QPZbPxCUdB4rxhGZbwI81sHlUWhzB3e4jVn6qtJK5mY24MDkPoyyXo-ABEbDAzvTwBvWtLICWMMISVyng0gv6aEERWDc9tm4D-J0sUKS8YLjfjbWYB7p8sjpYWRJqENPSl5kagY3ThdA4Apq0xqvc3hHk90z3XWE6CSewCxDEo2vqiMohaRouTlzByU9MkfuyhGXlio5KZKsM4KYWw74puPXEcEEbsk1Yi-O1FIB2EMd4uqD2TE3PH3KUaS2C8wV8T6AsQC6SgB5GYlmVHSG8fhrTf53C7aZxCJ67H-GkwP_hgnnp0uOp3NuxbAsp8RZYMyJkL6lRo_gi7AlCY-AEAYAGytbPu7jU7ezLAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgEDyCBthZHgtc3Vic3luLTgyMjIyNTI5NTg3ODQxNzb6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2F1FaZSoTOONlXEtRTM3CpjzV46Q%2526client%253Dca-pub-6396844742497208%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=9853184281988&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: eead5013ebc860c4e87849139ebc00fd9a1375831f8c45e5fb713498e130258d

Request headers

Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2064
Content-Type: text/html; charset=utf-8
Date: Mon, 06 Mar 2023 06:39:53 GMT
Expires: Mon, 06 Mar 2023 06:39:53 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 5C50
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=23922200019749900951411012255003
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=23922200019749900951411012255003
https://ad-server.eu/wm/pb/native.png

68 B
312 B

380ms
58ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 06 Mar 2023 06:42:32 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Mon, 06 Mar 2023 06:39:54 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 50FF076A:E29C_91EFC182:01BB_64058ABA_93AD2D3:C02B
X-IPLB-Instance: 40028
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8C2E 1 KB
643 B 40ms
40ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 86299
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 06:41:34 GMT
etag: 48472445140208031
expires: Mon, 06 Mar 2023 06:41:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5C50 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f4dd40159d28a047d2a6e4d7bc6f44d69f00435bd7f200a9eed1106327deba0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C2E
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEN2pPbWb6ZCgrHzVNLr5dSk&google_cver=1&google_push=Aa02lx_T3mlKJcRL1ihhf22bLIHQsCbt7Z0wRPAN6Y30uyFWwYGLEoCLlMq4tIgPq9Dtz6Gp971tChBBcCt...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=Aa02lx_T3mlKJcRL1ihhf22bLIHQsCbt7Z0wRPAN6Y30uyFWwYGLEoCLlMq4tIgPq9Dtz6Gp971tChBBcCtR-k5m-EQKslvjfRQ7

170 B
188 B

52ms
50ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=Aa02lx_T3mlKJcRL1ihhf22bLIHQsCbt7Z0wRPAN6Y30uyFWwYGLEoCLlMq4tIgPq9Dtz6Gp971tChBBcCtR-k5m-EQKslvjfRQ7

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=Aa02lx_T3mlKJcRL1ihhf22bLIHQsCbt7Z0wRPAN6Y30uyFWwYGLEoCLlMq4tIgPq9Dtz6Gp971tChBBcCtR-k5m-EQKslvjfRQ7
Date: Mon, 06 Mar 2023 06:39:54 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C2E
Redirect Chain

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEEZ6-FsgX15sESJpsj_comI&google_cver=1&google_push=Aa02lx8pDirDQB_wa9vQsOfAjeOQiBd4CJFpVkDahvx11Lbt8LX8OGAyviJWgS0JPJHu9pFSC2Emx2XSGJ...
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEEZ6-FsgX15sESJpsj_comI&google_cver=1&google_push=Aa02lx8pDirDQB_wa9vQsOfAjeOQiBd4CJFpVkDahvx11Lbt8LX8OGAyviJWgS0JPJHu9pFSC2Emx2XSGJ...
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aa02lx8pDirDQB_wa9vQsOfAjeOQiBd4CJFpVkDahvx11Lbt8LX8OGAyviJWgS0JPJHu9pFSC2Emx2XSGJcKTwCdwTUEwFLsUNGh&google_hm=

170 B
188 B

50ms
50ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aa02lx8pDirDQB_wa9vQsOfAjeOQiBd4CJFpVkDahvx11Lbt8LX8OGAyviJWgS0JPJHu9pFSC2Emx2XSGJcKTwCdwTUEwFLsUNGh&google_hm=

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 06 Mar 2023 06:39:54 GMT
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=Aa02lx8pDirDQB_wa9vQsOfAjeOQiBd4CJFpVkDahvx11Lbt8LX8OGAyviJWgS0JPJHu9pFSC2Emx2XSGJcKTwCdwTUEwFLsUNGh&google_hm=
content-type: text/html; charset=UTF-8
cache-control: no-cache
keep-alive: timeout=10
access-control-allow-headers: Origin

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C2E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TBd3lFUDQ9mNTulx7ehMTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

61ms
61ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TBd3lFUDQ9mNTulx7ehMTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_wvoxhV1LC0RwNvMjHdsANiQExWcDPjSxJSThb5KSZ2itj2jahOolvmknaUmyVXyATwdTzD6DEZ_DrZCORuKMM5peBwQM

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TBd3lFUDQ9mNTulx7ehMTw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_wvoxhV1LC0RwNvMjHdsANiQExWcDPjSxJSThb5KSZ2itj2jahOolvmknaUmyVXyATwdTzD6DEZ_DrZCORuKMM5peBwQM
date: Mon, 06 Mar 2023 06:39:53 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C2E
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJz0RCX9Qahc6T-Twdh18GQ&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJz0RCX9Qahc6T-Twdh18GQ&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJz0RCX9Qahc6T-Twdh18GQ&google_hm=ZAWKuvkvR-UciR4nfISAxgAACLUAAAAB&google_nid=index&google_push=Aa02lx8B3cxGaOklxnQZyX0iFlrX-htlSRVds...

170 B
188 B

60ms
60ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJz0RCX9Qahc6T-Twdh18GQ&google_hm=ZAWKuvkvR-UciR4nfISAxgAACLUAAAAB&google_nid=index&google_push=Aa02lx8B3cxGaOklxnQZyX0iFlrX-htlSRVdskxbarFHeX5rMC5bFb-hIxzpk3Cn9p4FygQTqIKsZaqE_k3FOrem1ABRT9lJcNIE

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 06 Mar 2023 06:39:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJz0RCX9Qahc6T-Twdh18GQ&google_hm=ZAWKuvkvR-UciR4nfISAxgAACLUAAAAB&google_nid=index&google_push=Aa02lx8B3cxGaOklxnQZyX0iFlrX-htlSRVdskxbarFHeX5rMC5bFb-hIxzpk3Cn9p4FygQTqIKsZaqE_k3FOrem1ABRT9lJcNIE
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C2E
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGIl6J_TXKtya3vDIl4-Fp4&google_cver=1&google_push=Aa02lx9ja1B6fFXqY8uYYil4eFFzoiwds3UACDZIw33btYmm8P4Z_GUFjwxNXRBlS1diFQ8cY8I_grXLp2Bk2F3F_...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGIl6J_TXKtya3vDIl4-Fp4&google_cver=1&google_push=Aa02lx9ja1B6fFXqY8uYYil4eFFzoiwds3UACDZIw33btYmm8P4Z_GUFjwxNXRBlS1diFQ8cY8I_grXLp2Bk2F3F_...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9ja1B6fFXqY8uYYil4eFFzoiwds3UACDZIw33btYmm8P4Z_GUFjwxNXRBlS1diFQ8cY8I_grXLp2Bk2F3F_AeyZZbXFLY&google_hm=GQ4PvGZH-kUbOFk_QRuw1KW7

170 B
188 B

50ms
50ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9ja1B6fFXqY8uYYil4eFFzoiwds3UACDZIw33btYmm8P4Z_GUFjwxNXRBlS1diFQ8cY8I_grXLp2Bk2F3F_AeyZZbXFLY&google_hm=GQ4PvGZH-kUbOFk_QRuw1KW7

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 06 Mar 2023 06:39:54 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9ja1B6fFXqY8uYYil4eFFzoiwds3UACDZIw33btYmm8P4Z_GUFjwxNXRBlS1diFQ8cY8I_grXLp2Bk2F3F_AeyZZbXFLY&google_hm=GQ4PvGZH-kUbOFk_QRuw1KW7
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 8C2E 0
44 B 893ms
289ms Image
text/plain 35.74.107.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEJYJi-xxX0Dw6AYiegBd91A&google_cver=1&google_push=Aa02lx8cog9m57e3shomW0g3N3EfXFvRAlQ7hKMLMXQHeSzbbvu0OXQeA4adDVxXvOFAmJDYY4owg-ObyaCZFqoQy1sUtCnaa2iq
Requested by: Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.74.107.114 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-74-107-114.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:54 GMT
server: awselb/2.0

GET
H2

200

/
onetag-sys.com/match/ Frame 8C2E
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEO3YTL7HXvHB1OmkZxdHMrA&google_cver=1&google_push=Aa02lx9CH328SgeYApY7ZN1iW1R_oOk53yCt-DXCDns1F6C39kvAQio1zb7pv05M3OgEB-eLZF60S-5yYOl...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9CH328SgeYApY7ZN1iW1R_oOk53yCt-DXCDns1F6C39kvAQio1zb7pv05M3OgEB-eLZF60S-5yYOl5GHqZf40VuTjf2eNN
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

