a2zapk.io Open in urlscan Pro
2606:4700:20::ac43:4b79 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://a2zapk.com/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
Effective URL:
https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
Submission: On August 22 via api (August 22nd 2023, 3:25:01 pm UTC) from US — Scanned from DE

Summary HTTP 352 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 37 IPs in 6 countries across 29 domains to perform 352 HTTP transactions. The main IP is 2606:4700:20::ac43:4b79, located in United States and belongs to CLOUDFLARENET, US. The main domain is a2zapk.io.
TLS certificate: Issued by GTS CA 1P5 on August 4th 2023. Valid for: 3 months.

This is the only time a2zapk.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::6815:929	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 35	2606:4700:20:... 2606:4700:20::ac43:4b79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:830::2016	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	204.79.197.203 204.79.197.203	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
77	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
21 28	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
13 27	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
13 20	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
63	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
9	88.99.219.174 88.99.219.174	24940 (HETZNER-AS) (HETZNER-AS)
8	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	85.14.248.91 85.14.248.91	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 4	138.201.135.164 138.201.135.164	24940 (HETZNER-AS) (HETZNER-AS)
3 4	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
3	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.22.42 49.12.22.42	24940 (HETZNER-AS) (HETZNER-AS)
3	138.201.220.30 138.201.220.30	24940 (HETZNER-AS) (HETZNER-AS)
1	3.9.45.49 3.9.45.49	16509 (AMAZON-02) (AMAZON-02)
2 4	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
3	2.20.213.154 2.20.213.154	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.222.139.14 52.222.139.14	16509 (AMAZON-02) (AMAZON-02)
1	13.227.219.116 13.227.219.116	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	18.135.31.191 18.135.31.191	16509 (AMAZON-02) (AMAZON-02)
352	37

1 2606:4700:3035::6815:929 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a2zapk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2606:4700:20::ac43:4b79 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a2zapk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:830::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

a2zapk.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.79.197.203 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0003.a-msedge.net

srtb.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

77 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 142.250.186.130 (Grosse Pointe, United States) 21 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 185.80.39.216 (Canada) 13 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 185.89.210.101 (Frankfurt am Main, Germany) 13 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

63 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 88.99.219.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.98 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.91 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.135.164 (St. Ingbert, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de

hal900015.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 145.239.193.130 (Valence, France) 3 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.22.42 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-3.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de

hal900016.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.9.45.49 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-45-49.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.70 (Grosse Pointe, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.20.213.154 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-213-154.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-14.ams50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-116.ams54.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.135.31.191 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-31-191.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
113	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 163	670 KB
63	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 352	998 KB
59	doubleclick.net 23 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228 cm.g.doubleclick.net — Cisco Umbrella Rank: 261 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 179726	431 KB
35	a2zapk.io 1 redirects a2zapk.io	94 KB
27	casalemedia.com 13 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 760	19 KB
25	googleusercontent.com play-lh.googleusercontent.com — Cisco Umbrella Rank: 528	186 KB
20	adnxs.com 13 redirects ib.adnxs.com — Cisco Umbrella Rank: 275	15 KB
16	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 40248 hal900015.redintelligence.net — Cisco Umbrella Rank: 330336 hal900016.redintelligence.net — Cisco Umbrella Rank: 213798	106 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	396 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 277	120 KB
4	medialead.de 3 redirects pv.medialead.de — Cisco Umbrella Rank: 44946	2 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 27613 api.webgains.io — Cisco Umbrella Rank: 58267	18 KB
3	awin1.com www.awin1.com — Cisco Umbrella Rank: 17983	2 KB
3	media01.eu pb.media01.eu — Cisco Umbrella Rank: 44216	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	2 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3 adservice.google.com — Cisco Umbrella Rank: 126	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	221 KB
2	gstatic.com fonts.gstatic.com	30 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 145371	6 KB
2	disqus.com a2zapk.disqus.com	2 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 74227	3 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 43802	2 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 225438	401 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 199945	931 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 12286	60 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2102	250 B
1	msn.com srtb.msn.com — Cisco Umbrella Rank: 821
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1212	7 KB
1	a2zapk.com 1 redirects a2zapk.com	535 B
352	29

	Domain	Requested by
73	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com a2zapk.io af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
63	s0.2mdn.net	a2zapk.io s0.2mdn.net
35	a2zapk.io	1 redirects a2zapk.io cdnjs.cloudflare.com static.cloudflareinsights.com
32	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com a2zapk.io af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com googleads.g.doubleclick.net
28	cm.g.doubleclick.net	21 redirects googleads.g.doubleclick.net
27	dsum-sec.casalemedia.com	13 redirects googleads.g.doubleclick.net
25	play-lh.googleusercontent.com	a2zapk.io
20	ib.adnxs.com	13 redirects googleads.g.doubleclick.net
15	googleads.g.doubleclick.net	a2zapk.io af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com pagead2.googlesyndication.com
9	hal9000.redintelligence.net	af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com hal900015.redintelligence.net hal900016.redintelligence.net
8	googleads4.g.doubleclick.net	a2zapk.io
8	af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	www.googletagservices.com	a2zapk.io af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
6	cdnjs.cloudflare.com	a2zapk.io s0.2mdn.net
4	5994599.fls.doubleclick.net	2 redirects af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com a2zapk.io
4	pv.medialead.de	3 redirects hal900015.redintelligence.net
4	hal900015.redintelligence.net	1 redirects af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com hal900015.redintelligence.net
4	securepubads.g.doubleclick.net	a2zapk.io securepubads.g.doubleclick.net
3	www.awin1.com	af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
3	hal900016.redintelligence.net	hal9000.redintelligence.net hal900016.redintelligence.net
3	pb.media01.eu	hal900015.redintelligence.net af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
3	fonts.googleapis.com	af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com hal900015.redintelligence.net hal900016.redintelligence.net
3	www.googletagmanager.com	a2zapk.io adv.office-partner.de www.googletagmanager.com
2	api.webgains.io	analytics.webgains.io
2	fonts.gstatic.com	fonts.googleapis.com
2	adservice.google.com	5994599.fls.doubleclick.net
2	cdn.retailads.net	1 redirects futalis.de
2	a2zapk.disqus.com	a2zapk.io a2zapk.disqus.com
1	cdn.track.production.webgains.team	af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
1	futalis.de	hal900015.redintelligence.net
1	adv.office-partner.de	hal900015.redintelligence.net
1	m.exactag.com	af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	srtb.msn.com	a2zapk.io
1	static.cloudflareinsights.com	a2zapk.io
1	a2zapk.com	1 redirects
352	39

This site contains links to these domains. Also see Links.

Domain
unlockapk.com
t.me
plus.google.com
www.youtube.com
telegram.me
www.facebook.com
twitter.com
www.digg.com
www.linkedin.com
reddit.com
www.stumbleupon.com
www.tumblr.com

Subject Issuer	Validity	Valid
a2zapk.io GTS CA 1P5	`2023-08-04` - `2023-11-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-13` - `2024-04-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.msn.com Microsoft RSA TLS CA 01	`2022-09-08` - `2023-09-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
redintelligence.net R3	`2023-08-11` - `2023-11-09`	3 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2023-04-03` - `2024-05-03`	a year	crt.sh
*.media01.eu RapidSSL TLS RSA CA G1	`2023-05-16` - `2024-05-15`	a year	crt.sh
adv.office-partner.de R3	`2023-06-30` - `2023-09-28`	3 months	crt.sh
*.futalis.de R3	`2023-08-15` - `2023-11-13`	3 months	crt.sh
pv.medialead.de R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh

This page contains 41 frames:

Primary Page: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
Frame ID: 6D77537023F0C3C70C7AAEFB878742C2
Requests: 73 HTTP requests in this frame

Frame: https://a2zapk.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Frame ID: 7D75763EB21D239F3CFA87A8110BBDCE
Requests: 2 HTTP requests in this frame

Frame: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 87DFE302719903EDE64588E98DD2E87A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3E0167ED7E2DB2185CB4B72892DFA5FF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1A2B3EA40AA6C3CC34484579FABC65CD
Requests: 2 HTTP requests in this frame

Frame: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 740E4F3153F841C00E53911E61E61735
Requests: 3 HTTP requests in this frame

Frame: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3730BAA5FB92A45DD19CF2B3E4D7F848
Requests: 21 HTTP requests in this frame

Frame: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2F1ED77C4863D29B227223F38366DFD0
Requests: 19 HTTP requests in this frame

Frame: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8C8F8852DF81B1ECDB71D656C08AA5B7
Requests: 19 HTTP requests in this frame

Frame: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 329350B339F8758562A0FD84119675C9
Requests: 19 HTTP requests in this frame

Frame: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D01A9375A3AE340705FC0D2222C81925
Requests: 1 HTTP requests in this frame

Frame: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 215F22A51D4DB18EDA26C512B729FA40
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYvLrw0AEwAQ&v=APEucNXpTLIuLD1B8kTnHKEOkLMsh-5A3B1tVe3JZn0VlrwGN_L8PNiI8MZOfyo5se-HZz8I2GVu_xvC0bAxYbN845FCoGKcMyvU2TX_-25jOoDfj3iLEpgTvuFqHz5KeYgwqR3-iwPLyoa4XLIOxySrJ0gz915RwNPhzh2J59nBER-p6Bff7w8
Frame ID: 4E15F1FD059CB974E6AC515CA8D9FEAC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 468994712599EB8D8603FBBE4DB920C8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3oLvGATAB&v=APEucNVrUr4P7hsPAe0kI59iCUZLeBCdMabspX8byI1Ev8a0ZNv6xq8n3B1y5VTgwNK0hcsljL25bRfqKGLIdeqKI81gx9dH7hVHw5fJ4PNj5E1oDCN2UqB0e5u8TEb5u44DbnSm9U4Vu5OEeYz43qPLSWLzqo42d0U9bT-ydjFudi2KosdM2cc
Frame ID: A5CB6105F9BEEC511A6A1F57FBCB13A7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYm77w0AEwAQ&v=APEucNVDQg4kIKYUrr7LqtHMiA_4ISHqqC5iuzE4Td8oSDj_eS3ACad3rIjguQedo8Pqp9AkaS3_YTjPb91s4JAtdzdL1nKBnN0VPDkd_fYkxINu2m3vOKx9Tc9CtqvKCDkXqu-_UO9yqrGwjAA18bTPsqczKeu9elhJ_ArS2Wbdaorw2TuaoBg
Frame ID: 9F47DB8CA4AD596CF2CE22DF15944C8F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYvLrw0AEwAQ&v=APEucNVFstFfXDEIEaMxTFtrqd9EwVlW9mTIaGMaLMGX-UTm8Wr_bpn-MWRENDw8cYqGLSuQ8qGLj39zLINod3M8nq---p4QS2BsR-cMRp8vR0pAwETu7Ftg9AZMIe8gOX9JbMKilX7vEzFW7_EIDr3TgfDWbwZnNFzc9Pdn8Bel2MDPk8SZ6RQ
Frame ID: FD20F6B3D11B0955A539AE4E9CD03AE8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGKOsr_ABMAE&v=APEucNVdZYaAK4dk83GqfERf72UunDXRjnqAyQlziwkxuZsZg46w-w5QoiPZJZHf_h0u3jVqGR-gxLnf60ozrfRfb5zgNzlT0xfdVbDkqYuPOX--Rny2XV9Dp_ZbYUaCDJXBbzzww6EjHQ3JQqGNFEM4P3vaRMdJBqN1B3bxM9lsLmQKqvlYRMA
Frame ID: 568B47649C934AA983C77A5CDB7A5608
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYm77w0AEwAQ&v=APEucNWbFYf8gJIsu9jpUdlVGUZh_2CMeeVmUK5tkj5h2jZvwdjO_XxIm0hiHNR331XmdKDAbiz1HIifFH__TL116GJMpr-hY6JZ0sBKEyKzQ-QDibZvlODxX7QIoCx1ghGAHTzfZZPvfWxQmHXTMzlu68817c1lZiU7HWdB7pwrqtPNLml_z9Q
Frame ID: 0AF4D8F5884D75FF7A4CB9CC7E7104A2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 5584345B9B97A062431EB7DFC35C404D
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXBA88pAaRtGCD4GE91LwRRydbMHBqEl0nBmMwhYLrKb1Nnt-61wBvhyBIS_RSC_eSmsLeAXaVGIRzqrPQy5gaaKvXBkN2-YxwyL5l-rAnM8s-48iyrGRs1C0lAX0Izmi24yV-oax0YP6AzSl7FYtReZe1eM6PxPrpbSJOaL0bdmUk4D0Y
Frame ID: 9659656A86C5F330EA2092A95ADC576D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 27D8C9BACC54E31B09F78E5EC0BAF10C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
Frame ID: 106C0DE02CE527351A2E616FC8EC5990
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D4B687DC1940082F20D66A02F5F5F882
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
Frame ID: 935BB54A102A26586D6C860DF9CEBD95
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
Frame ID: 2752E42954C67BEE0197BE29D17BFD67
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2962663798543763056/index.html?ev=01_250
Frame ID: 1AE903F85FC8BC08B345FB950B305380
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A2BC52AAB48865E7342F17F2A242E17A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
Frame ID: EAA01EC913DFAE26083FA7045EF3BB47
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 945E3DD5AA6FBE45A27C7B48823043D6
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 88C6630550FDC86610C4AC4160F8B263
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F52FBB94C8A987CCBDB1AF65E1DA28DA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 59D1F7AD553BE4A88287896A2B62C9E4
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24815000087975004445008012424015&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 7D796835D2853C7191FDA8643AF66F14
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 7476DE8DE5F10E62C4BFCF59D7E8D1CE
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=64e4d348e7656cda16c10c1d&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
Frame ID: 5BC35D50CFCDD11FE3678F0809CF0ECB
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3012214761
Frame ID: 8BC3BFAE2DC841E8A4E95352CB1A0272
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJiGtsfJ8IADFZFMDQodbqYL-g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1700840983553.48
Frame ID: 1691D2FABB7E87B8C7D8BC2E6C6F9EAC
Requests: 2 HTTP requests in this frame

Frame: https://hal900015.redintelligence.net/request_content.php?s=24815000087975004445008012424015&a=e5864b12
Frame ID: EFB7A32CD91F9C3F9C56D0417BE38CF5
Requests: 9 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTMtsfJ8IADFVwNaAgdkZAJoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6492611785743.125
Frame ID: EC858C5F908FDFCF21D932075A19F391
Requests: 2 HTTP requests in this frame

Frame: https://hal900016.redintelligence.net/request_content.php?s=96456800092786404444550012424016&a=d3df5ed9
Frame ID: 97E19C099C837DFA971D26FDEA0817CA
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CAIXA Tem 1.47.1 APK for Android

Page URL History Show full URLs

https://a2zapk.com/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html HTTP 301
https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

352
Requests

91 %
HTTPS

49 %
IPv6

29
Domains

39
Subdomains

37
IPs

6
Countries

3309 kB
Transfer

7555 kB
Size

25
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://unlockapk.com/tool/
Title: AdFree Tool(Remove Ads Online)