40ms
40ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8C2E 0
12 B 48ms
47ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K-L7K8klF72WwLiPhRtyiu9qq1Muu6COLi1oIzD9tt-m1XaQ2iZ-LOwGa3yd3-2hAW0Pl7Jw

Requested by

Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 css
fonts.googleapis.com/ Frame 7399 4 KB
651 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=23922200019749900951411012255003&a=b01237a4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 06 Mar 2023 06:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 05:37:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 06 Mar 2023 06:39:53 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 7399 16 KB
16 KB 119ms
40ms Image
image/png 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=23922200019749900951411012255003&a=b01237a4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 251c211964876f6ef599d0a5cf33a5ca9b8c1933926b9ae993daa63b97439af7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 06 Mar 2023 06:39:54 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16268
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 7399 16 KB
16 KB 122ms
41ms Image
image/png 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=23922200019749900951411012255003&a=b01237a4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 05e56d548ba73f6d6ef7bf78f6aef333d7a908f6d69b1a92ef96273c38b2388b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 06 Mar 2023 06:39:54 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16551
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 7399 13 KB
13 KB 121ms
40ms Image
image/png 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=23922200019749900951411012255003&a=b01237a4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 87e152b831727ee3a1f417f04efce6872ea0e229bfdd54a0a712ae747b2640aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 06 Mar 2023 06:39:54 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 13009
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal90003.redintelligence.net/ Frame 7399 0
150 B 121ms
41ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/viewability?s=23922200019749900951411012255003&a=21514dde&vb=m
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=23922200019749900951411012255003&a=b01237a4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/request_content.php?s=23922200019749900951411012255003&a=b01237a4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 06 Mar 2023 06:39:54 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 7399 13 KB
13 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90003.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 15:41:23 GMT
x-content-type-options: nosniff
age: 313111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 15:41:23 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 7399 13 KB
13 KB 48ms
47ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90003.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 00:28:56 GMT
x-content-type-options: nosniff
age: 367858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 00:28:56 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 26C3 105 KB
40 KB 49ms
48ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba373e2d84a363fdc1912592efb2fc4a52d882598942aef457a192ba85ba84da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41426
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 06 Mar 2023 06:39:54 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 5C50 85 KB
31 KB 172ms
47ms Script
application/javascript 13.224.189.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=23922200019749900951411012255003&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-102.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 00:37:38 GMT
content-encoding: gzip
via: 1.1 0f538ee832e1105649039b38ce89e882.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 21737
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: JCei3SF89aIrheyH0w5ZbE_A_EiuBJqGsESoKuGDTk9aFyhiAe5GVg==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 5C50 3 KB
3 KB 157ms
41ms Image
image/png 13.225.78.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1678085094&Signature=YtcwqTK7ZbKf~zGIDT4MHMZix16KQ3e5e1LpYSECbP31Uxd5xhsLt2Yigdym3d9EPPzaE9c3L55PgDsO0atp6ZLyOap846hthS2nYovNuYknU6L6fCvf1A0qXmrpT59U~xL-U5t2eI5LLF0kF~HxoFCF947IvRWfnl1am0crZpUOsnRDLqJB0i5wm1kMtoUd4PBnCUOQR59aqrPinIfqk04r65BOjd6TgH8rTAUSg3XQbyjkUnYtEjHMsPEvX-YBx77ltD4Zzxv9AsMR-S-lx9g8Qta~HqwEI1DsePradKOvf~SQWtPTwWQXXcx7v8wl9kmwUZ5VpAeCGxJlV4WKzg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-118.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Mon, 06 Mar 2023 02:54:26 GMT
via: 1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 13614
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: b09sPgfiQesTcz1N54xGOqrFsovndgcuux-QDNXVgdfjPemUFc4ATA==

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 4322 5 KB
5 KB 38ms
37ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2364595180
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:54 GMT
last-modified: Fri, 21 Jan 2022 14:35:51 GMT
server: Apache
etag: "14aa-5d6188919baaa"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5290

GET
H3 200 dc_pre=CLjJsoDZxv0CFRRVGAod15gOOg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6172240517234.748
adservice.google.com/ddm/fls/z/ Frame 9305 42 B
63 B 76ms
76ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLjJsoDZxv0CFRRVGAod15gOOg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6172240517234.748

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLjJsoDZxv0CFRRVGAod15gOOg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6172240517234.748?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index_video_1_0_9.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 39 KB
40 KB 589ms
588ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_video_1_0_9.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67c69a97f4f1243e428c64744e1fc3894d21bc4491e106c67c7e9fc919d18aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:54 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40246
last-modified: Mon, 06 Mar 2023 06:39:54 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kalbjb3zF109IE0%2F7D%2BhvRCDANRAK%2BSbQ5U1atuSTaup%2BznNY%2FtVM3UhVZ%2BovnxyOm%2BVhU8SSZ4EQaYAGi8ZEc3s2%2FZBtxgh3kTbYuMdGR%2FhcYA5YGHS8ao6dOuSYBAedn9twbi3ehMG8QBLDjOdKyoe"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389aabfa169043-FRA
x-mediapackage-request-id: Root=1-64058aba-4ecb25f777281e745a3642b5
x-amz-cf-id: rxO7Xe7Uc_DOXC28KMxgBLaJkb2VeTTRsKA2puGCMAlAgw1HDzhsfQ==

GET
H3 200 index_audio_4_0_10.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 40 KB
41 KB 593ms
593ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_audio_4_0_10.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ec2259e4ebb4b2721bb3336e4dbef8744b16b7d6b834ae18aef67f986c16248

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:54 GMT
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41411
last-modified: Mon, 06 Mar 2023 06:39:54 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6e6L4w8PQLB0e%2BLAeM%2BtHETwyOHRuNmMxKCfHCgD7p6FCk9GTW0h%2Br7r1bR2VzZUA8GYRv2eijhGlZ4EXNcKoxJv02zLJkVS9c8rErJAhs%2BKRGxqwmwIU0onAIAdlaI3HCHyEfjQAMCcnFEINJbZLjy"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389aad0ae09043-FRA
x-mediapackage-request-id: Root=1-64058aba-176b8bb36faead1162b4b955
x-amz-cf-id: CgBwRITK3DTgydN56GfmT3pnAw7dqZ7EE9WqSSWD-ifLdFwaHJH-Sg==

POST
H2 204 greenoaks.gif
easy-fengshui.com/detroitchicago/ 0
63 B 41ms
41ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiNzU3ZjliNy0yOGI0LTRmNmQtNzQ5Zi1lOTgwZDY4ZWZmMDIiLCJkb21haW5faWQiOiIyNTAzNDEiLCJ0X2Vwb2NoIjoxNjc4MDg0Nzg2LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInRfZXBvY2giOjE2NzgwODQ3ODYsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjI4NiJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiNzU2In0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiI4NSJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiIyNzMifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiIyNzMifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiMjg3OCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInRfZXBvY2giOjE2NzgwODQ3ODYsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6IjEwMjQifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiNzU3ZjliNy0yOGI0LTRmNmQtNzQ5Zi1lOTgwZDY4ZWZmMDIiLCJkb21haW5faWQiOiIyNTAzNDEiLCJ0X2Vwb2NoIjoxNjc4MDg0Nzg2LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6IjEwMjQifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiNzU3ZjliNy0yOGI0LTRmNmQtNzQ5Zi1lOTgwZDY4ZWZmMDIiLCJkb21haW5faWQiOiIyNTAzNDEiLCJ0X2Vwb2NoIjoxNjc4MDg0Nzg2LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfV0=
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:54 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:54 GMT

POST
H2 204 greenoaks.gif
easy-fengshui.com/detroitchicago/ 0
16 B 42ms
41ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiNzU3ZjliNy0yOGI0LTRmNmQtNzQ5Zi1lOTgwZDY4ZWZmMDIiLCJkb21haW5faWQiOiIyNTAzNDEiLCJ0X2Vwb2NoIjoxNjc4MDg0Nzg2LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjEwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYjc1N2Y5YjctMjhiNC00ZjZkLTc0OWYtZTk4MGQ2OGVmZjAyIiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidF9lcG9jaCI6MTY3ODA4NDc4NiwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fcnR0IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInRfZXBvY2giOjE2NzgwODQ3ODYsImRhdGEiOlt7Im5hbWUiOiJkaXNwbGF5X2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMjQwNTAwIn0seyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjQifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX3B4IiwidmFsIjoiMzQxODAwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfY291bnQiLCJ2YWwiOiI0In0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6InZpZXdwb3J0X3NpemUiLCJ2YWwiOiIxNjAweDEyMDAifSx7Im5hbWUiOiJ2aWV3cG9ydF9weCIsInZhbCI6IjE5MjAwMDAifSx7Im5hbWUiOiJkb2NfcHgiLCJ2YWwiOiI1MzE1MjAwIn0seyJuYW1lIjoiZG9jX2hlaWdodCIsInZhbCI6IjMzMjIifV19XQ==
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:54 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:54 GMT

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
16 B 43ms
43ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYyNTMzNjg4MDQ3OTYzIiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWFzeV9mZW5nc2h1aV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NzgwODQ3ODYsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjMxMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjg5MjE5MDc1NDAzNTA2MCIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVhc3lfZmVuZ3NodWlfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY3ODA4NDc4NiwiYWRfcG9zaXRpb24iOjExOTIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYjc1N2Y5YjctMjhiNC00ZjZkLTc0OWYtZTk4MGQ2OGVmZjAyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiNTcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjUzNTc2MzA0NTgwNzg4NzQiLCJkb21haW5faWQiOiIyNTAzNDEiLCJ1bml0IjoiZGl2LWdwdC1hZC1lYXN5X2ZlbmdzaHVpX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2NzgwODQ3ODYsImFkX3Bvc2l0aW9uIjoxMTkxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NzE2MTQzOTQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM3NzUsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiI1NyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODU3OTgxNTQ1NjAxNzgwMCIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVhc3lfZmVuZ3NodWlfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjc4MDg0Nzg2LCJhZF9wb3NpdGlvbiI6MTEzMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJiNzU3ZjliNy0yOGI0LTRmNmQtNzQ5Zi1lOTgwZDY4ZWZmMDIiLCJjb21wX2lkIjoxLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMjc4In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:54 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:54 GMT

POST
H2 204 greenoaks.gif
easy-fengshui.com/detroitchicago/ 0
16 B 43ms
42ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiNzU3ZjliNy0yOGI0LTRmNmQtNzQ5Zi1lOTgwZDY4ZWZmMDIiLCJkb21haW5faWQiOiIyNTAzNDEiLCJ0X2Vwb2NoIjoxNjc4MDg0Nzg2LCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjQ4MTAwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiI4In0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjY4MzYwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiOCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiNTMxNTIwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiIzMzIyIn1dfV0=
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:54 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:54 GMT

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
16 B 43ms
42ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYyNTMzNjg4MDQ3OTYzIiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWFzeV9mZW5nc2h1aV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NzgwODQ3ODYsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzk3MCw5MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjE2MjUzMzY4ODA0Nzk2MyIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVhc3lfZmVuZ3NodWlfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjc4MDg0Nzg2LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJiNzU3ZjliNy0yOGI0LTRmNmQtNzQ5Zi1lOTgwZDY4ZWZmMDIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ4MTc3MzU0MjAsImNyZWF0aXZlX2lkIjoxMzgyNDYxMDU4NDIsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYyNTMzNjg4MDQ3OTYzIiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWFzeV9mZW5nc2h1aV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NzgwODQ3ODYsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:54 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:54 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 433A 42 B
64 B 114ms
114ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsst-CVqInV2DdawwtCuolNExCqLZldAmRM35tn8oIRLgrpt37V86Wg1d504W5u_KHfMR7bJYckVzq5b4c7gtPAQk9xpC03eZsiDEu6x_7Gas31RciinaAqvZLG9vYDwh9l0kPV3JQ&sai=AMfl-YRU-68XroCf70s6MTx01tgVZGvNTWCuvf01eAbl3KIZnUbZV9j4M4ScfuSDbs43rDZL-Wx-P6tYSUHMtPzu1SkwH_YMbRwEVS9wttsLI9GmEIfUJbvj_WnGG5aO&sig=Cg0ArKJSzGWvlb16vD8CEAE&cid=CAQSPADUE5ymhMEeMJ2q8uF1ECF-grzDPoJuQyiN2-w35u_CfRY3FdEym6QpRmm2OZk_gVKFRGzTKekaM562ohgB&id=lidar2&mcvt=1000&p=302,0,902,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3140113942&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678084793315&rpt=331&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 277A 42 B
64 B 90ms
90ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvXo2U1nlZLDgIEeR7otwUT1zdeyJEHYrlCcxd-59iUh1V2N5DruCwii-HLnmznAyWMggquwZtRAJvo-OLnJ03TKvJ3LLkvBt4VC1QX_EynWym6uLNOhlMtkOIeslJLVSDYs5iMdQ&sai=AMfl-YR-b771ymb50PlQXFB_yUQHJ94T2xFOY3GK9cAhF0j7eLbMXFnl7vw-Je9AUcw-1LME3gIk0FSGwSRXuGKnBMyl4i88xJO8TkAYqiRRSc8uirc3EAYSC2-Tz5Wx&sig=Cg0ArKJSzBOAsCPfiWhrEAE&cid=CAQSPADUE5ymD7LdwZB2hyOeva3sRYEExmhlM2zMUGETW8kDWIYtYswWtEWp-Nh-kSsJfYRi7196HzPzDghMhhgB&id=lidar2&mcvt=1000&p=302,1440,902,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=478332810&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678084793296&rpt=376&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
16 B 41ms
41ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTM1NzYzMDQ1ODA3ODg3NCIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVhc3lfZmVuZ3NodWlfY29tLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY3ODA4NDc4NiwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTkxLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYjc1N2Y5YjctMjhiNC00ZjZkLTc0OWYtZTk4MGQ2OGVmZjAyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo3MTYxNDM5NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0Mzc3NSwiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:54 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:54 GMT

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
16 B 42ms
41ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjg5MjE5MDc1NDAzNTA2MCIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVhc3lfZmVuZ3NodWlfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY3ODA4NDc4NiwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTkyLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYjc1N2Y5YjctMjhiNC00ZjZkLTc0OWYtZTk4MGQ2OGVmZjAyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:54 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:54 GMT

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
16 B 43ms
43ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjg5MjE5MDc1NDAzNTA2MCIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVhc3lfZmVuZ3NodWlfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY3ODA4NDc4NiwiYWRfcG9zaXRpb24iOjExOTIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYjc1N2Y5YjctMjhiNC00ZjZkLTc0OWYtZTk4MGQ2OGVmZjAyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMTYwLDYwMF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY4OTIxOTA3NTQwMzUwNjAiLCJkb21haW5faWQiOiIyNTAzNDEiLCJ1bml0IjoiZGl2LWdwdC1hZC1lYXN5X2ZlbmdzaHVpX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2NzgwODQ3ODYsImFkX3Bvc2l0aW9uIjoxMTkyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2ODkyMTkwNzU0MDM1MDYwIiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWFzeV9mZW5nc2h1aV9jb20tZWRnZS0yLTAiLCJ0X2Vwb2NoIjoxNjc4MDg0Nzg2LCJhZF9wb3NpdGlvbiI6MTE5MiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJiNzU3ZjliNy0yOGI0LTRmNmQtNzQ5Zi1lOTgwZDY4ZWZmMDIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ4MTc3MzU0MjAsImNyZWF0aXZlX2lkIjoxMzgyNDYxMDU4NDIsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:54 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:54 GMT

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
16 B 43ms
43ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTM1NzYzMDQ1ODA3ODg3NCIsImRvbWFpbl9pZCI6IjI1MDM0MSIsInVuaXQiOiJkaXYtZ3B0LWFkLWVhc3lfZmVuZ3NodWlfY29tLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY3ODA4NDc4NiwiYWRfcG9zaXRpb24iOjExOTEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYjc1N2Y5YjctMjhiNC00ZjZkLTc0OWYtZTk4MGQ2OGVmZjAyIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo3MTYxNDM5NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0Mzc3NSwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzE2MCw2MDBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1MzU3NjMwNDU4MDc4ODc0IiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWFzeV9mZW5nc2h1aV9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjc4MDg0Nzg2LCJhZF9wb3NpdGlvbiI6MTE5MSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJiNzU3ZjliNy0yOGI0LTRmNmQtNzQ5Zi1lOTgwZDY4ZWZmMDIiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjcxNjE0Mzk0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNzc1LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjUzNTc2MzA0NTgwNzg4NzQiLCJkb21haW5faWQiOiIyNTAzNDEiLCJ1bml0IjoiZGl2LWdwdC1hZC1lYXN5X2ZlbmdzaHVpX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2NzgwODQ3ODYsImFkX3Bvc2l0aW9uIjoxMTkxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NzE2MTQzOTQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM3NzUsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:54 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:54 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5C50 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwFUlfALRgPF06vgRpVgV-DL-Aeyve2lnxAQwrGVP6mpGF8WFvUQSTlnSLvrDkuZyPotY-_L5jYlR0s3up4z8SY5mM&sig=Cg0ArKJSzJ21SdSoMKbREAE&id=lidar2&mcvt=1081&p=1110,315,1200,1285&mtos=1081,1081,1081,1081,1081&tos=1081,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2260493737&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678084793143&rpt=692&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90003.redintelligence.net/ Frame 7399 0
150 B 121ms
40ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/viewability?s=23922200019749900951411012255003&a=21514dde&vb=v
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=23922200019749900951411012255003&a=b01237a4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/request_content.php?s=23922200019749900951411012255003&a=b01237a4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 06 Mar 2023 06:39:55 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 5C50 16 B
232 B 88ms
87ms Fetch
application/json 18.133.166.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.166.146 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-166-146.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Mar 2023 06:39:55 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 162ms
45ms Preflight 18.133.166.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.166.146 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-166-146.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Mon, 06 Mar 2023 06:39:55 GMT
server: nginx

GET
H3 200 index_video_1_0_10.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 29 KB
30 KB 291ms
291ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_video_1_0_10.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e79daaedf814d614dbc1ff10771b727c4e44f49842d4dc058e8b7ba1c3b913ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:55 GMT
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29666
last-modified: Mon, 06 Mar 2023 06:39:55 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLEeg8ALylgeVRHoCFmn%2Bibpmg%2BfQdLFjPCd8ujpEvhf3yTSW8iUO2JGXPQFldnaw9cVxNkQ0RoFIipr4h%2FOp6VABEPKATE3hMPsjlmt0nTKDfUY1BXmXQuLn%2BxWrTaTQoY57vGIA2yWrBmOnDbbwyNb"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389ab18e0c9043-FRA
x-mediapackage-request-id: Root=1-64058abb-140425462ce453127613b008
x-amz-cf-id: gvWqviUgmR4-41-YNYKHwCb4NCq_ETrMsL5LjPy39oXv3-4ieFIhcQ==