Search URL Search Domain Scan URL

URL: https://t.me/joinchat/AAAAAESkO8aXp9DwuS7O7Q

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/103172325778829268165

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCIPgMksz38ODT5OU4a8py_w/

Search URL Search Domain Scan URL

URL: https://telegram.me/a2zapkofficial

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://www.digg.com/submit?url=https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://reddit.com/submit?url=https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://www.stumbleupon.com/submit?url=https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/share/link?url=https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://a2zapk.com/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html HTTP 301
https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://a2zapk.io/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://a2zapk.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0Xnb7KoPgDk3z5QX_s9sM&google_cver=1

Request Chain 135

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOTTRqtQl6QNtpyq.4kOxQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1

Request Chain 137

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1

Request Chain 139

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOTTRqtQl6QNtpyq.4kOxQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1

Request Chain 141

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1

Request Chain 143

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOTTRqtQl6QNtpyq.4kOxQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1

Request Chain 145

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1

Request Chain 147

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOTTRqtQl6QNtpyq.4kOxQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1

Request Chain 149

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1

Request Chain 151

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOTTRqtQl6QNtpyq.4kOxQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2

Request Chain 152

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1

Request Chain 153

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0

Request Chain 159

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1

Request Chain 160

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOTTRqtQl6QNtpyq.4kOxQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1

Request Chain 162

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0

Request Chain 182

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1

Request Chain 183

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOTTRqtQl6QNtpyq.4kOxQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2

Request Chain 184

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1

Request Chain 185

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0

Request Chain 293

https://hal900015.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=75b846e833&subid=&uid=92503b835e86705a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRqJaRdPkZMmmC4XE7gO0gbnoBKblvaBp5Zicp8kP8C4QASDeuKidAWCV8v2BlAfIAQmpApzIbW2TRLI-qAMByAObBKoE3wFP0BFkV1CfYo4BtDAy2SlqPSuKrF4vt2u0MoW4B4iCLgGD_9XrMDJWuvQo1TSosrdGkYpN7tjT5SqnLljZaWNVMkWE02zCUGA-CGgaElcxyL7GcYUQhdYq1EB0NhLC5vxA993UuT-NrvnYWBLjxo53J4SNXz3LiuTox0YqGzH3IMuaA9_g2UMxDHcJsYgR6ZE-F5Xv0RfPr3R1PgjkRm5FX5yzlyB0IEhy1yRAEiZ3opYLkElpIny8jXxGl7z3fp43c6u0ur-gFbg7T2HN_VCosN379mw2nskxG5OTV3mdwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIid3pxcnwgAMVBaJ7Ch20QA5NEAEYASAAEgLh1_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ%26sig%3DAOD64_1LXy86Tb20gTm1Xeis9M0Qvk0E9A%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Ao8nP58Q2110b9HpxOPXPHE4EZin4Vo452_7IfbW582IiBbZ-BF4nfN0TZ65nKkyiE4XIpLpb_V7udv5-IioOk8jaCfUx4uwYo91JkFkZgAfltAxhDM5XFwyQQplXi178AACFJfPtNYUESiZBgriA7lhKiX2UYp8IbW9GZ6HBbRt5Sse0%26cry%3D1%26dbm_d%3DAKAmf-AOzv1gG6lWEagY4EyX-KA7pBy5sUslpFfLB_LIeaFNaLb4glONEn-Z3XPA5uy2JR344_Z8PB8S4HyaDSQP3uSZ0sGbztIuLS5U14QyOXQbIgAFhV-bwqoKyk8liin8yVlOGk4CoxY0HcBursaMwSpacqZZKZF8NQorQy37yd0XU5T0fl--Me7_Ou4FbouVdsYoNv9Es5LqVke18ozvwndiu6YjJWiYept0HGRJmtEHM1PLaXDSTuUX_TWVWNrggztUagVUixFmtRNqgh27ehhU1jJZh_AImBpahVoQoXAgiSdKludQkFndhY-dSVMDzAVCrjAKSazbvUQrJSw6B6dyLR-lsLK7PeeTa7GFeQa8MyVRxR4jOQiT9aBdHGfGyduovf6n6itFd18xkrvrgWQgQ0XKKPFQc85OL5avhDqKOOjS-Iw3DWMFR1q9Mulp_khY63ufuXpXQ3B-jLY6F3keyJdKRzc26OAqnrHfqLaA2hRPFebt59fiuxsNLDNj-abwBUJxu8yoZOoHpt6905jR8StpKcF2VyJMAiP7QnfDm87x3ctG3PUf2J2HgY2I2Db01MJ8OQ7Pm3z0vL1qX9SXbvkP7IGxjOl9ppAWcrzxOXZwT7f-Hzgc9oimbC3gJNxVgog1%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=1517097769546&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900015.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=75b846e833&subid=&uid=92503b835e86705a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRqJaRdPkZMmmC4XE7gO0gbnoBKblvaBp5Zicp8kP8C4QASDeuKidAWCV8v2BlAfIAQmpApzIbW2TRLI-qAMByAObBKoE3wFP0BFkV1CfYo4BtDAy2SlqPSuKrF4vt2u0MoW4B4iCLgGD_9XrMDJWuvQo1TSosrdGkYpN7tjT5SqnLljZaWNVMkWE02zCUGA-CGgaElcxyL7GcYUQhdYq1EB0NhLC5vxA993UuT-NrvnYWBLjxo53J4SNXz3LiuTox0YqGzH3IMuaA9_g2UMxDHcJsYgR6ZE-F5Xv0RfPr3R1PgjkRm5FX5yzlyB0IEhy1yRAEiZ3opYLkElpIny8jXxGl7z3fp43c6u0ur-gFbg7T2HN_VCosN379mw2nskxG5OTV3mdwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIid3pxcnwgAMVBaJ7Ch20QA5NEAEYASAAEgLh1_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ%26sig%3DAOD64_1LXy86Tb20gTm1Xeis9M0Qvk0E9A%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Ao8nP58Q2110b9HpxOPXPHE4EZin4Vo452_7IfbW582IiBbZ-BF4nfN0TZ65nKkyiE4XIpLpb_V7udv5-IioOk8jaCfUx4uwYo91JkFkZgAfltAxhDM5XFwyQQplXi178AACFJfPtNYUESiZBgriA7lhKiX2UYp8IbW9GZ6HBbRt5Sse0%26cry%3D1%26dbm_d%3DAKAmf-AOzv1gG6lWEagY4EyX-KA7pBy5sUslpFfLB_LIeaFNaLb4glONEn-Z3XPA5uy2JR344_Z8PB8S4HyaDSQP3uSZ0sGbztIuLS5U14QyOXQbIgAFhV-bwqoKyk8liin8yVlOGk4CoxY0HcBursaMwSpacqZZKZF8NQorQy37yd0XU5T0fl--Me7_Ou4FbouVdsYoNv9Es5LqVke18ozvwndiu6YjJWiYept0HGRJmtEHM1PLaXDSTuUX_TWVWNrggztUagVUixFmtRNqgh27ehhU1jJZh_AImBpahVoQoXAgiSdKludQkFndhY-dSVMDzAVCrjAKSazbvUQrJSw6B6dyLR-lsLK7PeeTa7GFeQa8MyVRxR4jOQiT9aBdHGfGyduovf6n6itFd18xkrvrgWQgQ0XKKPFQc85OL5avhDqKOOjS-Iw3DWMFR1q9Mulp_khY63ufuXpXQ3B-jLY6F3keyJdKRzc26OAqnrHfqLaA2hRPFebt59fiuxsNLDNj-abwBUJxu8yoZOoHpt6905jR8StpKcF2VyJMAiP7QnfDm87x3ctG3PUf2J2HgY2I2Db01MJ8OQ7Pm3z0vL1qX9SXbvkP7IGxjOl9ppAWcrzxOXZwT7f-Hzgc9oimbC3gJNxVgog1%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=1517097769546&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 297

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=24815000087975004445008012424015&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24815000087975004445008012424015&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 299

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=24815000087975004445008012424015&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=64e4d348e7656cda16c10c1d&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Request Chain 300

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=24815000087975004445008012424015&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3012214761

Request Chain 301

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=24815000087975004445008012424015&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24815000087975004445008012424015&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 319

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1700840983553.48 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJiGtsfJ8IADFZFMDQodbqYL-g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1700840983553.48

Request Chain 323

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6492611785743.125 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTMtsfJ8IADFVwNaAgdkZAJoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6492611785743.125

352 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html Show response
a2zapk.io/
Redirect Chain

https://a2zapk.com/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

70 KB
18 KB

607ms
192ms

Document
text/html

2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aeda35e84e3a21c879e8720c4ff98ddb3f0034a316ad2bae6f65fb43d9088ebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=16070400, must-revalidate
cf-cache-status: MISS
cf-ray: 7fac2006899c4dca-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 22 Aug 2023 15:24:51 GMT
expires: Tue, 22 Aug 2023 19:24:51 GMT
last-modified: Tue, 22 Aug 2023 15:24:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0gEMUM8ByW%2BvkK9LHy2b%2FY8bYcHuDUL8z9Ydj%2FR29muXRsgVhTIMXC6Wa810whStZ%2BPPlc1wFCBPUFhjcD7TvfUf%2BKd%2BfXlCUmskG2P%2BequSjrG4qhN0a%2BA%2FAIMeQ%2FtnSkK5hkowg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-frame-options: ALLOWALL
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 7fac2003bc8f8fef-FRA
date: Tue, 22 Aug 2023 15:24:51 GMT
expires: Tue, 22 Aug 2023 16:24:51 GMT
location: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jn%2FsjYCv7alMnWVL9%2F4kRXI%2Ble6plvQHxtpTWdJct6eMCBC%2BKCViZkJtnOqUKwONelqVdzhwQWdD3dKVXukxUysuYd63k5YzhHQsCj%2FSbUYKdby6ai6CT9qyvG1ZccaHxSPTcveGAucN"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=2592000; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 mainstyle15.css
a2zapk.io/css/ 35 KB
7 KB 159ms
158ms Stylesheet
text/css 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/css/mainstyle15.css

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

856b7627332054da5d97c14110a9d32817707ce60898c83d97004a7268858d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441574
cf-polished: origSize=36363
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Wed, 15 Apr 2020 09:10:20 GMT
server: cloudflare
etag: W/"8e0b-5a350af75d700"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0X51qmGr7hb9m7bonML9KOQtT7Nv69JZdKZh5F26%2FIdm55blxcUpgj7VY5cBF1Ea8YEAK8KO5fC3SOmmRcIFKzsEKTAfz1cXNiLrnLfnC%2FrZpnkK1ZLLondQWa53IPJUE2C9VZPXg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2678400
cf-ray: 7fac2008ac7a4dca-FRA
expires: Fri, 16 Aug 2024 12:45:17 GMT

GET
H2 200 styleMenuIcon2020.css
a2zapk.io/css/StyleMenuIcon/ 2 KB
844 B 165ms
165ms Stylesheet
text/css 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/css/StyleMenuIcon/styleMenuIcon2020.css

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03c3cdc21d2bff5ce75dcf0a2eff01acefe9a72463d18631dbd8e92adfb194a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:51 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441574
cf-polished: origSize=1712
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 21 Jan 2020 01:25:14 GMT
server: cloudflare
etag: W/"6b0-59c9c479f3280"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eb3puqKhhmqHcM85bW7Yvg7FNqHcHbjFdexuUvPXuwpUeZKp1soZ4s9%2Bu3zL48RM%2BJ6kbHrELXU%2FyX2%2BYr3frOIeFSFduEm7P6jxfx1CHqZnEd6XlCn6w2n5brpBPgJRVeRS%2Fu9elw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2678400
cf-ray: 7fac2008ac7e4dca-FRA
expires: Fri, 16 Aug 2024 12:45:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
87 KB 406ms
53ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SS5VJ1BTPE

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

33fe920339ace668d568c7af16f2da53f7c73ecff8e22690286eb57bf6bcef75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89020
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 22 Aug 2023 15:24:52 GMT

GET
H2 200 fb.png
a2zapk.io/images/SocialIcon/ 436 B
822 B 77ms
70ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/fb.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

272f2244814e649578b0ea90e4cc0ba8c97752f5ee3d6dbbb32082a1dce382fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441575
cf-polished: origFmt=png, origSize=906
content-disposition: inline; filename="fb.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"38a-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvjkzn6higaPxfUtZ3Zw5EnEvgF9ZRfpm1Q2OSkVoT7GAHGom%2Bmz6eT%2BGYg48e9WX%2BRNVm6oaa19y2iC3uLZFU3F2E95k0Sfq%2FoPwDNOpZsKwl2EZ09BYwDrfOPcOtnDwsmXO5UI9w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fac20094d4c4dca-FRA
expires: Sat, 16 Sep 2023 12:45:17 GMT

GET
H2 200 telegram.jpg
a2zapk.io/images/SocialIcon/ 1 KB
2 KB 71ms
64ms Image
image/jpeg 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/telegram.jpg

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0d0cfc322eef2504a71973cdccf2a6b0d2ed6cadf8c2ee812b0f57cfc91f49a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441575
cf-polished: origSize=1875
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 06 Sep 2019 14:17:12 GMT
server: cloudflare
etag: W/"753-591e318216a00"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I90vjgcUkBcTi9aZhS6TiGg%2BPaZAV5RO1b%2FXwfpDLdypZJzneEaJaPF5unksodLPr%2BzViSjsKgm%2FrZ4cWO3eY5Q8t7OuDgwAFnYWGVUigAOkshZHPQppNZmCmOvWtp%2FXHYxCrXlLaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fac20094d4e4dca-FRA
expires: Sat, 16 Sep 2023 12:45:17 GMT

GET
H2 200 goog.png
a2zapk.io/images/SocialIcon/ 986 B
1 KB 70ms
63ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/goog.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb41b019613aa88688529bdb45c6496a238f4496d51e9077e2b69ba01102006a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441575
cf-polished: origFmt=png, origSize=2328
content-disposition: inline; filename="goog.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"918-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjQAKMee7B4dRMsAsryp8zgYRiaHFn1YglF%2BBPc2kUctja8VB08ZnKhWiBJjtUKhed6QX8TKSD67KCOnc0I5sJ%2B0lulm1Q642yVzRxk0PkfOngriFH4FlNgolaLXhPMUSvIihc77Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fac20094d504dca-FRA
expires: Sat, 16 Sep 2023 12:45:17 GMT

GET
H2 200 yout.png
a2zapk.io/images/SocialIcon/ 1 KB
2 KB 73ms
67ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/yout.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d331fb82724f45c59327c435134c753bc5a07be33b7c94b621d5401d2156fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441575
cf-polished: origFmt=png, origSize=2692
content-disposition: inline; filename="yout.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"a84-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVXK4BFFatbUljcM8%2BUagYqUD3awcn3t6HnqXUh6WF7%2BAbtutJ1SmzwD9rc32JCItNL2D0MCh7TMPFzIeeedyFvyLQwb2cwcOjugKHfyng2kaRSCd0zVLwbmUasKH0XMR%2Fs3sQdkyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fac20094d524dca-FRA
expires: Sat, 16 Sep 2023 12:45:17 GMT