GET
H3 200 index_audio_4_0_11.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 40 KB
41 KB 647ms
647ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_audio_4_0_11.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaef299579fe997d9aa9f1d8b5bbafbf47cc163a1f29a777c4a2e3adefb34c17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:55 GMT
via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40972
last-modified: Mon, 06 Mar 2023 06:39:55 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqolyrxQvI%2BjlZr%2BrCdcOucArnRUXqwIdHdnixke%2BnrRXD%2Bjz1%2BqW3bOPdnQH95nR%2FhNLiu1YmHSRNz8Bw76hx1Iqpl8s68bKv2217cJw%2BQKGdnE9%2BuJ3rlIa%2FiQbtgDK1xzNj1B4fvE8qfragLK6lAG"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389ab19e279043-FRA
x-mediapackage-request-id: Root=1-64058abb-2ca192ee153d2b0036d2f897
x-amz-cf-id: fNqmfo5N-yWA-9zu2FjyILT2La4c0lVTCY4Yk5id7qAFCItIgWDVXw==

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 152ms
53ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Feasy-fengshui.com%2F&domain=easy-fengshui.com&bundle=fKPpTV9ETzFTZUw3VGE5bTRvdCUyQk1HbFJCV2U3ekhqWWNqandNOFdVdGtwcmNzRzBXNFlsVjA4cjFORkRYaG9BR21WVXp1WmJsJTJGa3A3cVZ4MW01eHRyN2RidCUyQm0zd21KN2JvRUlTb3RMdjVTQ1d1YVE0dFFQMGxZRHlyekg4a3lySmxsV3BNa2ZyJTJCR3hzWHZLV0xxaXFnVTc3bVJzTUZmNXZubWFmeWVmS2FXUEdFQSUzRA&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://easy-fengshui.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://easy-fengshui.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 06 Mar 2023 06:39:54 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 559180
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 / Show response
id.a-mx.com/sync/ 130 B
789 B 208ms
98ms XHR
application/json 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.a-mx.com/sync/?tagId=&ref=null&u=https://easy-fengshui.com/&v=7.36.0&vg=epbjs&us_privacy=1---&gdpr=0&gdpr_consent=
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-53
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a995b437224ceb0d2a5d254b09b02538475c477c480aa11c5c848690f8f391b7

Request headers

Referer: https://easy-fengshui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 06 Mar 2023 06:39:55 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEzM1ErtlRxfJLcAvu5bGPVqzBVOnG5sIjajsurOqmmQY0yan9IVaDlvOcinRLqVeE4P%2FdhZo9GI9hRbmRuJUjCcdYb3BdkNEhVLF%2BC3dFydZNSbexKsdBIA%2Bfk1NwWZ3IcBgjnM81zdlA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
content-type: application/json
cache-control: private,max-age=3600
access-control-allow-credentials: true
cf-ray: 7a389ab2fb6e9bbf-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Feasy-fengshui.com%2F&domain=easy-fengshui.com&bundle=fKPpTV9ETzFTZUw3VGE5bTRvdCUyQk1HbFJCV2U3ekhqWWNqandNOFdVdGtwcmNzRzBXNFlsVjA4c...
https://mug.criteo.com/sid?cpp=JH7WUXw2Q05wWXhqcGFKbXRHUW9yT0FvOC9Db0RRSXNnNm1mWTIrQXVFNEkwTkVrdjFhVytiWDVudjRyem0xdXoybkViL21EbzFnZzRXOFltK09pUmtHeXR2cStqM0VkSWdKdmt3YklZYmNjcDFkYUlUMDdWY0pJWEU3RW...

482 B
738 B

44ms
43ms

XHR
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=JH7WUXw2Q05wWXhqcGFKbXRHUW9yT0FvOC9Db0RRSXNnNm1mWTIrQXVFNEkwTkVrdjFhVytiWDVudjRyem0xdXoybkViL21EbzFnZzRXOFltK09pUmtHeXR2cStqM0VkSWdKdmt3YklZYmNjcDFkYUlUMDdWY0pJWEU3RWVTV1J4bjJyM3VBRnlWRzdvakova2p5STcxZlE3Z0VxelVEejd0ZmV5QTJDQVFsQnZkUmUxY1Zkb21OMlBRbjNnR0ZQNk5NUUxLZU5HV0M0d3hXTUswQU8rSzJVUEt4NTluZGJUVGpJSkxEdllJaC84ZWNNeW5DT2NEUkNpM2Jtc3RJSHJKWDRtRzZvK1VzOEl4YWJVMFBOdkJEWDR5UHNyVFMvVk9GYzJPVnFWcUVKL0RzVT18&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

38e0393d52ed4bb4ada8ce4f79880eb5b606d48d589f00d5a4b1630c9e815985

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:55 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1207157
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=JH7WUXw2Q05wWXhqcGFKbXRHUW9yT0FvOC9Db0RRSXNnNm1mWTIrQXVFNEkwTkVrdjFhVytiWDVudjRyem0xdXoybkViL21EbzFnZzRXOFltK09pUmtHeXR2cStqM0VkSWdKdmt3YklZYmNjcDFkYUlUMDdWY0pJWEU3RWVTV1J4bjJyM3VBRnlWRzdvakova2p5STcxZlE3Z0VxelVEejd0ZmV5QTJDQVFsQnZkUmUxY1Zkb21OMlBRbjNnR0ZQNk5NUUxLZU5HV0M0d3hXTUswQU8rSzJVUEt4NTluZGJUVGpJSkxEdllJaC84ZWNNeW5DT2NEUkNpM2Jtc3RJSHJKWDRtRzZvK1VzOEl4YWJVMFBOdkJEWDR5UHNyVFMvVk9GYzJPVnFWcUVKL0RzVT18&cppv=2
access-control-allow-origin: https://easy-fengshui.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 660305
content-length: 0
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
546 B 122ms
40ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-53

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

e6cead609d342bd202f23b8fa86aff54f2503372d68ae63acca87e7dca2bec15

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://easy-fengshui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://easy-fengshui.com
date: Mon, 06 Mar 2023 06:39:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
318 B 82ms
54ms XHR
application/json 52.48.251.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?us_privacy=1---
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-53
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.251.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-251-105.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://easy-fengshui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 06 Mar 2023 06:39:55 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://easy-fengshui.com
cache-control: no-cache
x-server: 10.45.21.182
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
404 B 142ms
41ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-53

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

461be29dcd62f5365ccff68195e200aa641669f9ba643b6b8f90b8db055c0d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://easy-fengshui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://easy-fengshui.com
date: Mon, 06 Mar 2023 06:39:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 128ms
43ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 06 Mar 2023 06:39:54 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 259497
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 index_video_1_0_11.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 141 KB
142 KB 746ms
746ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_video_1_0_11.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c50afa29fa16702f9259ce6c86cc48f4c2c871d5c0926132d27cbd201b26d20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:56 GMT
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 144383
last-modified: Mon, 06 Mar 2023 06:39:56 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4kxVfPEJriLHfNmjeyHCwm9d1MRIfEGOxxo%2FsSawvBzk%2BdwyTwfOS%2FIjah%2BwURbvvkUftFsAZSnCS3wy%2F8KEsg%2FAxJ8LHDGxiBESfTDGdG84ybMTd4b8uTYBrxXb25K4tA%2B3Vi4blpWEh%2F6nyjLOD9h"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389ab3efb29043-FRA
x-mediapackage-request-id: Root=1-64058abb-73b7240e6fd6dcbc16f8b28d
x-amz-cf-id: 6cjE6Y4vRuTfEbCrCLGJkEO-n3sgXhXKfoJQL2qZJ6ZtOCo11rD4rw==

POST
H/1.1 200 457.json Show response
id5-sync.com/g/v2/ 216 B
627 B 43ms
43ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/457.json

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-53

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

8c3d0a9c7875a52a4f250ab028d21c7b15bf53d9ef13fc8989749a48de75cd1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://easy-fengshui.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://easy-fengshui.com
date: Mon, 06 Mar 2023 06:39:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H2 204 army.gif
easy-fengshui.com/porpoiseant/ 0
63 B 42ms
41ms Ping
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-fengshui.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTYyNTMzNjg4MDQ3OTYzIiwiZG9tYWluX2lkIjoiMjUwMzQxIiwidW5pdCI6ImRpdi1ncHQtYWQtZWFzeV9mZW5nc2h1aV9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2NzgwODQ3ODYsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImI3NTdmOWI3LTI4YjQtNGY2ZC03NDlmLWU5ODBkNjhlZmYwMiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: https://easy-fengshui.com
x-middleton-display: ezp_sol
date: Mon, 06 Mar 2023 06:39:55 GMT
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
expires: Sun, 05 Mar 2023 06:39:55 GMT

GET
H3 200 index_audio_4_0_12.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 40 KB
41 KB 611ms
610ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_audio_4_0_12.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 818ffc2a09f6881013a17ab99520367fad8c114a72d74c08b0754868d11d1627

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:56 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41411
last-modified: Mon, 06 Mar 2023 06:39:56 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtxsbH3nQ5S28jbkzY4JEAuJC0nxz6%2BSf%2BMPdVtgAyH3a2%2FfHE4MndWYCPbWirTteGIkkLmkB7RT7ECj7dsBAyjcGBLVVb8tSbnMgNwRcts7Q%2BJ1TJVnYnppp6P%2BtdzJNpQqQY6nxfPoeN0b4g53W8J9"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389ab639479043-FRA
x-mediapackage-request-id: Root=1-64058abc-45e621eb671b46406649de24
x-amz-cf-id: Zm730vEn68kyHp7gYJRfZ0NIOG8IxczttzYAuQ6xfieIhy5VkmYFMw==

GET
H3 200 index_video_1_0_12.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 90 KB
91 KB 651ms
651ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_video_1_0_12.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aa10481626bf2fe0c7b6cbde656eb28be81448192862262c1aed9d829be95c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:56 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 92498
last-modified: Mon, 06 Mar 2023 06:39:56 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wo5%2BqlpUzxmv9QW%2BOy%2FwsRBGBUonSemVs1cgsHUTSG6ItdWo7RegyPYtHnzyKmdm9l6E2jHgmKQy3QVk20jr7suengGgRhqh57oKm76LOxf4fmNatXw54Sm%2Fgb3dp8rPbMWE9O7zhqao2bnKQxzTG5%2FP"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389ab96b799043-FRA
x-mediapackage-request-id: Root=1-64058abc-3d04f394076710d403bea915
x-amz-cf-id: ntv_67r4NrCKa1yFEUlhT1MAc0vuZfEjB3YCFlnMvWV47JMi-uPuRQ==

GET
H3 200 index_audio_4_0_13.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 40 KB
41 KB 586ms
585ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_audio_4_0_13.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c62648d959f944d65d056d21c6536f4073e1ced6a93da2474b8225bb9b0b050

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:57 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41410
last-modified: Mon, 06 Mar 2023 06:39:57 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VurM%2BnTtJR1gKtQRhWGwwot%2BiL5dgOul5vBIKqb0BAo1jP976E%2BmhcBXOvEUKp6rvpvndIEtw6IfVeICiACKGx5PbSXxe%2BAiSS7MA1LqBkv8p5zUaa9hcY9Ubi%2F2%2F7BrtQrT1HrMuYkLoIXI3G2Brz2Z"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389abaac4a9043-FRA
x-mediapackage-request-id: Root=1-64058abc-2905577d37c3f67c683f8a94
x-amz-cf-id: SQWSMT7dbSzlrc3TFgkH10oggWvVPz9TwlKNqTN6I47yscXivg_Ucg==

GET
H3 200 index_video_1_0_13.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 125 KB
126 KB 686ms
685ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_video_1_0_13.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78612665cf7a78bf8b21397f0c04edf4a8bd316ab1a02cebc0401c0006fa0401

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:57 GMT
via: 1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 128139
last-modified: Mon, 06 Mar 2023 06:39:57 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZrYY1vllqI5wKTk9kAbHcGu2K%2BlzyfEdtR2vCmtTPQSo0v4UqLI3qxxXysSyZvQZqxJO1Izl7CiadSmRhAeHmQyivzrX05%2BT5WOFm5rAlaWGcJxoQI1Pr6zSPw7EeOWXlWb9fECbZ6i4YJEUeEAril75"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389abe1eaa9043-FRA
x-mediapackage-request-id: Root=1-64058abd-5a769fe421b3965a12210a28
x-amz-cf-id: -QnkgY-R5wzo9XL8th0JQxV7NiVqWrwvHJpTs1kz8XK2cdh6SE9jFQ==

GET
H3 200 index_audio_4_0_14.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 40 KB
41 KB 597ms
597ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_audio_4_0_14.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e83fe0c4fb2666c911d1f781e8e10e32413180acdef0421464035b542697764

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:57 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41411
last-modified: Mon, 06 Mar 2023 06:39:57 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPkXlIAxZURHwaFtglSCbdsIB87PO%2BGbDxQL2GlS9Qiw452MQnkFeedghrvLD4GhJp5LYBlmP%2Fkno5YoyPxmLjyCQwsosHB%2B63IBm2FCpcbpHLwiO%2BHHK3wJ6LEptGxpACVAtVn6cvx5u%2B9VsKadJBxO"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389abedf349043-FRA
x-mediapackage-request-id: Root=1-64058abd-58138b2b68f71a8a48acda67
x-amz-cf-id: sASDrmqcknOLFM_VreVJ14uTVo1171L3tXYXfNq44CxUF3gHc-_VAQ==

GET
H3 200 index_audio_4_0_15.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 40 KB
41 KB 655ms
655ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_audio_4_0_15.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e13c0f752a55229d736257cc2e162657effd14e1fcf402545e619da97a684d1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:58 GMT
via: 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41411
last-modified: Mon, 06 Mar 2023 06:39:58 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNV19JHN8EKucJQ0dOKEcv%2B%2BlBQSe%2F72C8gmKAKcdWtLTtKE4viByNOfvrDIUMpf02zHefWEmJppVHZ2q2r1%2FDRjBS7Txj2hWf6cLfTykiRkg94kGxUG75hxwQvBjMC7TnajgdzG2Poh3HLP%2BBa6kJvX"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389ac33a5a9043-FRA
x-mediapackage-request-id: Root=1-64058abe-06bef33744436dbe49fb5df4
x-amz-cf-id: tt_lllZgqf9Ls_rrxEXsHTY7HMGCLYxV1z5EBGZh143tZsPxUO_Cog==

GET
H3 200 index_video_1_0_14.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 29 KB
30 KB 240ms
240ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_video_1_0_14.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffc8d2568704df75144ba641454ceb5d87fc6f9126ea5d186fb81a71feaace09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:58 GMT
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29788
last-modified: Mon, 06 Mar 2023 06:39:58 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDOVcE2PpGvKoHCDbJTlZlSrHRTZCxmpZof6lYzPRbIU%2BMSPWMCUnkmKQUlA1Q05%2F8Zp4QyT3NIBaLdQqyZ%2B1R%2FM810Fp15aX%2F3IOV9hOGca7SXnKmJlyZypZ7DjjGwSDfdTqJNrHGW%2FXejwMotopoor"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389ac34a679043-FRA
x-mediapackage-request-id: Root=1-64058abe-4ac9e51f0e0d965139b20f75
x-amz-cf-id: Uii7EkJY9mYHrHs-PkGhQFWMEZAkjkbE3FD5vdfKu8czZOwvSb_Atw==

GET
H3 200 index_video_1_0_15.mp4 Show response
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 20 KB
21 KB 280ms
279ms XHR
video/mp4 2606:4700:3031::ac43:d4fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_video_1_0_15.mp4
Requested by: Host: easy-fengshui.com
URL: https://easy-fengshui.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y1d-7y0b-6y0d-23y17-4y1b-5y20-4y21-1y24-2y23-5y25-3y26-4y27-6y28-57y2b-125y2f-119y33-4y34-37y3a-11y5c-2y60-22y67-1&cmbcb=125&sj=x04x02x06x07x1dx0bx0dx17x1bx20x21x24x23x25x26x27x28x2bx2fx33x34x3ax5cx60x67&abt=WaitForHBShorterTimeout
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ba5a31533dcd6d06a988bc84f701dad44b5512bd527ccce44394f58ba464fb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://easy-fengshui.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 06:39:58 GMT
via: 1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20831
last-modified: Mon, 06 Mar 2023 06:39:58 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BdylCa3ITxbN0gdHUctp6OvlGogTlRDqBHgWNeMTS15DPp1htd5A1jh7%2B7MFKARU9otdxF1AdmwJwgwTBHUc9HK5dEOu6QTuc9vTpVkix4yh8%2FMCl577oFqmXYqj0Yeja0i4%2BBQrZtUBo2Ehunkw74eN"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: https://easy-fengshui.com
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7a389ac55be89043-FRA
x-mediapackage-request-id: Root=1-64058abe-52cd090e03ce9bcd739ea7cb
x-amz-cf-id: vrJ6cxVaf9GrI_7xQSoKa3iGOwGvbxX6lr2Og6foNsiGSyQqWTKcfQ==

GET index_video_1_0_16.mp4
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 0
0

GET index_audio_4_0_16.mp4
streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: streaming.humix.com
URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_video_1_0_16.mp4

Domain: streaming.humix.com
URL: https://streaming.humix.com/a8f8eb4bd1c479ce00682770852fd082/out/v1/70cf540a9acd42bdb4db512451ce7dad/0b404f708c214d878e7071e46f5679e8/17a21c18a5fa4f4ca6ae2aefd14bbd1c/8086454d73a5471c980670ce18c33a3a/index_audio_4_0_16.mp4