GET
H2 200 empty.png
a2zapk.io/images/ 68 B
496 B 76ms
69ms Image
image/png 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/empty.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eba7a7a39459c37cc784afeb2ef1613d0b046b4e1988984fd2f801b568cb7a08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441575
cf-polished: origSize=70, status=webp_bigger
content-length: 68
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Mon, 16 Mar 2020 03:51:06 GMT
server: cloudflare
etag: "46-5a0f0ba8dbe80"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95UdDJxaQUfIcuZis95IvuMQxMrxHQt%2By1pyO8VwIOSQc7Yxvz6zd0ROhfh0QZIIXB%2FqJzSTkvGVpMavmmfEj1intlgtNENJkoNbGL4cgG7JVvkoolaWkGJBHosgzHMoturbZ5lm9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 7fac20094d534dca-FRA
expires: Sat, 16 Sep 2023 12:45:17 GMT

GET
H2 200 Loading.gif
a2zapk.io/images/ 13 KB
13 KB 71ms
64ms Image
image/gif 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/Loading.gif

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9f24416dc04e9b661270520183a4080ef0bc4862be4043278716f6debe2d0ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441562
cf-polished: origSize=13999, status=webp_bigger
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"36af-571c5d524ad80"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91XysjwTzmAaEQ0QFOc%2F9KS2%2FqdB9kntwzATcCuwZNtMei38HCK5OV7oSxsiF7YeWS48g3sNwYGx8Xgn0rHOKiNQmfWkGeaIVbKBYEIetLuj%2FrGWtos04hjIwrNqbWbF8OmKdpG7mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fac20094d544dca-FRA
expires: Sat, 16 Sep 2023 12:45:30 GMT

GET
H2 200 laeKBCF2fUwtRr-6YSvnzWxKVpHek9-tNg5hQ4wUVaUEKc9I7sTH2Ekco80_J1UUsQ=w70
play-lh.googleusercontent.com/ 7 KB
7 KB 359ms
266ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/laeKBCF2fUwtRr-6YSvnzWxKVpHek9-tNg5hQ4wUVaUEKc9I7sTH2Ekco80_J1UUsQ=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2987f8ce761dbdafa880a50e06360cb287d2db365d490eb5ef0ddfdf9d8cab45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6673
x-xss-protection: 0
expires: Wed, 23 Aug 2023 15:24:52 GMT

GET
H2 200 ajax-loader.gif
a2zapk.io/images/ 634 B
1017 B 80ms
74ms Image
image/gif 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/ajax-loader.gif

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffe96b98423bb7a4e0ca465361afca090f1896831face3abdbd51365e6675c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441562
cf-polished: origSize=673, status=webp_bigger
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"2a1-571c5d524ad80"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6yxD9tgDDeGPaeaA7ycFQTTvJj5TsAJfBTAsoMQozrb9pDZ9BCT1I8iI0TTUg5QVU1BTWxDtU4mTDnWtT4cNKXLBD7IfYfkBoPALWUacxM0Mv5qVfXaxfvr7kOvIPuU3GrpHO66mg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fac20094d554dca-FRA
expires: Sat, 16 Sep 2023 12:45:30 GMT

GET
H2 200 off.png
a2zapk.io/images/ 2 KB
2 KB 77ms
71ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/off.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fd93de5dab28bfc6583e39bdaac6a7a4b610e0c5c9560984a4ec04f84099f99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441575
cf-polished: origFmt=png, origSize=2671
content-disposition: inline; filename="off.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Wed, 21 Nov 2018 11:23:42 GMT
server: cloudflare
etag: W/"a6f-57b2afb820b80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqyNk0A7PZjKz%2FjyAAVfN3anoDxlFcmm4nCJQb1VJ%2B2z2le%2BEMAwmtKFmaOkeB4HrULl4Axa5NsafhfpqlDLQwLb2Bzknso1Qxk8jhepjYj5YimbbLlcjUWuJqpoTsYLC20NW8bI%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fac20094d564dca-FRA
expires: Sat, 16 Sep 2023 12:45:17 GMT

GET
H2 200 fd3cf7dfeb25dbee1baa6483c36bf27f.png
a2zapk.io/images/ 6 KB
6 KB 73ms
68ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/fd3cf7dfeb25dbee1baa6483c36bf27f.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

061dd6591dde25591931dc9470fd0bc3b63f4bf0ed8696af047f5a020c50c542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441562
cf-polished: origFmt=png, origSize=9359
content-disposition: inline; filename="fd3cf7dfeb25dbee1baa6483c36bf27f.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 07 May 2021 08:36:00 GMT
server: cloudflare
etag: W/"248f-5c1b95142dc00"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awNetoYiBpI6ljZkEmbu%2FqMga9k%2Bg31IDja29Zn%2Fg3SCJnM%2B12%2BOKqbBHZPQJawe4YHNTWHKCuBwQTKAg%2FXJ%2FB3D3yRPTn%2FCTYXDbhmruUhWxOGZEmFHFDDSmRDXTPmOoCmUnD2UJA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fac20094d574dca-FRA
expires: Sat, 16 Sep 2023 12:45:30 GMT

GET
H2 200 facebook.png
a2zapk.io/images/SocialIcon/ 514 B
888 B 80ms
75ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/facebook.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bae9fc3e57c860103d1e03360ba3246e3b6c5bcaa6f3183ce8066cc69843a5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441562
cf-polished: origFmt=png, origSize=603
content-disposition: inline; filename="facebook.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"25b-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEBsaVUcWuFqSNKNavqAmSS0gP9S129ngNUCl3xdhXHmoFKT8pUxvGoProCT4C5JXaO753rmBFiF6yfzgShVKYNIveu5PuTHlba%2BghuVUMWsPgpSsR32k%2FOsGyaE76w5tuIiHsqfUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fac20094d5a4dca-FRA
expires: Sat, 16 Sep 2023 12:45:30 GMT

GET
H2 200 twitter.png
a2zapk.io/images/SocialIcon/ 654 B
1 KB 74ms
69ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/twitter.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7560081f09d7c7cc914628f0d6f9bd2f91a1c33ccd0403e130c441c607d06f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441562
cf-polished: origFmt=png, origSize=710
content-disposition: inline; filename="twitter.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"2c6-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0WcbTRDaCgHt8rCS8GJMVePf0S0bH1amShHeqt%2FUghlLfaZBBFlr1Dr%2F1JhZk8Fp2QIr5NlfkZPelidcyTu5a52icJdntTcIfA1Z4RO9Mw7hLYd5DRHa3DTyWVehGLb42hbgomTg4g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fac20094d5d4dca-FRA
expires: Sat, 16 Sep 2023 12:45:30 GMT

GET
H2 200 google.png
a2zapk.io/images/SocialIcon/ 856 B
1 KB 217ms
211ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/google.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b257d5d9d3e857f54d63ff3c6139e086e5c8ca31ab501a7da4b21edd22bdf78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441562
cf-polished: origFmt=png, origSize=929
content-disposition: inline; filename="google.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"3a1-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOl0y2GytLm%2F0h3bDHuaUVLVYf0n4D%2FSeHCgcWJjk1YoqSqU2KyW3Nxsa5mu8qXOIoQVreyE9wg%2BWZITNzKFsS6NQ%2FSQyLPuwrGQltHiiWENAC%2BXKZkvHJ3qw2T6JKkoK4GfJC3lHg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fac20094d5f4dca-FRA
expires: Sat, 16 Sep 2023 12:45:30 GMT

GET
H2 200 diggit.png
a2zapk.io/images/SocialIcon/ 664 B
1 KB 72ms
67ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/diggit.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc1f5610c96200875fb98043688653e3edeb19c69d4037823918a573eca2c9ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441562
cf-polished: origFmt=png, origSize=743
content-disposition: inline; filename="diggit.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"2e7-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihQCwoj%2Bu05RmUoqdkJq6xsEmNSVZhp9DRvfudZCCkWkzCAvXlGpaG1fP4cveDUFMIAajql181Lfgc7k1BItVGFXktpA4w5a8v0n38MF2X23HeLwt9VXlpzxXy5Ak1TPN6nzNZ7zAw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fac20094d604dca-FRA
expires: Sat, 16 Sep 2023 12:45:30 GMT

GET
H2 200 linkedin.png
a2zapk.io/images/SocialIcon/ 600 B
978 B 76ms
71ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/linkedin.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b582acaf161db1ef436343a487e95a35a5ee579d35893ad726dce7fa4b85b4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441562
cf-polished: origFmt=png, origSize=676
content-disposition: inline; filename="linkedin.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"2a4-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UM4C%2BLPoTvg6Kh9SodHq76y02FbTkI1fqkcpLSXQl8hLpsZq5yNB4mu4DnQqyAaJI1NuGe0oAGqkXDuCLTCnRrQuXmAfzXMS1DsPP%2BHmjuIlp0I0kqwLXhe%2Fzrg2%2BX16mHTZMxrdg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fac20094d624dca-FRA
expires: Sat, 16 Sep 2023 12:45:30 GMT

GET
H2 200 reddit.png
a2zapk.io/images/SocialIcon/ 1 KB
1 KB 78ms
73ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/reddit.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ae11b8d7458ea7d87d6889e190ad6b5701aaf6072f54df327f745c997c3a0d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441562
cf-polished: origFmt=png, origSize=1109
content-disposition: inline; filename="reddit.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"455-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDB2UFJZ8T%2BA0wESjVuNxhN%2FVA5ifjHlRhBcQe9NclvJHNV%2BtK1M7P98m8x%2BmVUOpE2nwj95DG6pGwH2hxHJ3St5zNfCJLr3E%2FciIvF0TcZAGAgzINDS1JBf2bb1hlGt1aAACe%2B5tA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fac20094d654dca-FRA
expires: Sat, 16 Sep 2023 12:45:30 GMT

GET
H2 200 stumbleupon.png
a2zapk.io/images/SocialIcon/ 670 B
1 KB 84ms
79ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/stumbleupon.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40973a3e0be1b19f1d4a5c766421814dc51eaa807a8568e95619bebe2903473d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441562
cf-polished: origFmt=png, origSize=759
content-disposition: inline; filename="stumbleupon.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"2f7-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BcCr79Dg%2Ff4Div6AwMjklVrEGw1L8XSkFYCBzLXcUYCJ3J59J4EmeZkvDDaAD%2FIpvfTpcc%2BDMr3xdgrm1dUh9jEafWDkVCOdtJYObL03zaASCcwXj8eDYHlimZPI3S5KSjT%2FX9nx0w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fac20094d664dca-FRA
expires: Sat, 16 Sep 2023 12:45:30 GMT

GET
H2 200 tumblr.png
a2zapk.io/images/SocialIcon/ 568 B
993 B 84ms
79ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/SocialIcon/tumblr.png

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa300a570cc50f33f0dbe6fa43169017bb99a2518e002f72b5a445ae07f7edc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441562
cf-polished: origFmt=png, origSize=641
content-disposition: inline; filename="tumblr.webp"
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"281-571c5d524ad80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pfz6B9sfpKYLht1lVSM3L2QAJ1pCZH0oyQ3HqqW4%2BnfHmiIghF1WnIUDSHDcrVISI3tbhEsXpKJ9%2FvF%2FLFEp%2FULgZVD0WK5hh2wDenK42kAXMyz8BMrIAzPLsdNKDCf46BlfE9RdMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fac20094d684dca-FRA
expires: Sat, 16 Sep 2023 12:45:30 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 82 KB
26 KB 84ms
35ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2319757
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26657
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-6821"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmekBjbMuLGPK4oqVDXFrVJf%2Ftwg%2BEtU5CqFlWUoVB62du9UtYEcUI0Nc1gTwX2PTfcSMf7nbMWqVEg8XsYzjXL5hQT9W1rUR0%2F%2B%2FxBdfEOx%2F95bFZORIEJvi4Mqg7Jar9Z6wpCQ6ltsN0RyW8XM2oK3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fac20093fa72bbc-FRA
expires: Sun, 11 Aug 2024 15:24:52 GMT

GET
H2 200 jquery.lazyload.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/ 3 KB
2 KB 73ms
32ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80351098c2478918bb80008d7836499305bf6f4d4b2abf742b8823255bbb0d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5252478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1120
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-d35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uv5GwmwwfQOhZkNkEM76ThZa8kTuXGXdBTxBqBn7GnOobWSTjw5CUhDf%2B8%2FZKtRZXgslTWhF1TSk1w%2FbDS7YumpnPVbwSsRxIJkf46%2BgHLQMBOj86aPAUChCLgY5fd998P777YJohzw6RN4U7r4nan5Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fac20093fab2bbc-FRA
expires: Sun, 11 Aug 2024 15:24:52 GMT

GET
H2 200 main2019.js Show response
a2zapk.io/js/ 7 KB
2 KB 76ms
69ms Script
application/javascript 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/js/main2019.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8555fd4d9b084d0196daff5bcd75bff3931dec40f27ba33b5ab400ac9d90ceb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441575
cf-polished: origSize=7007
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 09 May 2019 10:35:22 GMT
server: cloudflare
etag: W/"1b5f-5887201d5ee80"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jx77m9WEOVn9wlV4ohGLNga3HNUik1pyCmTMUvapJjElyPMMnXqShpRsG7BsoeSkqlbEQtGok0o6NiY%2F7PVFi7wc3Z54fjwnZRgi28X7ZZ2asmbbWykIFA836jTOF4LiNPEbDtVaAg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fac20094d454dca-FRA
expires: Fri, 16 Aug 2024 12:45:17 GMT

GET
H2 200 apk2019.js Show response
a2zapk.io/js/ 4 KB
2 KB 69ms
61ms Script
application/javascript 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/js/apk2019.js?v=07-26-2023

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2925735552eb35109c7d23a42579810b5f46bad2bc1b602fd0a1aff0d215eda9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441562
cf-polished: origSize=4702
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 04 Jul 2023 15:14:26 GMT
server: cloudflare
etag: W/"125e-5ffaabd256f06"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DEuHdWgt6exrIfpm3TX6p0tqO8ltJbV5pEQca7aviIXuR5leZNUaUq%2B5L9FDUF8CluBrdSjGSLqF4geJQNUpgFa4jfB6U5H2eWR9ZQMKkO0QRH%2BI372rRzQJsLpCo4Z3b35p4XbMg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
cf-ray: 7fac20094d474dca-FRA
expires: Fri, 16 Aug 2024 12:45:30 GMT

GET
H2 200 notification.js Show response
a2zapk.io/js/ 9 KB
2 KB 70ms
62ms Script
application/javascript 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/js/notification.js?v=06012019

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56b2ee5bf0628946267ddcaf4be02035e2f89ec2d050157614a6e99e0375e94d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441575
cf-polished: origSize=13287
content-encoding: br
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Thu, 04 Jul 2019 01:48:42 GMT
server: cloudflare
etag: W/"33e7-58cd12d713280"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2FKQ92wLqT0Eg96cZGfaWS2uARUC%2BTGr1QeP1BA5lLBPrc35yLIN2ZNvWhZxBUIimHdj%2B8RomCtEk%2FzDnPDy%2Fi%2B8kRjaCsCa4rAloZysbPuuye2HlECr%2F6VVC22etEtE4yC0RP%2F3LA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: public, max-age=16070400
cf-ray: 7fac20094d4a4dca-FRA
expires: Fri, 16 Aug 2024 12:45:17 GMT