Verdicts & Comments Add Verdict or Comment

490 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

63 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.easy-fengshui.com/	1970-01-20 10:08:06	Name: ezoadgid_250341 Value: -1
.easy-fengshui.com/	1970-01-20 10:08:11	Name: ezoref_250341 Value:
.easy-fengshui.com/	1970-01-20 18:53:40	Name: ezosuibasgeneris-1 Value: 838f0a34-9787-4afd-7a98-4003f52533ed
.easy-fengshui.com/	1970-01-20 10:08:11	Name: ezoab_250341 Value: mod129
.easy-fengshui.com/	1970-01-20 10:10:57	Name: active_template::250341 Value: pub_site.1678084786
.easy-fengshui.com/	1970-01-20 10:08:06	Name: ezopvc_250341 Value: 1
.easy-fengshui.com/	1970-01-20 10:09:31	Name: ezepvv Value: 0
.easy-fengshui.com/	1970-01-20 10:08:06	Name: ezovid_250341 Value: 589304624
.easy-fengshui.com/	1970-01-20 10:08:06	Name: lp_250341 Value: https://easy-fengshui.com/
.easy-fengshui.com/	1970-01-20 10:10:57	Name: ezovuuidtime_250341 Value: 1678084786
.easy-fengshui.com/	1970-01-20 10:08:06	Name: ezovuuid_250341 Value: 043ad337-c4db-4991-70bd-ceb7e1615690
.easy-fengshui.com/	1970-01-20 10:08:11	Name: ezovab_250341 Value: vmod1-c
easy-fengshui.com/	1970-01-20 19:44:04	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
easy-fengshui.com/	1970-01-20 19:44:04	Name: ezohw Value: w%3D1600%2Ch%3D1200
.easy-fengshui.com/	1970-01-20 19:44:04	Name: _ga_HGYWCRQ4HX Value: GS1.1.1678084787.1.0.1678084787.0.0.0
.easy-fengshui.com/	1970-01-20 19:44:04	Name: _ga Value: GA1.2.1462555817.1678084787
.easy-fengshui.com/	1970-01-20 10:09:31	Name: _gid Value: GA1.2.2089986146.1678084787
.easy-fengshui.com/	1970-01-20 10:08:04	Name: _gat_gtag_UA_178426094_1 Value: 1
.quantserve.com/	1970-01-20 19:38:19	Name: mc Value: 64058ab3-7c819-fc710-221de
.easy-fengshui.com/	1970-01-20 19:32:33	Name: __qca Value: P0-1007042381-1678084787332
.easy-fengshui.com/	1970-01-20 19:29:40	Name: __gpi Value: UID=00000bc0f3163385:T=1678084787:RT=1678084787:S=ALNI_MYHq36mAlS2XlqNgofVtDCYNDuC8A
.doubleclick.net/	1970-01-20 19:29:40	Name: IDE Value: AHWqTUmstjNhCOuTqlMxHCgxJP2OwPJ6mjm0Ta_E1pTOPPbN1USBjMzX09X7QKwW7TA
easy-fengshui.com/	1969-12-31 23:59:59	Name: ezouspvv Value: 24
easy-fengshui.com/	1969-12-31 23:59:59	Name: ezouspvh Value: 24
.quantserve.com/	1970-01-20 12:17:40	Name: d Value: EAkBCQG5KIEA
.doubleclick.net/	1970-01-20 10:08:08	Name: DSID Value: NO_DATA
.yahoo.com/	1970-01-20 18:54:02	Name: A3 Value: d=AQABBLWKBWQCEAnPb93iAIu6V_XmkOYBc5oFEgEBAQHcBmQPZAAAAAAA_eMAAA&S=AQAAAiJe5kdtFq6iVyvsM5uE0N0
.analytics.yahoo.com/	1970-01-20 18:53:40	Name: IDSYNC Value: 18yx~2acu
.criteo.com/	1970-01-20 19:29:40	Name: uid Value: b4379d8b-a63c-4526-8a39-5b6dabb736fd
.openx.net/	1970-01-20 18:53:40	Name: i Value: c75b3b65-a8c1-404c-808a-e3d2bae28fbd\|1678084789
.360yield.com/	1970-01-20 12:17:40	Name: tuuid Value: 8a941b62-ad3d-401c-8dc5-08515ccbe6da
.360yield.com/	1970-01-20 12:17:40	Name: tuuid_lu Value: 1678084789
.adnxs.com/	1970-01-20 12:17:40	Name: uuid2 Value: 4275924572762062134
.ads.avads.net/	1970-01-20 19:44:04	Name: av-mid Value: 203e4f2f-a6e6-4aee-9d07-77adef125db4
.ads.avads.net/	1970-01-20 10:28:14	Name: av-tp-gadx Value: 1
.w55c.net/	1970-01-20 19:39:45	Name: wfivefivec Value: RUgOaEY51Pz4vH5
.w55c.net/	1970-01-20 10:51:16	Name: matchgoogle Value: 5
.id5-sync.com/	1970-01-20 10:08:05	Name: cf Value:
.id5-sync.com/	1970-01-20 10:08:05	Name: cip Value:
.id5-sync.com/	1970-01-20 10:08:05	Name: cnac Value:
.id5-sync.com/	1970-01-20 10:08:05	Name: car Value:
.id5-sync.com/	1970-01-20 10:08:05	Name: gdpr Value:
.id5-sync.com/	1970-01-20 10:08:05	Name: callback Value:
.easy-fengshui.com/	1970-01-20 18:53:40	Name: FCNEC Value: %5B%5B%22AKsRol_LgiK4eQfnId2pXppv10s7NLpZlIP0AZOYDzOpOTy0RXCj1Ls6pLqY69r5oA53irI36kaDrg1fJCF8eJggILTEUi1k85ED0kImeEOv2llk8XqWS1MqmOlSr9izdkXIYYDtg7i9U819muzE_Q7LR8UW40ezUQ%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.easy-fengshui.com/	1970-01-20 19:29:40	Name: __gads Value: ID=857dc3e5e1b593cd-22a7954544dd005e:T=1678084787:S=ALNI_MbXEBJmwVFW1uG1WRbAHN0T_WrbfA
easy-fengshui.com/	1970-01-20 10:51:16	Name: _pbjs_userid_consent_data Value: 3524755945110770
.easy-fengshui.com/	1970-01-20 18:53:40	Name: _sharedid Value: 54352419-c854-46be-8bef-0cb884b96b37
easy-fengshui.com/	1970-01-20 18:53:40	Name: ezux_lpl_250341 Value: 1678084792254\|b757f9b7-28b4-4f6d-749f-e980d68eff02\|false
easy-fengshui.com/	1969-12-31 23:59:59	Name: ezouspva Value: 4
.mathtag.com/	1970-01-20 18:53:40	Name: uuid Value: df936405-8ab9-4f01-b403-5f1d41963b97
.retailads.net/	1970-01-20 10:51:16	Name: ppb2172 Value: 2364595180
.lijit.com/	1970-01-20 18:53:40	Name: ljt_reader Value: GQ4PvGZH-kUbOFk_QRuw1KW7
.pubmatic.com/	1970-01-20 10:09:31	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 18:53:40	Name: CMID Value: ZAWKuvkvR.UciR4nfISAxgAA
.casalemedia.com/	1970-01-20 12:17:40	Name: CMPS Value: 2229
.casalemedia.com/	1970-01-20 12:17:40	Name: CMPRO Value: 2229
.adsby.bidtheatre.com/	1970-01-20 10:18:09	Name: __kuid Value: c576c0a1-3d2c-4cb9-94d2-6252bc9a6204.447298794
.pubmatic.com/	1970-01-20 18:53:40	Name: KADUSERCOOKIE Value: 4C177794-5503-43D9-8D4E-E971EDE84C4F
.office-partner.de/	1970-01-20 19:44:04	Name: source Value: {"webgains_webgains":{"timestamp":1678084794156,"clickCookie":false}}
.futalis.de/	1970-01-20 11:34:28	Name: raSIDb Value: 2364595180
pb.media01.eu/	1970-01-20 19:44:04	Name: DTU Value: AD355B40B64FCB3DF9233CB2E349200F
.easy-fengshui.com/	1970-01-20 19:29:40	Name: cto_bundle Value: MwNpGF9ETzFTZUw3VGE5bTRvdCUyQk1HbFJCV2NnRmZMbUEyTm9scTQyRHp4V2dGeEhxQkdwZ1REYVVWeE0wVFo0OVJtNThYTU1iWFYlMkY5SG1adElrV3psMEMlMkJ0VXhmRkZzdDUlMkZodFdpc0xoTDBxeUpZVWRncHVoUUNPNG5oc1ZLeXdUT2t4RExkMjNKUk9XMHJzampaaEkwMEsyUDV5dEl6Mkd5WlFBSlMxeEJKN09QNCUzRA
.easy-fengshui.com/	1970-01-20 19:29:40	Name: cto_bidid Value: cWkrol9SeUJHeVgxZ1lMV1lybHNaMlc5MGtrNkJ4VTAlMkJzR1RwWVpYciUyQlNXc01rUGxxS2hKaXJhOFJwQ0xJRFAlMkJoJTJCJTJCY0QlMkYwciUyQm1INUZzTXZ2b01XSnRuZG9oYmlsZnVZTXZiMTJidGlSWUZBVXNHYWZ5am1CN2FINW84ZTJ5YjFza0lR