GET
H/1.1 200
OK count.js Show response
a2zapk.disqus.com/ 1 KB
2 KB 113ms
28ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.disqus.com/count.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 15:24:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300; includeSubdomains
X-Amz-Cf-Pop: DFW3-C1
Age: 293
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 10 Aug 2023 22:01:45 GMT
Server: nginx
ETag: "64d55e49-367"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: rDYM8wrmGHXWeZqiTE9jbvXvL0D9JdzsdXW58cOFgdGzORg15lu3FA==

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 139ms
82ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://a2zapk.io/
Origin: https://a2zapk.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7fac200978cb36dd-FRA

GET
H2 200 adgpt.js Show response
a2zapk.io/ 21 KB
5 KB 217ms
212ms Script
application/javascript 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/adgpt.js?v=1.40.33499520527251336

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

381d10f7def0c662364045380356828615ac87bfe1e1318bcd5f034ef28a2e37

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
content-security-policy: frame-ancestors 'self'
content-encoding: br
strict-transport-security: max-age=31536000
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wyeaGUbyy3knLj0XpRqHballSRiu5np9NWkXQ8XuQ%2BQkGFYnFpD7jIKC%2B6VNunVT7OfYRh01o4ALHiWFF6sD0DsCSXxEWCROoc5jk%2Foh77jWjM6eNGagVQOfZSAOo1e4k4%2F%2F%2FPrn0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate, public
cf-ray: 7fac20094d6a4dca-FRA
expires: 0

GET
H2 200 star.svg
a2zapk.io/images/ 762 B
805 B 90ms
89ms Image
image/svg+xml 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/star.svg

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/css/mainstyle15.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de16fd70e645265335ce7453f787726ee7c95d9d379d9759eea0a48d99d28913

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/css/mainstyle15.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441562
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Aug 2018 15:56:52 GMT
server: cloudflare
etag: W/"2fa-5741c4eb5d900"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4comWprHNTeBfi4lME%2Bd77bUA7R%2BV6uYPvqpKKzFYkGBqFEyCty0XTq7vgY0y1p4nNY47ji%2BsFBP8do3jl5VMmTPjtIVV7FXWlGoUffn4jPxjeY%2FLfhjpOBdptZpsBHXD%2F77P8LhA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 7fac20094d6b4dca-FRA
expires: Fri, 16 Aug 2024 12:45:30 GMT

GET
H2 200 stars.svg
a2zapk.io/images/ 901 B
969 B 72ms
72ms Image
image/svg+xml 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/stars.svg

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/css/mainstyle15.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc60e6f6e60e1cc56e2ebfc8d51811b55fc04a29e0a383dfceba765c2e870ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/css/mainstyle15.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441562
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Aug 2018 15:56:52 GMT
server: cloudflare
etag: W/"385-5741c4eb5d900"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Xo3bPo1%2BMiq%2F8RBA9zn9VqVtYVCG0B6mCWA18xJueAZxs2jl53tMQKtxW%2Fzm1hVwzpuQLLslFNxe4I8aSUOtseVREjogbTwNHBthpGGugXsfe%2FXM%2BSKfIlBUvZFuStWW6ahFf3viQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000
cf-ray: 7fac20094d6c4dca-FRA
expires: Fri, 16 Aug 2024 12:45:30 GMT

GET
H2 200 icomoon.woff
a2zapk.io/css/StyleMenuIcon/ 6 KB
4 KB 69ms
68ms Font
application/font-woff 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/css/StyleMenuIcon/icomoon.woff

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/css/StyleMenuIcon/styleMenuIcon2020.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6135796cbdc91d896457d04e673761aaf6e3b54f51b8dc2162c30a523a81b64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a2zapk.io/css/StyleMenuIcon/styleMenuIcon2020.css
Origin: https://a2zapk.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441575
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Jul 2018 21:56:22 GMT
server: cloudflare
etag: W/"19bc-571c5d524ad80"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7yXWLizJkOKAjpkEdyq%2BA%2FY%2BmWM0NqTwkHpQ69gOzYraP4icVEdMjDbuLwH0wPKAFk%2Bv9m4aQGEHBkXTLmTH4zfP7CcMOjy9wPi6zdzZ0ZX9aSnRN4F%2F%2FJPbhml%2F%2FSaizVXhrV4mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=2678400
vary: Accept-Encoding
cf-ray: 7fac20094d6d4dca-FRA

GET
H2 200 br.gov.caixa.tem.html Show response
a2zapk.io/reviews/ 29 KB
8 KB 2024ms
2019ms XHR
text/html 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/reviews/br.gov.caixa.tem.html

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39e9dba0ea34eff36b3c72af09b11c27b9a34eb305c1f9511b7ed11eb7421280

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:54 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 22 Aug 2023 15:24:54 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hxo3K9O9lpLNd3gCYQ1DnCH44bt9PGn8zDQBqb6tMFm%2BS7fkbABwCstUk35j16573gqcVvSarhL4VSRpuwxu95gtTlOD%2FLLmbucp4xGfuV93mPbVGfngtHl22i0xVcwwV3NQBhNHzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=16070400, must-revalidate
cf-ray: 7fac2009add54dca-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 count.php Show response
a2zapk.io/dl/ 2 B
475 B 168ms
168ms XHR
text/html 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/dl/count.php?id=1130001

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN, DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOptkwi08h%2BSsOGmSfayQiwgaZLl5P2W%2FnI54WsWwft7BnJpy80mvAaAkx906CLzsztWBJAjdbKCbPZ6u9igkrKGK6xcTa%2FCPBGRhvI2ARUC%2FLEYIkLnp2WfBz%2FYqSl1Hp1L5sa39w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 7fac200a0e3a4dca-FRA
x-xss-protection: 1; mode=block
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 IcEWj9GdJhsnzYP0lsJEanmmMvvwYNKcKLan6OGZyghOTfdHKuuDKj_zx5T2qdbvUl0=w70
play-lh.googleusercontent.com/ 9 KB
9 KB 34ms
20ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/IcEWj9GdJhsnzYP0lsJEanmmMvvwYNKcKLan6OGZyghOTfdHKuuDKj_zx5T2qdbvUl0=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

afcb75952f910e74a87f9c7154e98bd1d3321452a2ff7ddf63eb22dd5f652c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:50:34 GMT
x-content-type-options: nosniff
age: 5658
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8870
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Aug 2023 13:50:34 GMT

GET
H2 200 3b9eSR7q5p9htVhgRhfSaIM3fmPH57t0awCDzSWtKRKbZ435qUspwwLvqPuGVMWWNw=w70
play-lh.googleusercontent.com/ 5 KB
5 KB 51ms
26ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/3b9eSR7q5p9htVhgRhfSaIM3fmPH57t0awCDzSWtKRKbZ435qUspwwLvqPuGVMWWNw=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d21803ddac2c626338f5740a636fe951da54ff17a683b3333dcfeb8addc46edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:50:34 GMT
x-content-type-options: nosniff
age: 5658
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5478
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Aug 2023 13:50:34 GMT

GET
H2 200 RSu_Yble-5MgqnXbuqaYdj9r97Wv3yE0ICX2vDGAw2QCZPF4wZLA71Q1cEndjR1WpDM=w70
play-lh.googleusercontent.com/ 1 KB
1 KB 80ms
56ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/RSu_Yble-5MgqnXbuqaYdj9r97Wv3yE0ICX2vDGAw2QCZPF4wZLA71Q1cEndjR1WpDM=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1d8a10f707df99a7e5d84aeb947777a8daf1be07007780b0c0bf8d0d88707ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:50:34 GMT
x-content-type-options: nosniff
age: 5658
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1447
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Aug 2023 13:50:34 GMT

GET
H2 200 3S8J6nN1A9IwOhOwRRf3lgbOtP-PvQN0lat21-S27jFKj7f4zSUfutotH5pgdq5dP_EO=w70
play-lh.googleusercontent.com/ 11 KB
11 KB 81ms
56ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/3S8J6nN1A9IwOhOwRRf3lgbOtP-PvQN0lat21-S27jFKj7f4zSUfutotH5pgdq5dP_EO=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9ed4919d8289e7eef10aa9eac027a166480a0dec03cadd53a9500ddb4d1df101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:50:34 GMT
x-content-type-options: nosniff
age: 5658
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11553
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Aug 2023 13:50:34 GMT

GET
H2 200 I2S025jaYCRIfRLhtXGXK9yTB2pMwhT0sqpjcXfueVWMFsAf0F--c7xEg8u2A8fvBw=w70
play-lh.googleusercontent.com/ 2 KB
3 KB 49ms
25ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/I2S025jaYCRIfRLhtXGXK9yTB2pMwhT0sqpjcXfueVWMFsAf0F--c7xEg8u2A8fvBw=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dd6d8c66459f7e8833acec381118440961ddd6c8f1aa8ca79a39aab3408bd3d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:50:34 GMT
x-content-type-options: nosniff
age: 5658
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2526
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Aug 2023 13:50:34 GMT

GET
H2 200 -jHaiys9Ir97ti43X2FMC94jFm8vzNlFoxbKmIyLPzYshadUytRweGRXVXjZZVYVJoDr=w70
play-lh.googleusercontent.com/ 1 KB
1 KB 79ms
55ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/-jHaiys9Ir97ti43X2FMC94jFm8vzNlFoxbKmIyLPzYshadUytRweGRXVXjZZVYVJoDr=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0fb6826010e7c2cd49aaa4d145b99763f6c5aca921a7ebbcd45b350f6ea0fa10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:50:34 GMT
x-content-type-options: nosniff
age: 5658
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1079
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Aug 2023 13:50:34 GMT

GET
H2 200 pCqOLS2w-QaTI63tjFLvncHnbXc4100EQI3FAD0RZEFWjGMa_54M4x2HD7j48qMSv3kk=w70
play-lh.googleusercontent.com/ 4 KB
4 KB 77ms
53ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/pCqOLS2w-QaTI63tjFLvncHnbXc4100EQI3FAD0RZEFWjGMa_54M4x2HD7j48qMSv3kk=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

11a2277567d5437c81c78749b482998a499bcb01ae665f3ad8e2267772d7bf4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:50:34 GMT
x-content-type-options: nosniff
age: 5658
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4538
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Aug 2023 13:50:34 GMT

GET
H2 200 kH7QddrML_niRm4ziPZPtkA9tRi4S4U93P0CZVaZ6D_4nvGLFaQWqDW4u23d2fLokSQ=w70
play-lh.googleusercontent.com/ 10 KB
10 KB 55ms
32ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/kH7QddrML_niRm4ziPZPtkA9tRi4S4U93P0CZVaZ6D_4nvGLFaQWqDW4u23d2fLokSQ=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

25a09c44ecdf00f1c9e110084125735ce49e1e3ee9e631a9af960756d8a85a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:50:34 GMT
x-content-type-options: nosniff
age: 5658
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10156
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Aug 2023 13:50:34 GMT

GET
H2 200 scjTdynpiYyP1aLS8InNR0NLmCh1TyjaEqcFE6UbHDoOx7UGOG9wi2L-URI30UIPWg=w70
play-lh.googleusercontent.com/ 13 KB
13 KB 63ms
40ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/scjTdynpiYyP1aLS8InNR0NLmCh1TyjaEqcFE6UbHDoOx7UGOG9wi2L-URI30UIPWg=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

80752a6725c62468e79fec444b115bcbaca5c8d9c84b8328dd297193a89cb23b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:50:34 GMT
x-content-type-options: nosniff
age: 5658
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13213
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Aug 2023 13:50:34 GMT

GET
H2 200 1YI3AZb3qJw020xpKMANKV6XdAzjvz1wAUJHPeljiNdTpvnaB5ziPDvRx1JBCuUHRg=w70
play-lh.googleusercontent.com/ 11 KB
11 KB 62ms
39ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/1YI3AZb3qJw020xpKMANKV6XdAzjvz1wAUJHPeljiNdTpvnaB5ziPDvRx1JBCuUHRg=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fff7144fa7e0efc47824ffc51e4c5dbaffaacfd04b89193aaebdb226ca1e3494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:50:34 GMT
x-content-type-options: nosniff
age: 5658
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10998
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Aug 2023 13:50:34 GMT

GET
H2 200 GwYfabKJSuh3ZZic55C9LLvPrud93lyQaVRTrurCxTb68w03I9YRmVcwa_X7K8xc3w=w70
play-lh.googleusercontent.com/ 11 KB
11 KB 110ms
87ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/GwYfabKJSuh3ZZic55C9LLvPrud93lyQaVRTrurCxTb68w03I9YRmVcwa_X7K8xc3w=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a231c8c9b85655bd11127d15c1fe0692cf75405dfb436a2614a581caf175453b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:50:34 GMT
x-content-type-options: nosniff
age: 5658
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10897
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Aug 2023 13:50:34 GMT

GET
H2 200 HBi_9CAOrQD2fAPf3alES3VEvx7P240-QrpIYcY1-ide-25vfpDSaBrJLD_K5vNKDWec=w70
play-lh.googleusercontent.com/ 6 KB
6 KB 112ms
89ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/HBi_9CAOrQD2fAPf3alES3VEvx7P240-QrpIYcY1-ide-25vfpDSaBrJLD_K5vNKDWec=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

03ed6e30bee0904aa1c18913cf4ea46865b9f13c339ef3f0ec6a76feff369c39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:50:34 GMT
x-content-type-options: nosniff
age: 5658
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5759
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Aug 2023 13:50:34 GMT

GET
H2 200 TFb-k4sKePYriyNidES5UD1HDZrVGw7oGtvX1xqGqC8gSijIvpbbPS2qy1jvxZ4wbg=w70
play-lh.googleusercontent.com/ 3 KB
3 KB 113ms
90ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/TFb-k4sKePYriyNidES5UD1HDZrVGw7oGtvX1xqGqC8gSijIvpbbPS2qy1jvxZ4wbg=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

00067a13f6ac6be3ee460d799be2e268e0973d1f49e6a2737868e3231fb2698a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:50:34 GMT
x-content-type-options: nosniff
age: 5658
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3369
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Aug 2023 13:50:34 GMT

GET
H2 200 uA2SPkUUN4feau4S-JtJrxjTfjQ7s5_9vTA2dj1ECSPQy_GrQXGzSp_PH0eTibmymsM=w70
play-lh.googleusercontent.com/ 9 KB
9 KB 138ms
116ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/uA2SPkUUN4feau4S-JtJrxjTfjQ7s5_9vTA2dj1ECSPQy_GrQXGzSp_PH0eTibmymsM=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a41620a90c460d71993a408748ecc6be5bd243708f42d7289fbb45a2860dc153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:50:34 GMT
x-content-type-options: nosniff
age: 5658
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9206
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Aug 2023 13:50:34 GMT

GET
H2 200 AGUNGOb0JJF0nB4eVJbao8NlZh-W3D-dM0nu8BLuDIL3CUrMtwuCqFUIC7zMACjtiY8=w70
play-lh.googleusercontent.com/ 8 KB
8 KB 140ms
117ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/AGUNGOb0JJF0nB4eVJbao8NlZh-W3D-dM0nu8BLuDIL3CUrMtwuCqFUIC7zMACjtiY8=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c438c413fbad7c509b936b0866b354ca6efc56e64bac35fa2127ea1339210a4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:50:34 GMT
x-content-type-options: nosniff
age: 5658
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7922
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Aug 2023 13:50:34 GMT

GET
H2 200 KJ8_UwiIpZ8gbrs2RNXOHy61x-KJqlK8cwYyiJWaw2KFJWbQMimBwyYjwxS6ishBejg=w70
play-lh.googleusercontent.com/ 9 KB
9 KB 139ms
116ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/KJ8_UwiIpZ8gbrs2RNXOHy61x-KJqlK8cwYyiJWaw2KFJWbQMimBwyYjwxS6ishBejg=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

29932df8708f3e15ece0c65e81318246162e6fae0fd2cd808b7b37671f151589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:50:34 GMT
x-content-type-options: nosniff
age: 5658
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9069
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Aug 2023 13:50:34 GMT

GET
H2 200 uWzv2V9qnzDIQ4sM8C0RPMsGS_DnSxt1ZFETCjCTuSDlj__8d2Yq2vmvsIs5KADmZQ=w70
play-lh.googleusercontent.com/ 9 KB
9 KB 137ms
115ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/uWzv2V9qnzDIQ4sM8C0RPMsGS_DnSxt1ZFETCjCTuSDlj__8d2Yq2vmvsIs5KADmZQ=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7ff50a60d167f90caf90345162489e4427beb21d5ef393f7703425211f2363d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:28:29 GMT
x-content-type-options: nosniff
age: 3383
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8860
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Aug 2023 14:28:29 GMT

GET
H2 200 dXHAPuotkFlTQlLtrwstPxj4MvbUgKHUKTWGN4Zy_CgiPm7TiNj4jJYN1NOlj6MCDCI=w70
play-lh.googleusercontent.com/ 3 KB
3 KB 136ms
114ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/dXHAPuotkFlTQlLtrwstPxj4MvbUgKHUKTWGN4Zy_CgiPm7TiNj4jJYN1NOlj6MCDCI=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

12e99e6da8349480c5038849faf6e0bc4f7294979f545c23893de5bf1bb2dc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:59:17 GMT
x-content-type-options: nosniff
age: 1535
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2948
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Aug 2023 14:59:17 GMT

GET
H2 200 VsJBTv7Ta15_SDZbxM0C-GGHhYYx2e1brTFYUx8vDafNCzJrv3mRK2iX2oX8mxb3hgU=w70
play-lh.googleusercontent.com/ 14 KB
14 KB 112ms
91ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/VsJBTv7Ta15_SDZbxM0C-GGHhYYx2e1brTFYUx8vDafNCzJrv3mRK2iX2oX8mxb3hgU=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

57bb12e0be7d9f8b609ca29da52321717febd067a55c9533d248b29ae9007a7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:59:17 GMT
x-content-type-options: nosniff
age: 1535
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13903
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Aug 2023 14:59:17 GMT

GET
H2 200 OU2hCZUnoTuzXECIsyEncU0eiW8E0_6QDQxggppwp5iRxOZs_T2jyricqLanGIgaqt0=w70
play-lh.googleusercontent.com/ 3 KB
3 KB 132ms
110ms Image
image/jpeg 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/OU2hCZUnoTuzXECIsyEncU0eiW8E0_6QDQxggppwp5iRxOZs_T2jyricqLanGIgaqt0=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

34b6fe92215687cbed1be732be428ee1b0e4b4a6af5ddb106b8857aadf6bbbab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:59:17 GMT
x-content-type-options: nosniff
age: 1535
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3350
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Aug 2023 14:59:17 GMT

GET
H2 200 bYtqbOcTYOlgc6gqZ2rwb8lptHuwlNE75zYJu6Bn076-hTmvd96HH-6v7S0YUAAJXoJN=w70
play-lh.googleusercontent.com/ 6 KB
6 KB 134ms
112ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/bYtqbOcTYOlgc6gqZ2rwb8lptHuwlNE75zYJu6Bn076-hTmvd96HH-6v7S0YUAAJXoJN=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9f0ba14d68720662af89710c734d891e366f76d112cde586acff801dd1478102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:05:58 GMT
x-content-type-options: nosniff
age: 8334
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6035
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Aug 2023 13:05:58 GMT

GET
H2 200 nufRXPpDI9XP8mPdAvOoJULuBIH_OK4YbZZVu8i_-eDPulZpgb-Xp-EmI8Z53AlXHpqX=w70
play-lh.googleusercontent.com/ 3 KB
3 KB 172ms
151ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/nufRXPpDI9XP8mPdAvOoJULuBIH_OK4YbZZVu8i_-eDPulZpgb-Xp-EmI8Z53AlXHpqX=w70

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a6a1ed316cff00c589d70f9097c34efb0dceb6771bd544a9461ad0f61bde0443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2622
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 23 Aug 2023 15:24:52 GMT

GET
H2 200 eB1ddJSuLAN2AIWZ2X1gQ6krzb7VwZ2xhYGOMrOyFe5TSejW364kh82ArhfDBXPW-tg=h300
play-lh.googleusercontent.com/ 27 KB
27 KB 435ms
414ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/eB1ddJSuLAN2AIWZ2X1gQ6krzb7VwZ2xhYGOMrOyFe5TSejW364kh82ArhfDBXPW-tg=h300

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b2c6e114d26c42d9a678f0a81a15c8c876fde4b711e852ce7e9735f90bdef370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28014
x-xss-protection: 0
expires: Wed, 23 Aug 2023 15:24:52 GMT

GET
H2

200

invisible.js Show response
a2zapk.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/ Frame 7D75
Redirect Chain

https://a2zapk.io/cdn-cgi/challenge-platform/scripts/invisible.js
https://a2zapk.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

7 KB
4 KB

40ms
36ms

Script
application/javascript

2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3258456cdea81e84c39cbe44f19c21d793a707db3b91400c6276c00d5f067ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZaxnPUPXOPkVzBPDvGq2S4dY9d0j2eF1pJul3nP3dDejOQyDnTxlkCY0B%2FZ%2BwTtEZNrSKb4vaNmcdPe9Iqq3TFU7%2BFQRYyuly6th3ymIY%2Fior7jhuZQwJyiVz94OmplGwz0aaQmCRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7fac200adf224dca-FRA

Redirect headers

date: Tue, 22 Aug 2023 15:24:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rhWdI0X6edlrnCyFRbzsngrCb9NcIFV0COCyZFbBq1kv%2FnzYXEuKS7wEE9Q4wX2PUBEzoI8B1n6oQ8vaiErE5FYfwVcEoPzX2sKvh4wyDeiJZwABu6VgDSX8ksjh49qTKB2TF3aCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
cache-control: max-age=300, public
cf-ray: 7fac200a3e654dca-FRA

GET
H/1.1 200
OK count-data.js Show response
a2zapk.disqus.com/ 326 B
907 B 140ms
140ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.disqus.com/count-data.js?2=https%3A%2F%2Fa2zapk.io%2F1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Requested by

Host: a2zapk.disqus.com
URL: https://a2zapk.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

78ee5a5b37a1565a279ca4eb5fca67b8433c71d2977e5f0588dc6f8778629092

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 15:24:52 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 326
X-XSS-Protection: 1; mode=block

GET
H2 200 favicon.ico
googleads.g.doubleclick.net/ 1 KB
1 KB 135ms
22ms Image
image/x-icon 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/favicon.ico

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

996993bfeb7cd9c381255c28e21b63f2c391ef090fe0266f016991eb8e3efdd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 07:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 375560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 884
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/x-icon
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 17 Aug 2024 07:05:32 GMT

POST
H2 200 7fac2006899c4dca Show response
a2zapk.io/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 7D75 0
458 B 128ms
122ms XHR
text/plain 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a2zapk.io/cdn-cgi/challenge-platform/h/g/cv/result/7fac2006899c4dca
Requested by: Host: a2zapk.io
URL: https://a2zapk.io/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7fac200c791b4dca-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GumgG8O2ZCti6Eyr8zge9Ra6CQtFrRTf5fd6tl3jpKpsgYTu5rDsHxglqgpbrCng3tA0aiizRL5iwyz7YZJ53NB8%2FGZTvg5A1RsxcXQ8DUZaJgItycCW2n6C1r6GeFRV8axhj%2B0Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

HEAD
H2 404 auction
srtb.msn.com/ 0
0 147ms
54ms Fetch 204.79.197.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://srtb.msn.com/auction
Requested by: Host: a2zapk.io
URL: https://a2zapk.io/adgpt.js?v=1.40.33499520527251336
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0003.a-msedge.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 389F029A48394480B0DC00266B9BB014 Ref B: FRAEDGE1209 Ref C: 2023-08-22T15:24:52Z
content-length: 0
x-cache: CONFIG_NOCACHE

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 123ms
33ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SS5VJ1BTPE&gtm=45je38l0&_p=2059168922&cid=927921021.1692717893&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692717892&sct=1&seg=0&dl=https%3A%2F%2Fa2zapk.io%2F1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&dt=CAIXA%20Tem%201.47.1%20APK%20for%20Android&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SS5VJ1BTPE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://a2zapk.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 rum Show response
a2zapk.io/cdn-cgi/ 0
144 B 230ms
230ms XHR
text/plain 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type: application/json

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://a2zapk.io
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7fac200d39f64dca-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 196ms
117ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/adgpt.js?v=1.40.33499520527251336

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f213670540bb1242ae99af82415cf82d8fcc4fb8d4efd2de8cfc99aeb2f0d7e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28938
x-xss-protection: 0
server: cafe
etag: 35 / 19591 / m202308170101 / config-hash: 1333500184187641948
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 15:24:52 GMT

POST
H2 200 logip.php Show response
a2zapk.io/dl/ 0
406 B 252ms
249ms XHR
text/html 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a2zapk.io/dl/logip.php

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/adgpt.js?v=1.40.33499520527251336

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 22 Aug 2023 15:24:52 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
pragma: no-cache, no-cache
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnHwj240fFD%2BxSP%2BZgW8n4LOuPjYBzH3s%2FTZlQWEHrWimzsW8bedCwf9SYEAYwffHtUKPYLeKAQHudBoFtEa5XCUrvvZPQ6%2Bl48TliOvi0FnwVPxlH0cvymX9wtyble2n0DfpJkcWw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate
cf-ray: 7fac200e6c1a4dca-FRA
access-control-allow-headers: Content-Type, Authorization
expires: 0, Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ 402 KB
127 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:51:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12795
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129577
x-xss-protection: 0
server: cafe
etag: 2336233631454045957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 21 Aug 2024 11:51:37 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 179 KB
45 KB 571ms
571ms XHR
text/plain 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2293991328335920&correlator=993687849668240&eid=31077189&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fifs&iu_parts=22959879228%2Cinterstitial-a2z%2Cdesktop1-728%2Cmobileresp3-300%2Cmobileresp2-300%2Cstickyfooter&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F5&prev_iu_szs=1x1%2C300x250%7C320x480%7C336x280%2C728x90%2C300x100%7C250x250%7C300x250%2C250x250%7C300x50%7C200x200%7C300x250%2C1x1%2C320x100%7C120x60%7C300x100%7C728x90%7C300x75&ifi=1&sfv=1-0-40&ists=66&fas=8%2C0%2C0%2C0%2C0%2C1%2C0&sc=1&cookie_enabled=1&abxe=1&dt=1692717893102&lmt=1692710691&adxs=-9%2C650%2C436%2C278%2C258%2C-9%2C-12245933&adys=-9%2C2713%2C75%2C539%2C2171%2C-9%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C1%7C0%7C0%7C2%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fa2zapk.io%2F1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html&vis=1&psz=0x-1%7C1600x250%7C1600x90%7C728x1249%7C728x2045%7C0x-1%7C0x-1&msz=0x-1%7C1600x250%7C1600x90%7C688x100%7C728x50%7C0x-1%7C0x-1&fws=2%2C0%2C0%2C0%2C0%2C2%2C640&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=927921021.1692717893&ga_sid=1692717893&ga_hid=2059168922&ga_fc=true&dlt=1692717891788&idt=1266&adks=2135858098%2C2142338867%2C299942153%2C2763825005%2C2766013119%2C1309157062%2C3626215300&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35c1f40d79b8e6da1e3c437ee203f794257d2d44eb0ee0f5246544c41964da3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:53 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46138
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://a2zapk.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 170ms
89ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cddb1662fd924babf178dd0a7ffdce4f368726d1b20ed93bb18a29f81951ce0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11779
x-xss-protection: 0

GET
H2 200 container.html Show response
af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 87DF 6 KB
3 KB 171ms
34ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 15:24:53 GMT
expires: Wed, 21 Aug 2024 15:24:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ 37 KB
13 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85546fc1dc5bd86a9db3f5d39e5cbc0dd92106c5e67c147d78eddf19b3f13a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 12:43:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9707
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13156
x-xss-protection: 0
server: cafe
etag: 1643040129009188309
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 21 Aug 2024 12:43:06 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 214ms
38ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Aug 2023 15:24:53 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3E01 13 KB
5 KB 27ms
23ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 15:14:58 GMT
expires: Wed, 21 Aug 2024 15:14:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1A2B 829 B
1 KB 116ms
51ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

45ad9050425f1e2649efc249481420c57e0bc056aa6f0a2821246d77138dbed5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Jem9UHvC1GFxiL48EXPyoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-Jem9UHvC1GFxiL48EXPyoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 15:24:53 GMT
expires: Tue, 22 Aug 2023 15:24:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E01 37 KB
14 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 06:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 204631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 06:34:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1A2B 0
0 135ms
134ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308170101&jk=2293991328335920&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 200 container.html Show response
af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 740E 6 KB
3 KB 26ms
23ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 15:24:53 GMT
expires: Wed, 21 Aug 2024 15:24:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3730 6 KB
3 KB 26ms
26ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 15:24:53 GMT
expires: Wed, 21 Aug 2024 15:24:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2F1E 6 KB
3 KB 35ms
31ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 15:24:53 GMT
expires: Wed, 21 Aug 2024 15:24:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8C8F 6 KB
3 KB 31ms
29ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 15:24:53 GMT
expires: Wed, 21 Aug 2024 15:24:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3293 6 KB
3 KB 28ms
27ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 15:24:53 GMT
expires: Wed, 21 Aug 2024 15:24:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D01A 6 KB
3 KB 73ms
28ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 15:24:53 GMT
expires: Wed, 21 Aug 2024 15:24:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 215F 6 KB
3 KB 72ms
27ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a2zapk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 15:24:53 GMT
expires: Wed, 21 Aug 2024 15:24:53 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 740E 4 KB
1 KB 143ms
60ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 22 Aug 2023 15:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 14:14:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Aug 2023 15:24:54 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4E15 624 B
710 B 67ms
64ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYvLrw0AEwAQ&v=APEucNXpTLIuLD1B8kTnHKEOkLMsh-5A3B1tVe3JZn0VlrwGN_L8PNiI8MZOfyo5se-HZz8I2GVu_xvC0bAxYbN845FCoGKcMyvU2TX_-25jOoDfj3iLEpgTvuFqHz5KeYgwqR3-iwPLyoa4XLIOxySrJ0gz915RwNPhzh2J59nBER-p6Bff7w8

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 15:24:53 GMT
expires: Tue, 22 Aug 2023 15:24:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4689 86 KB
29 KB 102ms
100ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 15:24:54 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 4689 3 KB
1 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:41:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 4689 20 KB
8 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4689 181 KB
57 KB 150ms
49ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 15:24:54 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4689 42 B
63 B 129ms
127ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A23EP8NWysQLQXdegvgECCObwkLn4M8pT9MSUVDwXbBlaJhWePwh01EhuxAcBqnAcO7kpUEm-r2VckyRoP608E1bajuuL3CUo5aOqDTtqxYjS6Kds