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 459) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network	error	URL: https://easy-fengshui.com/wp-content/themes/acabado/font/librefranklin-bold-webfont.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://easy-fengshui.com/wp-content/themes/acabado/img/search-icon.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://easy-fengshui.com/wp-content/themes/acabado/font/RobotoCondensed-Regular-webfont.woff Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/17896160517819465728/160x600/index.html".
security	error	URL: https://ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
ad-server.eu
ads.avads.net
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
ap.lijit.com
api.webgains.io
basher.ezodn.com
bcp.crwdcntrl.net
c.eu1.dyntrk.com
c2shb.ssp.yahoo.com
capi.connatix.com
cc.adingo.jp
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.retailads.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
dclk-match.dotomi.com
easy-fengshui.com
ef8a948f29ac5ea4d0d647fb3a9e8fa9.safeframe.googlesyndication.com
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
futalis.de
g.ezodn.com
go.ezodn.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90003.redintelligence.net
i1.ytimg.com
id.a-mx.com
id.crwdcntrl.net
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.sharethrough.com
medialead.de
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pubads.g.doubleclick.net
pv.medialead.de
region1.google-analytics.com
rr2---sn-4g5ednss.googlevideo.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s0.2mdn.net
script.4dex.io
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
sf.ezoiccdn.com
ssum-sec.casalemedia.com
static.criteo.net
streaming.humix.com
sync.inmobi.com
tags.crwdcntrl.net
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
ups.analytics.yahoo.com
videosvc.ezoic.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
streaming.humix.com
104.18.22.41
13.224.189.102
13.225.78.118
13.225.78.128
134.122.57.34
135.125.160.160
138.201.63.117
138.201.63.145
142.250.184.226
142.251.208.102
145.239.193.130
162.19.138.117
162.19.138.119
178.250.1.11
18.133.166.146
18.192.139.0
185.29.134.249
185.80.39.216
198.47.127.19
20.127.253.7
2001:4860:4802:34::36
216.52.2.39
2404:6800:4004:820::2003
2600:9000:20eb:d800:6:44e3:f8c0:93a1
2600:9000:20eb:ee00:1b:5138:8a40:93a1
2600:9000:21f3:a600:a:e047:752:b361
2600:9000:2304:e600:1d:3142:8200:93a1
2606:4700:10::ac43:266a
2606:4700:20::ac43:4bf1
2606:4700:3031::ac43:d4fd
2606:4700::6810:5614
2606:4700:e2::ac40:8817
2606:4700:e2::ac40:8917
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:6b::7
2a00:1450:4001:801::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2006
2a00:1450:4001:811::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2004
2a00:1450:4001:831::2001
2a00:1450:400d:804::2003
2a00:1450:400d:806::200e
2a00:1450:400d:807::2002
2a00:1450:400d:80c::2001
2a00:1450:400d:80e::200e
2a01:4f8:d0a:2321::2
2a02:2638:3::3
2a02:2638::1c
2a02:fa8:8806:13::1370
2a06:98c1:3120::c
2a0b:4d07:401::1
3.126.56.137
3.33.220.150
3.66.136.156
3.72.124.192
34.102.146.192
34.120.135.53
34.96.70.87
34.98.64.218
35.156.29.78
35.177.30.54
35.190.39.111
35.205.207.25
35.227.252.103
35.74.107.114
37.252.173.215
49.12.16.151
51.89.9.254
52.28.203.152
52.48.251.105
54.220.176.181
54.76.176.197
69.173.144.139
88.198.250.30
92.123.37.164
94.23.99.218
0142db7f33a249d1f0861c64f7146ed5e6e05ec48d1614c98bae6b028f7fcd82
02a3ec3568817b27fd7df01a40953bfd56beed4abaf23ac7a6306f069e5bb4e5
0321cfd1a1b3396f46d29e918f7fab56a8d6d2f3df0540b4b5ab9dea5a0c329a
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
05e56d548ba73f6d6ef7bf78f6aef333d7a908f6d69b1a92ef96273c38b2388b
07797171a7bcce40723a85601551ce1867bf8a082b4e40a167cde372619f314e
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08f33897d80b04fa8fea8f88fae97f11e39fd640af1591661c81f103868ca46a
08f9966298220687808afbc8aafdabec798180d8dc44438bcd07b6273a595283
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c62648d959f944d65d056d21c6536f4073e1ced6a93da2474b8225bb9b0b050
0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836
0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5
0f9a1ab7f414c37204a3cfdabac2d389e3115a032be6251d424d07d402169ef4
102cad8b6190af1fda37cc6e745e59c6e3f9f971de4b2c45817c1ee1f7773d01
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0
10e22b90a9cf9350570451f00cae31ff23653f93dd934b597f71367a110efed8
10f89504f2829a2a0c6353575f03fd25ca29d9816f5c80b69e4d78fe5a97faaa
126ac5334a5bb8100a6ff16a54f62a0957adb7a1d704974bfc87a34e918a0168
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
16c1988a2309e89ab90cb88e42eb8868bd934adb24f7c5fe9c4577b091a9d54b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1888da43b77f67b623843c79c9916f71774042b15517a0470b9b2cb2f70b4fce
1b5682ad0fa6d22fca76d046e0c530d55412064bef7b359c0e09f4e81a9ef0a4
1c3fc598e97db88e9591acce88af0ee37d8a480e8ba48745786a24399b77729b
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e0a52e09f6a82103811fb05011f1487605df55d406ecaad89c68999d67f8ae0
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
22fb3a8821a3304ddc698bfebff4aa3e1e33992168d2b43dbc0f62231ec79e25
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
23c3766560f822d668a96abc491be27de5d5e64ec261044d33cb5ba012bedb58
2500cea629c6bbfc4ab85693f21ac707f0a92d02f32781a2bea98f7065e4fbd2
251c211964876f6ef599d0a5cf33a5ca9b8c1933926b9ae993daa63b97439af7
2552de0afcc6e4049bdad584e3cebcbb10c1917acf38ede9e8e8e20e27e4415a
266ff87113e10d2f93c635bc255331b2b3e1931b8e5a767cc9bf37e61639c05d
2877be55d7a39fc91423546426e2218fac7ce92d93e9c49be99533fca698dfd8
28f8b896c7166250a04bcf961069e2df841ba956f3da9d308a718034f877dc4d
2b104db680a9d1df48409a24d2f18c31e2867e67e921c44b00c72b22d9762bb8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e41953e01b926414db703bcaa77c65e929bec6e2d750a252124f0c82d41973a
2ea7942aa142b52b622882cacdc3373be6c86d6a93029b2efb8ed2230b3f7783
2f38486d9f3d66dad63fa3905183ec9cc7dbce134e01d16cad0c3c0a48093726
30a8cbe1fdca539da81c7b465dd141662356ac5e4f71f5e1ce3a21f9f88114b4
3136cfb1a121780a820c16628f03d0bc087212b1adaa4d4ecff40eda85aa7d6f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33ee19be104afc917d617cd770f15a4d981dbd3139821b5104d8a0d8b3619dae
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38e0393d52ed4bb4ada8ce4f79880eb5b606d48d589f00d5a4b1630c9e815985
39e837347fa7662f433f7c95624cabf3afe34ecb591af2679b2ea7779fbeec89
3ad6b4cd9fdd1156ea742d8806d7d22f787ac9570a365aaa3a4903e25fc820c6
3c734c5fdc27b951cb017302173f988ef8703c8d28fcccc78543c7767371d7f7
3ec2259e4ebb4b2721bb3336e4dbef8744b16b7d6b834ae18aef67f986c16248
44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c
44fc64c34b3ef84f4f56cce445805ed882a1cae0acb0535f39628db5510d2825
45adc2a528fd3a45aa632b8eed770b59df10adcd782c46cea403a79773cc7e08
461be29dcd62f5365ccff68195e200aa641669f9ba643b6b8f90b8db055c0d76
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426
486a28fd534296bf49f330e1c940f9f5ef75aec61974bdd9dd828229a386c4bd
48a3803c66697398863063eaad8263078145e5d97110d0b777a7347640a5afc6
4ab3d721545144bde4847da681ef8cbdf51e7c899bc224ee990e21fd3bd6beb0
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea737ac05e8ee5e490220d97b820834c18cd7c6f1da7d85007a51a5c64425df
51ae2a6d7177b3c5e74e25844b26e0271028a782ff499879989a765d76ee0f2c
52734ffc9ed5c328ac20a2b1bd1177ade6dd2a4279d2445547fffdd5d1f5e2c4
52886e55e7c66554dcb65b9fe4743220961c7bb6f15b131d7ecd81fd00bad8aa
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5b1546ae8f493de03b1ca99f9f955a20785679be18625354b363f2f8311f421b
5ba5a31533dcd6d06a988bc84f701dad44b5512bd527ccce44394f58ba464fb8
5bc213b2817b7ac13a1bffdb6cfd8d468127367234856c61d71a5ec29750ae7c
5c409b1e7e42a519e681820d28d8b48f57ebdbb4491ba0d84d40c46d698ebfae
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c50afa29fa16702f9259ce6c86cc48f4c2c871d5c0926132d27cbd201b26d20
5e83fe0c4fb2666c911d1f781e8e10e32413180acdef0421464035b542697764
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f4dd40159d28a047d2a6e4d7bc6f44d69f00435bd7f200a9eed1106327deba0
60765d01598150b48a0636ab1f1098e0e773224174643fd635b2aac2c43b8ba4
6107708906a0e42a641492563f496eaf6e60d3d8f16e8959552529e14bd99089
613d6bc3b776a6f38a7b3592c3a502e88d5d8d3b9f54bb4ad9002b318fa432ba
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e
63c4a819b4c958f33d3c7595a39731f0ee1376153811f34d3dc39848ec26295a
63ffabeb0bea35922c70744a544bd15feffc90a645886a93b427b4b5abdcf4a8
6586648e49662b1184982f356c4f473f2c78f270da364b4566571148ca4487c7
67c69a97f4f1243e428c64744e1fc3894d21bc4491e106c67c7e9fc919d18aa4
67fe79ff44204bf0285713b29ceafef5569a5609efe9053d1100894eb3c60b77
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6ca44caa743f976b97e6bbca105b2ba1493a8695d8552738700e00433e24044b
6d6bf212551d0d73f02a62d4c317004ef9a56631cfb3615a6e6e45519e93ee7d
6dacc6675b1c1e50b22a697f556e42381d75e1c8ec33990d6af74e13c42a987f
6f4b433cd59f24fe408f546e04bbcd8ee034298daad5d92880ff7b75e3136c3c
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
72e5a0e1ceffe4cdf684145cb818dbb482c68f3f848a0f8d41d08ed6d93a926b
7408992c59bd0542e87e0d368aedc4e70d4567bc189cfd169371823768e85cd5
7794da2d442708314bfc4917526841a6d6920f49f9a6f7e2ef0b9e2749e3bd7b
77bcf93b6c4308de5da472ed47db16fc18add3e6e6ea7dddfad4677acb053e1f
78612665cf7a78bf8b21397f0c04edf4a8bd316ab1a02cebc0401c0006fa0401
79b87df922384438d3c4a7e6f3b2ebaef856e7b2ddc5f15e279dc7167c33553c
7a108193a3c54e5c07c1207c0e38b0279d9cddc0fb844fdbdcaf82629ec69eb8
7aa10481626bf2fe0c7b6cbde656eb28be81448192862262c1aed9d829be95c0
7e6e0b2896daa0cf747b87ac657aeaeadc3b9e65f23c4cd87a4b740ffcde5a6b
7f3c29623aaab8fedbbe88580ae2c726d3de75e0e7c1f70eb37b7755d6379c74
7fb5e67765b77e546652893c4784f023254f7c5e035c742d094051609f6e58fd
818ffc2a09f6881013a17ab99520367fad8c114a72d74c08b0754868d11d1627
8313ab108ad0c0ac61598a60a24f55d66f38fb426cdedea620424c4ef4bb41d0
84b742c171dadedcad5db808d8dca7c9b19487365533eee7919cebe8e88c3cf6
8604a9c66003151f0f574b79abb7bfa51c33057ed61f0b1b70fc5f4ccd756474
87e152b831727ee3a1f417f04efce6872ea0e229bfdd54a0a712ae747b2640aa
89034913edadd54fa431c5415ad5c8e7a04de17e613eec67bd030674ee456c39
8c3d0a9c7875a52a4f250ab028d21c7b15bf53d9ef13fc8989749a48de75cd1a
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d1091b993c1a19cdbb62d4038a3e9d26968cd5ea82b6ab3230ec39c2de64888
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f754eea03f99491e935fb1d6a67e6a729dfbf6a6fd5c060716e5c3a725526e9
911278c96e081d629c984f85b93e7cdb5c2baf7142541a1b6e9797c63e157874
939bd5e7cc2c0d907e58df3a1871bb0d1230329575c45933e484ba2dd67c153f
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3
959a87c14e5b4e80327ea0e4c321ae1a8b1dac7162f700d965847d037cd1b779
99763ca9417f2643ce1c05693b501795f54074d7181ac25882dd84ccee4b95c2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c81090aef65b8f5c711c5571ad439669b621e60d1966b175353f5ad0ec7ec3e
9ca1e42809df2cd21894922d1535a36406184ed88dfe665a0ca32dd9b18f68ac
9df4cda65d32663b18841da783940ec3b7e40efb8d84c037d03d63b65ee6b5b9
9e17f10f3a9e3f973c9a5de97ce8ce84f79b4653f26e8c2ab8c1fd906e8eda95
a0302fcf9ee08aa92dc83d60a9016ea9b622c772d1d67552c9b8e42efaad02dd
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a15af39562d911c6bc1f6e675bcb3230e52c5fa9d6ac59db94102016dc28f020
a41fb5dfc2e5f42d85e76ccd718d24ab17e17644ecc5ccbd2d06e150148cf29f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5242d2e5d2b87110d894c303a479b0a7a94662e21979e27d565a92d43f4ed29
a679a175c432ce8791d103797844eee5a5185d33a87c45d2324e4abaa7267a45
a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a995b437224ceb0d2a5d254b09b02538475c477c480aa11c5c848690f8f391b7
ab4951c5ded40829c20b79fdc202d5174b39409f2f895487de1c38b01b38e164
accdfd1ed287d30475e76e8a486c57f5251940b8137efb68ceec84bc8f63b6e9
ae22285bc52c5011232e5889e7db16760704e3d9bb6d6e9328009b9a3e2707cc
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b06a9c627a410082f572f9908a7b5cc3676b2ec5f173d35cc30cc1bfa7ca63b8
b090762817567e64845a54e10639f18d9bcea2abb40d567544ce9c6ada08f366
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3e5e8b8d89a50642fff5c645551f90adab3578ff8011d76f58ceef067c8bcb2
b650b17b817dab9ef4f91009022b1772f71a5b6913944091fd05f2c5ad6b3d28
b9694a9623d72ad3c3f1b01de730d582b321b6dd2310fd8012d270516ff6fa7f
ba373e2d84a363fdc1912592efb2fc4a52d882598942aef457a192ba85ba84da
baf878cc708bd8cb39a5bfc15dd9360e9a162a3d0fb140ce22867f84658a3fb1
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
be0bc1ed805eb246f07c3efbc4d8cb5bd0237612b10ef083dedde40455f3b40f
c089ffa9c5f92974ce4da0c9dfb30d0733fce5c7159795f833151a6588c15ff2
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c12e54fac2a52a04d3c8b0c7af32ae3ddce2134dcbeeae215e2e1ec691dd9aab
c131d64323cd52cfc1b0b2cca82e13defc13f24e0e7b504dfb90dc9e487855bf
c14c44f9400c6362d84a6d1e30955fb1b648bbcf248ebff1c6730687cfc17fc4
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c48464d45ee33f212ce14cd3a74e44e33b005590a9a8ee80c0f558f399dab270
c4c580235f347a00e215ca15a6662ec5cde7f50bac649df3f616c76e7c944c1d
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cba3cb8e71b2dc659ffc15c6878978867d86417c85cc0ed4fbeea3b69da24c7c
ccd9121a14b7d9a66e942de02634cb4058f3b8faa32ae268a14fb6a8fe301d4e
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cedbc25e5b4620fcf63b979f97ace45dc466f0916d711242bfb166c5e4bf131e
d082957fa5d792a997b5a5764411df45da4132e9b843a054408da63bbef5a67a
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d21b0147f19d1d84ade2b65dd96dfac303679b86ce38389210413e8e5292d25d
d5b2a6f4dc074e7392d4713068c520d8acea17dc5e7f0772b9079b32d277e74b
d5ceca19f2aeb63326d763c3e6a126b02d33813c9fd3780d8df82977e40d7a45
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
df321e3d2676c25fd9c205db868a3c831f8af8cf22641800ca5cb0a63c168bad
df955c68960b0a017cfc5f2f2e50e3718809e4c64e0482da558c67dfd19425cf
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e04dce573439bd415aa45fe4e8efb20d8918f8c42d5230363634e5905eec68c1
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e13c0f752a55229d736257cc2e162657effd14e1fcf402545e619da97a684d1b
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e24481ab117f8ea5c8a8515090256ce7ae2aab680c8a6f78f840f323c046f2b7
e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e444ac06cccde32f7aead9684732cef25669e4d657c1a617feddffbb30f3bd82
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
e6cead609d342bd202f23b8fa86aff54f2503372d68ae63acca87e7dca2bec15
e79daaedf814d614dbc1ff10771b727c4e44f49842d4dc058e8b7ba1c3b913ec
e8caeadac8b22f021fb30c1429fad91dbf342fc78a36a6b08d32157fac9200e0
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea9c289d8466ccbe72040502b7ca2f25ddd420ab20d6f3f7a17f8b7f0ec330d5
ead4182fc526e266914f8a9169391b104d2d22138b3307c310de5fdf3f8eca59
eaef299579fe997d9aa9f1d8b5bbafbf47cc163a1f29a777c4a2e3adefb34c17
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
eead5013ebc860c4e87849139ebc00fd9a1375831f8c45e5fb713498e130258d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef54889dbe3a25870400057fbc1ac0c149919f9a72a7530c5624ff369c1b241f
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f08bda7e60fadca736bd7ed81684d6dd9bd11951aada10c84e66cbeac3c52197
f180f560d82a7ab2310ceb4a1321e4783e227ad0a236d3b0356090bdeffe72e9
f2bdb36ccc38913f2adbac80f4248106f779f1ffd144bd0a4837fbc4819d9e2a
f31aaf80ee9805274ec245affde9dbebe691f71c9ffe9c4f91eb0672b47033f0
f43ce2e7be01c27ef3d0e2857602d7e150a1135a7b269dccd5582af48b1e9725
f4bb742125e422634b8497ad34c809ca32a01659d928609b8d4b2b7b0a83815c
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6065e8b9394ac63e10adbba6138c9cceedb66763fd84fbde620c97119520304
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7936229441aa3c84bbd8f9978b2c27e35e6c2da2f34b078d8546f1818eba7c7
f9c708dab78f918ac429ae790d68f13cbe12e678a4d984e83eb4d9582c5a342e
fa3ac0d7a9c6f61ab3ceb9b0c3a157d4d369e84955659ce69d81fa72f198c189
fb43a04359c7334c6cc6551d81f9e5ec0ceac67b6e158319f6da7195bda3b33f
fbf8b3ad8906a7d8225553508cd653329c930b8e0443bf82efabe2bb1652388f
fd5e4396515dd743bd0aebf5fc9588334e462c2045237339319f02e083f648a0
fdee3a3a36ac0545d4e302737dc029e4ab4c3370da8d11d7ee86feca140ee550
feb3bc258c428eb136ec35817f6f689c2a43dc9f4d876b7fcda7fd42ff60e8d9
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ffc8d2568704df75144ba641454ceb5d87fc6f9126ea5d186fb81a71feaace09

easy-fengshui.com Open in urlscan Pro 3.66.136.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

378 Requests

94 %HTTPS

47 %IPv6

63 Domains

90 Subdomains

72 IPs

14 Countries

6302 kBTransfer

11751 kBSize

63 Cookies

4 Outgoing links

Page URL History

Redirected requests

378 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

easy-fengshui.com Open in urlscan Pro
3.66.136.156 Public Scan

Screenshot
Live screenshot

Full Image

378
Requests

94 %
HTTPS

47 %
IPv6

63
Domains

90
Subdomains

72
IPs

14
Countries

6302 kB
Transfer

11751 kB
Size

63
Cookies

378 HTTP transactions
14 data transactions