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4689 0
20 B 130ms
127ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8236941930622016777&x=1&ct=76

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame 740E 20 KB
8 KB 64ms
61ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79736
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 17:15:57 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A5CB 624 B
529 B 127ms
94ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3oLvGATAB&v=APEucNVrUr4P7hsPAe0kI59iCUZLeBCdMabspX8byI1Ev8a0ZNv6xq8n3B1y5VTgwNK0hcsljL25bRfqKGLIdeqKI81gx9dH7hVHw5fJ4PNj5E1oDCN2UqB0e5u8TEb5u44DbnSm9U4Vu5OEeYz43qPLSWLzqo42d0U9bT-ydjFudi2KosdM2cc

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 15:24:54 GMT
expires: Tue, 22 Aug 2023 15:24:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3730 86 KB
29 KB 213ms
213ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 15:24:54 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3730 42 B
63 B 126ms
126ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CorG2bcMjLPGPMMU-BB7jS-F_YsN6vREPhQoGJ9oPt1D8LYzvIKE_Gbb_Xeo0-Zi4m3cIqLeu45ePZ0LjgTvHgoHKYVi4s1ibutQPTAuTvxA8jMzA

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3730 0
20 B 133ms
130ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=18022030269136745451&x=1&ct=77

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 3730 3 KB
1 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:41:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 3730 20 KB
8 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3730 181 KB
57 KB 227ms
145ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 15:24:54 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9F47 624 B
505 B 121ms
94ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYm77w0AEwAQ&v=APEucNVDQg4kIKYUrr7LqtHMiA_4ISHqqC5iuzE4Td8oSDj_eS3ACad3rIjguQedo8Pqp9AkaS3_YTjPb91s4JAtdzdL1nKBnN0VPDkd_fYkxINu2m3vOKx9Tc9CtqvKCDkXqu-_UO9yqrGwjAA18bTPsqczKeu9elhJ_ArS2Wbdaorw2TuaoBg

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 15:24:54 GMT
expires: Tue, 22 Aug 2023 15:24:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2F1E 86 KB
29 KB 203ms
199ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 15:24:54 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F1E 42 B
63 B 129ms
126ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BOuw9RvbIiI9sQJLw0sfzdrZuECSye_fH22bD2koUoL0_EA8ouGlfMROAsRo_Kmdq1EMPM6_TyqOzRye0WkiDaNGnsCI_eVEYql3ItKP6Pa4AArvc

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F1E 0
20 B 129ms
126ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1874735323545788128&x=1&ct=76

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 2F1E 3 KB
1 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:41:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 2F1E 20 KB
8 KB 33ms
30ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81334
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F1E 181 KB
57 KB 207ms
132ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 15:24:54 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FD20 624 B
507 B 108ms
85ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYvLrw0AEwAQ&v=APEucNVFstFfXDEIEaMxTFtrqd9EwVlW9mTIaGMaLMGX-UTm8Wr_bpn-MWRENDw8cYqGLSuQ8qGLj39zLINod3M8nq---p4QS2BsR-cMRp8vR0pAwETu7Ftg9AZMIe8gOX9JbMKilX7vEzFW7_EIDr3TgfDWbwZnNFzc9Pdn8Bel2MDPk8SZ6RQ

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 15:24:54 GMT
expires: Tue, 22 Aug 2023 15:24:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8C8F 86 KB
29 KB 179ms
165ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 15:24:54 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C8F 42 B
63 B 141ms
127ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AVZRhCSCBB-0gpZeIOrYWpfq4i1TbCK4NoMKUSZlfHHotSP-4xv_BHLMgdF4m8e1f4-I_D1kaB1o5KkjTbPs6SaOSE_Mln8CiKp01sahqRVuOuUbc

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C8F 0
20 B 141ms
128ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16630688949248826453&x=1&ct=76

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 8C8F 3 KB
1 KB 42ms
29ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2596
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:41:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 8C8F 20 KB
8 KB 44ms
30ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C8F 181 KB
57 KB 182ms
123ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 15:24:54 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 568B 624 B
506 B 98ms
85ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGKOsr_ABMAE&v=APEucNVdZYaAK4dk83GqfERf72UunDXRjnqAyQlziwkxuZsZg46w-w5QoiPZJZHf_h0u3jVqGR-gxLnf60ozrfRfb5zgNzlT0xfdVbDkqYuPOX--Rny2XV9Dp_ZbYUaCDJXBbzzww6EjHQ3JQqGNFEM4P3vaRMdJBqN1B3bxM9lsLmQKqvlYRMA

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 15:24:54 GMT
expires: Tue, 22 Aug 2023 15:24:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3293 86 KB
29 KB 199ms
189ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 15:24:54 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3293 42 B
63 B 133ms
123ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ab502rGTZ0fg_v9Q5QO4kE_j2lPE865J4V8x0PZ7m6ptjiuQAhuk4k8_9vIBZVvtAIm43msaO8uKZhOCq_EUnbu1LmWB6bIVQR22X0Umv4wd3rmM0

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3293 0
20 B 134ms
124ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17056391933747937982&x=1&ct=76

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 3293 3 KB
1 KB 43ms
33ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2596
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:41:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 3293 20 KB
8 KB 47ms
37ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3293 181 KB
57 KB 146ms
96ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 15:24:54 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0AF4 624 B
242 B 78ms
68ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYm77w0AEwAQ&v=APEucNWbFYf8gJIsu9jpUdlVGUZh_2CMeeVmUK5tkj5h2jZvwdjO_XxIm0hiHNR331XmdKDAbiz1HIifFH__TL116GJMpr-hY6JZ0sBKEyKzQ-QDibZvlODxX7QIoCx1ghGAHTzfZZPvfWxQmHXTMzlu68817c1lZiU7HWdB7pwrqtPNLml_z9Q

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 15:24:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5584 86 KB
29 KB 164ms
155ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 15:24:54 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 5584 3 KB
1 KB 36ms
27ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2596
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:41:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 5584 20 KB
8 KB 37ms
28ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5584 181 KB
57 KB 201ms
189ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 15:24:54 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5584 42 B
63 B 156ms
146ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CbrTF6QwAhlN_24XL-sEwOh6t1dOb9r5E8QIZ9tzIsuaavBRtNvTJuUu2TzYFqviyJqmJwW2gL5M6OCZHPlnGxv5XcyJ9-BNF42zRngbogXdACwPw

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5584 0
20 B 154ms
145ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2410934449464697772&x=1&ct=76

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9659 624 B
242 B 196ms
193ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXBA88pAaRtGCD4GE91LwRRydbMHBqEl0nBmMwhYLrKb1Nnt-61wBvhyBIS_RSC_eSmsLeAXaVGIRzqrPQy5gaaKvXBkN2-YxwyL5l-rAnM8s-48iyrGRs1C0lAX0Izmi24yV-oax0YP6AzSl7FYtReZe1eM6PxPrpbSJOaL0bdmUk4D0Y

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 15:24:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 215F 86 KB
29 KB 179ms
179ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 15:24:54 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 215F 42 B
63 B 145ms
142ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AkBdB2jtAVHC916IpZbcqPmf6iqyHRJf6_pGahYgFD7MLcwjXxz5qbE7DqmXkx_3hw2xqBkmlq8fixIH5pRCc6u3gXHFwBZ0KQTJvV-SqTxu4dZo4

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 215F 0
20 B 146ms
143ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13029214530049864602&x=1&ct=77

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 215F 3 KB
1 KB 55ms
52ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/window_focus_fy2021.js

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2596
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:41:38 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/ Frame 215F 20 KB
8 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:49:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81335
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 16:49:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 215F 181 KB
57 KB 140ms
136ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 15:24:54 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4E15
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0Xnb7KoPgDk3z5QX_s9sM&google_cver=1

43 B
632 B

25ms
24ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0Xnb7KoPgDk3z5QX_s9sM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYvLrw0AEwAQ&v=APEucNXpTLIuLD1B8kTnHKEOkLMsh-5A3B1tVe3JZn0VlrwGN_L8PNiI8MZOfyo5se-HZz8I2GVu_xvC0bAxYbN845FCoGKcMyvU2TX_-25jOoDfj3iLEpgTvuFqHz5KeYgwqR3-iwPLyoa4XLIOxySrJ0gz915RwNPhzh2J59nBER-p6Bff7w8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 15:24:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0Xnb7KoPgDk3z5QX_s9sM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4E15
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOTTRqtQl6QNtpyq.4kOxQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2

43 B
632 B

27ms
27ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYvLrw0AEwAQ&v=APEucNXpTLIuLD1B8kTnHKEOkLMsh-5A3B1tVe3JZn0VlrwGN_L8PNiI8MZOfyo5se-HZz8I2GVu_xvC0bAxYbN845FCoGKcMyvU2TX_-25jOoDfj3iLEpgTvuFqHz5KeYgwqR3-iwPLyoa4XLIOxySrJ0gz915RwNPhzh2J59nBER-p6Bff7w8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 15:24:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 4E15
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1

43 B
841 B

101ms
101ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYvLrw0AEwAQ&v=APEucNXpTLIuLD1B8kTnHKEOkLMsh-5A3B1tVe3JZn0VlrwGN_L8PNiI8MZOfyo5se-HZz8I2GVu_xvC0bAxYbN845FCoGKcMyvU2TX_-25jOoDfj3iLEpgTvuFqHz5KeYgwqR3-iwPLyoa4XLIOxySrJ0gz915RwNPhzh2J59nBER-p6Bff7w8

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
an-x-request-uuid: 87c0930e-502f-4e14-9a7d-9cc74418ee3c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.22; 217.114.218.22; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E15
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0

170 B
188 B

80ms
80ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0

Requested by

Protocol

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
an-x-request-uuid: 47db8651-27f8-475a-8837-41023a6e1999
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0
x-proxy-origin: 217.114.218.22; 217.114.218.22; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A5CB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1

43 B
766 B

24ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3oLvGATAB&v=APEucNVrUr4P7hsPAe0kI59iCUZLeBCdMabspX8byI1Ev8a0ZNv6xq8n3B1y5VTgwNK0hcsljL25bRfqKGLIdeqKI81gx9dH7hVHw5fJ4PNj5E1oDCN2UqB0e5u8TEb5u44DbnSm9U4Vu5OEeYz43qPLSWLzqo42d0U9bT-ydjFudi2KosdM2cc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 15:24:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A5CB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOTTRqtQl6QNtpyq.4kOxQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2

43 B
632 B

27ms
27ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3oLvGATAB&v=APEucNVrUr4P7hsPAe0kI59iCUZLeBCdMabspX8byI1Ev8a0ZNv6xq8n3B1y5VTgwNK0hcsljL25bRfqKGLIdeqKI81gx9dH7hVHw5fJ4PNj5E1oDCN2UqB0e5u8TEb5u44DbnSm9U4Vu5OEeYz43qPLSWLzqo42d0U9bT-ydjFudi2KosdM2cc
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 15:24:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame A5CB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1

43 B
841 B

49ms
48ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj3oLvGATAB&v=APEucNVrUr4P7hsPAe0kI59iCUZLeBCdMabspX8byI1Ev8a0ZNv6xq8n3B1y5VTgwNK0hcsljL25bRfqKGLIdeqKI81gx9dH7hVHw5fJ4PNj5E1oDCN2UqB0e5u8TEb5u44DbnSm9U4Vu5OEeYz43qPLSWLzqo42d0U9bT-ydjFudi2KosdM2cc

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
an-x-request-uuid: 49352961-4e80-47c0-8e76-731be35a53b1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.22; 217.114.218.22; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A5CB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0

170 B
188 B

82ms
81ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0

Requested by

Protocol

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
an-x-request-uuid: af619eb0-0da9-4007-8409-accf8feccb10
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0
x-proxy-origin: 217.114.218.22; 217.114.218.22; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9F47
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1

43 B
632 B

57ms
38ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYm77w0AEwAQ&v=APEucNVDQg4kIKYUrr7LqtHMiA_4ISHqqC5iuzE4Td8oSDj_eS3ACad3rIjguQedo8Pqp9AkaS3_YTjPb91s4JAtdzdL1nKBnN0VPDkd_fYkxINu2m3vOKx9Tc9CtqvKCDkXqu-_UO9yqrGwjAA18bTPsqczKeu9elhJ_ArS2Wbdaorw2TuaoBg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 15:24:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9F47
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOTTRqtQl6QNtpyq.4kOxQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2

43 B
632 B

27ms
26ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYm77w0AEwAQ&v=APEucNVDQg4kIKYUrr7LqtHMiA_4ISHqqC5iuzE4Td8oSDj_eS3ACad3rIjguQedo8Pqp9AkaS3_YTjPb91s4JAtdzdL1nKBnN0VPDkd_fYkxINu2m3vOKx9Tc9CtqvKCDkXqu-_UO9yqrGwjAA18bTPsqczKeu9elhJ_ArS2Wbdaorw2TuaoBg
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 15:24:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 9F47
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1

43 B
841 B

49ms
49ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYm77w0AEwAQ&v=APEucNVDQg4kIKYUrr7LqtHMiA_4ISHqqC5iuzE4Td8oSDj_eS3ACad3rIjguQedo8Pqp9AkaS3_YTjPb91s4JAtdzdL1nKBnN0VPDkd_fYkxINu2m3vOKx9Tc9CtqvKCDkXqu-_UO9yqrGwjAA18bTPsqczKeu9elhJ_ArS2Wbdaorw2TuaoBg

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
an-x-request-uuid: 61227dc4-038e-4121-867d-a40181fba4eb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.22; 217.114.218.22; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9F47
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0

170 B
188 B

80ms
80ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0

Requested by

Protocol

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
an-x-request-uuid: dcff3f7c-8bc8-4095-a17c-03e639ddfb8b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0
x-proxy-origin: 217.114.218.22; 217.114.218.22; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FD20
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1

43 B
632 B

50ms
35ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYvLrw0AEwAQ&v=APEucNVFstFfXDEIEaMxTFtrqd9EwVlW9mTIaGMaLMGX-UTm8Wr_bpn-MWRENDw8cYqGLSuQ8qGLj39zLINod3M8nq---p4QS2BsR-cMRp8vR0pAwETu7Ftg9AZMIe8gOX9JbMKilX7vEzFW7_EIDr3TgfDWbwZnNFzc9Pdn8Bel2MDPk8SZ6RQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 15:24:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FD20
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOTTRqtQl6QNtpyq.4kOxQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2

43 B
632 B

25ms
25ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYvLrw0AEwAQ&v=APEucNVFstFfXDEIEaMxTFtrqd9EwVlW9mTIaGMaLMGX-UTm8Wr_bpn-MWRENDw8cYqGLSuQ8qGLj39zLINod3M8nq---p4QS2BsR-cMRp8vR0pAwETu7Ftg9AZMIe8gOX9JbMKilX7vEzFW7_EIDr3TgfDWbwZnNFzc9Pdn8Bel2MDPk8SZ6RQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 15:24:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=495
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame FD20
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1

43 B
841 B

50ms
49ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYvLrw0AEwAQ&v=APEucNVFstFfXDEIEaMxTFtrqd9EwVlW9mTIaGMaLMGX-UTm8Wr_bpn-MWRENDw8cYqGLSuQ8qGLj39zLINod3M8nq---p4QS2BsR-cMRp8vR0pAwETu7Ftg9AZMIe8gOX9JbMKilX7vEzFW7_EIDr3TgfDWbwZnNFzc9Pdn8Bel2MDPk8SZ6RQ

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
an-x-request-uuid: 7211bb27-4b32-42a4-a542-fcc2cf5b3442
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.22; 217.114.218.22; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FD20
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0

170 B
188 B

80ms
80ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0

Requested by

Protocol

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
an-x-request-uuid: 4f5b3b95-a23d-48c9-9bb8-4045b1937a7e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0
x-proxy-origin: 217.114.218.22; 217.114.218.22; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 568B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1

43 B
632 B

41ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGKOsr_ABMAE&v=APEucNVdZYaAK4dk83GqfERf72UunDXRjnqAyQlziwkxuZsZg46w-w5QoiPZJZHf_h0u3jVqGR-gxLnf60ozrfRfb5zgNzlT0xfdVbDkqYuPOX--Rny2XV9Dp_ZbYUaCDJXBbzzww6EjHQ3JQqGNFEM4P3vaRMdJBqN1B3bxM9lsLmQKqvlYRMA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 15:24:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 568B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOTTRqtQl6QNtpyq.4kOxQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2

43 B
632 B

27ms
27ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGKOsr_ABMAE&v=APEucNVdZYaAK4dk83GqfERf72UunDXRjnqAyQlziwkxuZsZg46w-w5QoiPZJZHf_h0u3jVqGR-gxLnf60ozrfRfb5zgNzlT0xfdVbDkqYuPOX--Rny2XV9Dp_ZbYUaCDJXBbzzww6EjHQ3JQqGNFEM4P3vaRMdJBqN1B3bxM9lsLmQKqvlYRMA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 15:24:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 568B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1

43 B
841 B

53ms
53ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzmp9QCEJuU4NYCGKOsr_ABMAE&v=APEucNVdZYaAK4dk83GqfERf72UunDXRjnqAyQlziwkxuZsZg46w-w5QoiPZJZHf_h0u3jVqGR-gxLnf60ozrfRfb5zgNzlT0xfdVbDkqYuPOX--Rny2XV9Dp_ZbYUaCDJXBbzzww6EjHQ3JQqGNFEM4P3vaRMdJBqN1B3bxM9lsLmQKqvlYRMA

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
an-x-request-uuid: 59ff5418-3edf-48ad-825c-4f6a17665c05
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.22; 217.114.218.22; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 568B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0

170 B
188 B

80ms
80ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0

Requested by

Protocol

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
an-x-request-uuid: f4d24922-622a-4125-83d0-56ad4ba28fa0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0
x-proxy-origin: 217.114.218.22; 217.114.218.22; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 AAcHTteNWvda5NIkMe_ZvVfKdabf5_TORLYnjsM_lt8Sy9ZhWQ8=w48
play-lh.googleusercontent.com/a/ 422 B
539 B 306ms
304ms Image
image/png 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/a/AAcHTteNWvda5NIkMe_ZvVfKdabf5_TORLYnjsM_lt8Sy9ZhWQ8=w48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

27686f826ed1dfe39698b13eba4ac46241a32852e3fac100dd519dde58425fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 422
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 likeit.png
a2zapk.io/images/ 192 B
662 B 45ms
44ms Image
image/webp 2606:4700:20::ac43:4b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a2zapk.io/images/likeit.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26ef1399edc15fddc1cf7e2fedcd2f5be0103c4c23e1c81c72d332407cefe1cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:54 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 441564
cf-polished: origFmt=png, origSize=268
content-disposition: inline; filename="likeit.webp"
content-length: 192
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Fri, 30 Nov 2018 09:44:02 GMT
server: cloudflare
etag: "10c-57bdea3a4dc80"
vary: Accept
x-frame-options: DENY
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2d3Lz8f68y0kXiTkwvAzFHftRICT5bW0uBzeR0ZcAFnt2zdgAphL%2BXSk2B%2BCXQV5bDfUWkk7Z6yHst9jxUdY1s7uxSOMtcC80MF3YiL4aoIowxbd8kTa9z60NfKm%2BZyXSEPkDJzXg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 7fac20168e804dca-FRA
expires: Sat, 16 Sep 2023 12:45:30 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4689 0
20 B 125ms
124ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7368415509740&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4689 0
20 B 126ms
123ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7368415509740&version=m202307240101&ct=76&x=1&cor=8236941930622017000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4689 95 KB
38 KB 73ms
63ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BvBMGX7tBWpM721j2rzPdxMj0Xi4ObrrJsSbN4HkptuYXdbr_dfAeTC0o6UZY-Ax3tcsIzAl9AhqlvdM76vT9uviJcBw&cry=1&dbm_d=AKAmf-DiaCcwNorRGcH6ZZR6h35cjRmAEYVSnWxOZtGJu6yXTHMS7PlL2yoCOVDN2Rlo47bKOmzSKHX4KTiPkwQT-hT2n42kzRJRqmNxLh3korV0LyQQEmlFuvhH5fFlqEW4LXBxKCYFt3Q48wQd_Z4GmNK4Cvo_3FDX8LhgIcMaKMQDrbfRRC_4ywUpFeNbA77R1x4km1UV733j1wR-x9OOjFll2QgOswZYs7SYT6um1UaoU4_Wiyxi9JK-3k5udmA5PqAswzBE0XvFSfxv0MOPE-PBLHWEXNoHwt24DGR4Lx7exLPBiTCc_6x9ZaQWiZjHigQm3NEVhIv8hRo6iCfTeT7O9zKF-Tl_yHMN2SqNo9Trrw9dW3N446bn7mAF5IB-nA2c-bhKKjAdg8DdPx9mwFeoGOx_5_MRXPgrccRJNB4--cLZ-WnEsS6x2ZQAwxBalSl1vLuyZYEuvyQ12H2BQXJhVoYlrEN27z-9vWq4Q7F9Qe4S6xFGDAmB57M4eO1F-r8I_CbPqGfwbLbq8YqqYx3q6eIEYodJb83D9Sg4JB94k9RT6Ap6QbXdutvQdftkEA7v7ZulWCYQ1A0-FNi3DOKTEluNLRxhVvhfKUvLfvX05cpTJ8fOLOA2HtbK6HkbOsE2ZGhzKlfS2_EUb8d8FrMItjSPsZNRqZh5sBrtwvdFwfHyvESQ6o2KTpEg0QW4fJW8BF-qghyH0vIgi5SpgJR4s0rCNNJeyEAU6bjnH6l-nVIf2l5ghLNEHT6bmircua_TLe2sXdei8VCYz3wAHjlIdsmTS6bY1LTcZYlrZRPAcys5Gxc6rTRTx5MedkdJTuGVGPXKY6v4evkRoF_zaU2ztDkw4AyfM8kVk0vNtys8UKXbLLbp02Z6h59ZtBhY7Brinym8DYzm0GzXYbYmSzuJxim932Olp9iA8E5UNptezHagXAYetBo4mhHbntmZbLI_rzegmEgriigJuGzYIT4yTWF4hzR-wEp4wagoA0STYCUZ4QObhbD4tMGzLYyrVlBM45LwwO-yb1w5F4X93xuk3p-ml-qpvQW3WfJJMYBDDHSvd2-twdoStbsAkbWO6UIqdoYbmtKrBA29B-X0seECnFxg7JyDhJsCHEoGbEJ0i2euwHs-wOPCbfjg7O7NmOXluY45hx-uR-86Mp01bTqJdaWkTUaaVPpGsPvuXU_fzcSpOlBfGnCEOeXRphbf_KNcN-qOhousrXXt-pbiZ42MlJmGZa1WSR4e23ZzrolZ8Mcxgd7lu6UvghYaTGKiV8U04FV5FM5SDlzOkK5qqDGfZmS3-Cd6eFOAq1M_tisSrZengBXnxq_sCF9MTUZzvpf45ZhzFIQU-SOVlf6pOSDmeaTDDqBsXaA7k8SrDU77mp3exQVYTUi7muvRdjGBJ-xZtNLD21LA3kZU-sg0ptpn5Tb8KsHZyjs04YG9KpQYwHvWluz51ykIj_LYQd4Gb2TLHjhkkiXN6_2NdQVHAJQM7ewx7fOFNtRJrO_cMMw_g-ihf2DUTtSdFSkyHWPMEFxIsJBOk4yQIIHOQO0TJLFRWw6LROOuBxA2n96CjC_TKMHwqbfrTEIgQkhpDD4ktdoSQZpgpV_Bke-PtgEAeLVWMWjfH5fTmXpxK11bqMJMoIBn1GTc1Omn5UUHH09KuZg2rMrcch84SV3H152zcHgqq-yXBdeYIdxP2vLnLp-bxbWuz64dDnJzHl0Vpq-1m12oQOeG_oKNBiVVOYKfq9LDUASKsFgwb-trg74qOb9bHoJe6pISnHhhORCz1vnVcTVgpIrZpBoUVTZ8tXH25MXLDu6Dmz9bG9A0SwPd9-HW5BY6qOEIOY3sQs1U678a_YfEWv4sJB-BiGVgLWlXidhMct2OBD8w3rF0pBi1Z9zf-qzGj8FPQMUyi3OSYKVVVnKpjUo19bxssjtAsLJm-dNi415HCow1fdaVxt6sltwiM82o64IyJ92pDjAjzzMt-MSH7TFHGHIJOu6lxBpEIXu6H8uOa20FTJVGRl8HHI80nXWIEN6Be_VsJ_fCcc_uum33K4P612i3rVvGeo_H9lTcbCEa2M7lWHoGg02wnHkgXwOUrwUz2MKC50miPDgsvea-QrE2GAEjiEaUuLkfOpt3hTi7dwjHiZADb1KnF3INdGeIrpeQqHS44yK2ve1N9hV6x7y5Ly18d757FbSzDQaM824Ci7eBn8qnkOTTCQgVNL_gyCe_Ed10oC7bZ_83HZNQ5LjecPZjollW6r6qVOQm3oimKLjR7-BCCNbbwrHx6o0QaOtbCL55tE1EXrnnzKql1c-b10w1HQp8tfgIo3tF9zc1UcKRaMkkaaoajxorXSrZCl3h4vJiWxSSY8J_xh9HEMjDdHHDWqgCxkSaC9ck972L8onVlyOsRyG_sfsmQLrSjRJ8yWz2BkHu77UGX-v7qPJFqaliShYFp_QY1bvAZSxsLLAjWoplrpQciJ6m_kii10Pf6h1s5eLpe5fhGd9WMpQXKjbBke1klXSOq_mN0Jb1Nc3y4B3lbM1PD34FcMwDV1GI7zVHqK9_PNz75i-WiVhxvuoQr-pnBlBGS7mPQLXArm4yIvex92ZjJdMWwTUuKfk_TzLs8dtWhl5feFI6fZ-p2jIOZPNyKZDpzVCNTS73ArHqPhVHssmhM71m1D84fRY4UNAZYxBX9AlCkeJck3qg1ZsvNVk1kKtxg-oUFFUrzuoukZNJFjaYUtMO1XJ0D0gMT5iSzc6AvzSgpAx-9DsQnjBGGkAQ8mUjWqlIFV-k8nhy8pgaP0mDDZ7RdUTRGPycKxToM5QhTyM_TTI2iPpaAXwmUbCOkhqGMScupcai0_C4A2XBNqIU0uY7psaeYA36OSBEJH2LH2jK4dJniKy0To0C5wi9bVKHmtnsOsBaHYD-XiZiPm5gn3gl3vsXXWLWzmbnB4syp0A0XlsyIvmx0zBhuaKSMKVw_elU86yUemHPCujQdiwqLAp-zTUypot-hlceAm1sbMV6yVgGwQgjcfOYGBfRZ_I22GPiph9K_7qsCajtlS9DA1665ts92_RocAEuXc9kzg30KkGx6iTRMQr4-qnEeUuwgBEDtBJljaOOu1impUJlt-ZEgk0E3YTiXpRUQY_zsWgUotAndMKJhrbIVMUOxhQmzmX_hAK_DS14hQXpLVrQ7YAoNoc8Ht4hk9rh5K4n3d-1qKStIIGuG1auGs8LXHDetolzlDp7NFb5XjD6zlFO20HM_aCmINVqWzHhidOgFu0GTrwbUMuPfw3BDVfR1mXfZNnDDaXnguMj8cbPefRj6EO9weeOqHiZ61KcVeWXsoh-13NGYS6nKSYaGssJLOaKWG61Lxc28OKwHLvz_3oQl8TbxiEckgPuuh9ug_oQcc6dFRxXPPgWhmMbHTddox4Y92-Gy7q_DyMxdW8w6OWl-aI7XyXU3BVA3llL5xPdZ-4Z4aAcWj78t6E71PXM-lYX4ohH-YBTSYiH2ay3eLCDiT1WBgGKKKFWaiBMSt7J0_DE7cblPTk4GpRTU_NPoymUln4lbE3g1Wh7SLQlS07iW2ZmpDUIdV9zjQ6OH2dEp0c10L_C3TZTYSaaoZiprqDWAvDz8VYvYn0nobX1J5TrmVgYm0fVCrKdCO3VUBHuhwTwOL_kOF0P&cid=CAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=8236941930622017000&adk=1761367587&idt=158&cac=0&dtd=58

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba038dd5fa8b74a78473b3889998b2e0b25c5cf740e4d2d899ab0e7e728ab70c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39125
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0AF4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1

43 B
632 B

57ms
38ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYm77w0AEwAQ&v=APEucNWbFYf8gJIsu9jpUdlVGUZh_2CMeeVmUK5tkj5h2jZvwdjO_XxIm0hiHNR331XmdKDAbiz1HIifFH__TL116GJMpr-hY6JZ0sBKEyKzQ-QDibZvlODxX7QIoCx1ghGAHTzfZZPvfWxQmHXTMzlu68817c1lZiU7HWdB7pwrqtPNLml_z9Q
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 15:24:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0AF4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOTTRqtQl6QNtpyq.4kOxQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2

43 B
632 B

256ms
255ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYm77w0AEwAQ&v=APEucNWbFYf8gJIsu9jpUdlVGUZh_2CMeeVmUK5tkj5h2jZvwdjO_XxIm0hiHNR331XmdKDAbiz1HIifFH__TL116GJMpr-hY6JZ0sBKEyKzQ-QDibZvlODxX7QIoCx1ghGAHTzfZZPvfWxQmHXTMzlu68817c1lZiU7HWdB7pwrqtPNLml_z9Q
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 15:24:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 0AF4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1

43 B
842 B

49ms
49ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJHlswIQ8KXioQIYm77w0AEwAQ&v=APEucNWbFYf8gJIsu9jpUdlVGUZh_2CMeeVmUK5tkj5h2jZvwdjO_XxIm0hiHNR331XmdKDAbiz1HIifFH__TL116GJMpr-hY6JZ0sBKEyKzQ-QDibZvlODxX7QIoCx1ghGAHTzfZZPvfWxQmHXTMzlu68817c1lZiU7HWdB7pwrqtPNLml_z9Q

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
an-x-request-uuid: c53b846b-778f-4079-a17c-653eb71fbbfd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.22; 217.114.218.22; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0AF4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0

170 B
188 B

59ms
59ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0

Requested by

Protocol

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
an-x-request-uuid: 9d365b85-25b7-416a-a08e-811711edab89
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0
x-proxy-origin: 217.114.218.22; 217.114.218.22; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3E01 0
10 B 25ms
25ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_gnNQg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3730 0
20 B 124ms
122ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3974469828004&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3730 0
20 B 131ms
123ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3974469828004&version=m202307240101&ct=77&x=1&cor=18022030269136744000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3730 16 KB
12 KB 81ms
72ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BEC3Dffk05N1YsbfpTQfqJTIQwiprhfgJVO4oSnFpxx6vGkaN0a9FdhXVjBIe6Q3Z8PZbQLzxFhRElRXcN8lBvjeoXWrWCsMN8QmYthwJa45scKwmbNCjJwVuBx8-j3fZ_bA2qdmUcVHl4L-X0SuX3lmxTqrAxE4fNqM5tnNgXc4CYFXo&cry=1&dbm_d=AKAmf-BrVSzV1jZWJ9xNXg3lAvdqIuPW7nejwXtoivQPneUkDx4dl7OsKC6gbn-ho-mY2Kp44wmaMq-xewd6AACDewVgL7jIPEId-hn2FwrwpVLOIDEOagbfOnhfcdbFoom33TsXAl9IXGgtKed3ShUxRZRSpkxPiGGb1m8XDJk6NS4lCt_JyR0czZZAFCwQDdUsp0xMwoPFHQXVRPwWaJg4XwoZIAaX8bjmxlSWMhKEgnWkWteD14oLPPb-5e6q0TJTj7Vyux5jScsKQB2olFWPZxaP2P_tE5RfP0zc5qy19FdZqgPaOVG5Nu-Wyv7FUYcnh8f8Gkfu7Lm1FUj0HbVF8rtXun5RBN-rZrdiYR9cSHex-ZFZx9k4KnW-H7_X0_amObDuVAmAMZmNKfZMirzLVMYFN1lALzVL-Ts-vH1DwsOdu_19XvCeQmL5bBuCdV-w5OGu9C3ClGumTSVmOIlTqPT7yLA_ruVR_sg-U9XiusnUT7LneKddzyXYirgdLdvhTFP_cPCbAT0ECeu2J7ihb9zmqtuWpQQRD7bBdt-mhLCFXcN3qEvCXlKE38XUplYZhcSc07zrzy6uchQoCOlhnGTslyfEuV4yDtXRayNM-_0ACyLvwpi7OZzMiq9DnvDpYPVpI1oG0AsAv7ye3PMjgArwM_OF4sT0DXmMujWwKgvXEa8MYB4zaqFXdX-SA1Ua6srh2wIrsf5xWMLW1cbR2EVJgKkMNRwBneXS4nCibztlEyvpaNk4sC4r46Z6vL8lumUG3tEt-GjnHamPyqvEv57FIV3lHP11dNnMCM18Bf728HvkB0IilMPR2DZLLN--3MBDWbgjqTny1OLZ514bK-3Tf_Au947jnDZiM5OKiQKOZTwk8txKelMpVBj1RzC1PdKwcUUwFgtV2lePuQE0J-AA4OxkH2LXDh9-cTL1_pyIBtMjzvTcYRitsJDoYenidqRE1jo9eLO90ke9DmQRqqz2lLmgC9j4deSnokppsYa9NZIsxnnvRkdRQqUgZH9Yl_AxejjKX-u3_Yb02ewxhdf9PdaUX5Arht3dyks_DVFHd5MbpOiKVMdwnv9mIQBzEulr5uMVoiJM_NLRi6TnJifjj5DC9zZql2jyuqxnIEsWQ74rnHVhK0fifKhyNkW_4ELjB08z3RaNNN8mbkVpmKnAnGXk0OZkdPO8uenD5h6TsfSyMct7liyaJ8L4KHg_e6QpjTTiz6fk75aSULUNbHWsqrWvyFf8dykpAdV8TozD7ciAj-Tuwb1r-lR2XkjORzNbib90FKqNSZwoCMQZGgglpVBecTkShSC63ovBnnVkyVtPs0KiOoFYm8lMNOy9ZdApuIRBVkkAurlPIFZh6g06jRsFBquUKUcJULAUIS7iI60069Z-oxEtdbc4R4oKYERHZcgmH8uZJXKe8JunB1GogBrtc6ea1D-nkLuN1pQkYxTCvgRQoXE8c7WQoCjHt2EIR0rLLVfBq14WODv8q920wtFN8IinwNUJ53S38-XGK5RGCaGw4aKjBxfMVfQd7AyEzXzvX-uqz1b0lA7SkGGNdAGA7lhSI_h0NF3czvOYzKesPsP4_62pt2qwtuiHSlgUq1vmUX1Fkn5TEr-rtC6SdTEY-aNB_HywqGJxtv88k479C2sBVglO0jNQB8HwU4WvErCHm6VQEQh2OCkEfXvTItkRHu9Qz_6LPPgeVrs-ob13ZtimsxWF6bJJ9VH1OyvR0OOh7GveY_GhaFihP6ucxyu8IniCDsmJ8_Did3y_3C0hQd3cN_LnCF41Fn4TAV2qDKaqchdHigLNQ6Gi4aXhBFHtco1dgsol0IzgIMOYcvhRmY1dZ_DzFPdFmThA7MSGdD0S6jLx6t9UQR7rz9-RTM7MHK9jLl2y9CMOD_scECgrTx7oordhO38FFL1-ojK6Axrp9SXKjO5gQafwDrZYhenCM77y5KCyRz2TGevP8kkD-9q7w1fgBKX5rz0WrzDYw6b05B4-YWvgOct9_ZMzcVU_j7-EkcWVZotKbQ3nqpoSKn6wHUGegws_TVgAGapyVEEJrBcZtQV6d84G91P6SAFnZymfI69tOBddXNlbKE4twrIMHPOJycGAk2j4QyzvBqbOKDZ4tPMPYgNVzFVs-X6qnFOSP0_TSCOr3TasUVQj_Ssupmj1_fL_vGK3iAD2w6j_S0LmAU8lzE8-Ajistj5hV7l_mxQIeNBk903C2bExbQs3lAzIzeydJvpgEoH7RibZEihv417o1jzShVNc0lnUCbrfjcr0pzIBal5ECKdDKIjez2K8QQ01P0-4GS_lXCx0qVM3oJrDemyFphwvyfITf1WFHuwIg-HHhZPkhfNxi5Sl6wTckF0wQPyyAuo4tZHMXm9-HNjWpI1N7MFPPGMHwfII4GDPUoJYSkBlpLsmmWodzvwbRTZGutMljftmfVHPZvArdS6_pQxi8zpd8WuW4OPNzLBpS0bJVeM3yJ31eM1Sz80uTuPolJ-1HmGebszgai5gWpogW7sToVib-fStcqvwyggvDE652MYw9WakdQQ9A1c82rZK9FoCe_QQ2gQ7sX968EbC1FFFyZ_4frP4xTHWp5mh0aTuC-7xLVc3YzwOzYgWjIbEkVPIJbgV5EUXTigOC9RdMztEKzrNRXFWbBWHvbk3g_Gax22u0NyREt7vQRm1HvH6CEd8A5A1H40PM-4TNA7FTWM1pW5FVzPNIT1xMeYiB_LPKUw8l2o0tVKfyJL061qcD0G88kaPL6ypEs99XulPdWntb89PdDmgstYIoDkPNqJjKnJX3_ZI5G1NO0Ilz-KNmauPnNHiUoI1dxbk9_pWK6OwYgueeBboCX0s1eBL2KZn7nc5cF0u4jK-kWM_-XDorMUPJFCW9rJAOM0Q7adSfVgQ40_rPVCI6yDfobjBdSBJZ6GQUl94-DeLof8PU1wTlgpuXUtp-FL-FmslF83TI1aK1uIKKo_hElFniccR-gCkMCjYtGkemDj54eKNIdpbYVMo2CaSQ981pQvgMblJ8mLllU_jd6X0fCOOUNGSpMtE7JW1JO9OIqGyS_h24NzQUxF7b-wnqUj6HkqDMQEJa3wwZpmJeOlFzhoyvSQLHd583dav0Cq16mp-GKD7T20PDkoZZWYdyEC_Wkg5zgXTBFd1NTJRBmt8E3bQITwLwv1m29qUipCZxRUb6wI6HYqiB5x20xNVD55g9qYVvCktQzfXX3VjIY5f_-X4KzSfM0XLt6Cb1KBIQZceGUdtENMV8awg1_VsXRGi4gwgoac1dQX-ezALNm0OzarbN7T-U46MnMMyPXAjRrBkWaFKv0BP-xnblEUcelKfeS7jpS0f13ildgmQkzmEh4zr9QK5CEnzl57os8oPAaSRozVyO9RP0tyREr7IDP5YZG6pJ82fZpxjLUkGMY-9_4YCn_a1r7tzjzZPotX__cRpGq8qPDaYZKWYcd5byY-IeWAJ7QtzW8p84GK7qBMMTrc3vXECab-CiPo1qeDno9QbupZf1fwsgf5glLxdk6ya9irhsOqmn_QLjJ9sXh1o02lfX5PUQoQB1lrERKiWl1zZPR6TDrHdonAV-AxrW6g-BtZ7i5Dw4WOtDu_LbYKyFlgoe4gQWkYuV9xZH7ExwZ5RTrZQYtImF8r6W77wX4l3_P7eOSeriuvPQQ2opdbNB0UTpCqvdtHpso2OAbOiRlYZ39_sYlzOac0Emj5xnPqsdmkqIVQPibaki-U4QE0OkbpVq9_D8MFsKedWIibjyCF1HwufRD2RxPeF9ChozI0ionxz-M6p12QjFse_6J_unGswjRRlbvpt4QVXyIcTRg1s13KfWmgED6slUEkPr-IN&cid=CAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=18022030269136744000&adk=2228999115&idt=233&cac=0&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b6d024b1134a069c6fa15dc801959fdf714799db894d6bfe8fbc360191faa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11829
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C8F 0
20 B 128ms
124ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1731561290809&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C8F 0
20 B 127ms
124ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1731561290809&version=m202307240101&ct=76&x=1&cor=16630688949248827000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8C8F 90 KB
37 KB 128ms
122ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CX9_T0MGZ0Q9HjgWHFobohRTdObYcq43QTpzYxhusEJqd-IFa7kAjg15QRvGYR68_YuoxPd39CJWefM5N9rZDsaleThg&cry=1&dbm_d=AKAmf-A8h0WYZi8mgh2I9aqIthy5i5yKfM1ULMXm7cqrk6dqNWatTegqYPMDXcrDH-rhSL_OVxMgFmBKnrBJa_C1--EXivVlfBSo3ZEYM-UR_mL3l3Q10rJjome966uoHWGcte7X20JHKZa_lCxqdrkyj7EhQ5j_NE-imkf76T-mqy-dgQtGj-LhZUHeiKtYKHjYwNse0uIFrBHAaJkRqTIPWBH6XVw6Ro1Se5YpVxfsF3NBYnQObex-h5gyKsPjULhGH1WKHbcpi_ZvLj3Y5B9HKXbzWPd-ripCCCYQ-qRN7v4JKtcA9mCqadYiAbNiczHPXNSGwS2uL1h9LBU_eva_0kXTDrXBfFn7LlqR16j25rL-gHcbyz68-IlgomGTPvF1txTQa-nuUYU8mhYBE_mquXO2rclb89FDppnoNVavsPjN2aO9ONl-BB_pRh5db8rQu8fe2TcHxqHw5SZRRANMSJ-8gvZp47jaJhCNKPev1cuzjRaa-82p593wxWTjwE30E-kAkIQ0QsbOjBelLG6tyywUu9zheGJoxkoM9xWwi3yv3MFZQAAO88RSMs7fVCgGxKCtpQYOqYfzpq2m7kFjANvkHUFqaeGbyZk09AWcMzoybw4UJGiXrlVoEXQ-QYGjNHMCLRVWJrhak5ABN1cEMYADJJ-R1hp4meOxVmgcostEEy7ZRfUdAWHWEvymzIDtCutzMClmu0wbb6s9GmtfvrENs45Vdje8jgUKFxiqLzvaY6Yy8BtE3ZEDrSnkx1i3uW5YYUa56U8HoWVHYUmYKAoGZ1lr-hiqXSE20wb3SXh2i85Wc2wQ0tihxmQG5nlozNygFNTnIYsDtWPvPJ0wCyv7cvN0A2jj1uwdS2AfxQ5N6lmEpG-hNHwCkU-ytKHXPZnhyCONFp_XOr3h97eTjsWo9tRWHKso3uMSjKkOCHp0d0s0OQjjeYULPGu2kjq-GtwOfeI9G_906Gn_Fl4FtfLL2NB9jrDv0OMETi0wd7XfQPajY0HNl2E6HnPqpB5Ck9SZbBL1U0FxTzUKATTvZTYPjuP-ojHAfzMgn8-pWRHksglM7aKtLQO5Neu9YjyrNBhfWEaXfufiHneiHtWrrEePYAKaX2LGmZ0KWCERSE9iqsJb2DZ4h7oqhY71IpkZmqDEQpDGHYUuSWkiLmlGLwkEHDxJe-NaPG4v8HFywm1syXuC-GpNYGLHpAQLorwsShKjJWZzfPEutOpLEGcrldM9d2jWvgCPmyH80pkakGpe-UB8IzDsyN2x24WKqrMIfI7Azu8MCQCbIqPkmQSYnR-4wpapJLfGlD3fqk5htSFsAcTyUNH6TcVelssGA8fIj2Xjza88pN1KmES9934RmW8tP31EGJhEZEjw_9y-l41_yxt5TAKrGCBAjjD1y7RopleSdsBSP7Mm5Y1KFrYZ7e10fiwCrBZHEzfgmBJTnVCSILj-FcHKGbwyvvPWdX3nsD5JPpZVhpCpywMiHFNPCdMz2eFTAl6qtNjT9LZqxVcfAnGA9EgQoLx0Sxzm6xlf5q3WevYqENoG08z6a3E-zPOaJ7uHP7-dq4EGWP1zSrPZyn7zd4-GvT5KH2wBnbDHU1PtHAQZZNhQiAKn5eq9AEHwS9oan2u-vO3KwPBQVgXrkQD9I0Tt-mKw-hqM8zZ5Rgr6Ja5wFj0yImzGUiWijgA3vfulA8qZ2je8qSTi3hjk9VKaBLPta2GaleOGOLxcG4IMOu_PO-ersNbsXIkI0NZuHYWAa7oQ4V-Eov8npw3fOuWIJDD2Kuas7PrWAdGB3dDvy9xRE6p_jzEVvzGuMm4qcKRzss7HYO_EtlfbGfXaaboPBByYmRi1xW8qy70rJCAKzbGSdK3Cks5_KlaKaVHY8To2qZ973-Zu3f38L35w1dZS0ETiASUwb_PbuRM5Pd_w2alLHTHFR93_PUFUSGkX1Prfz2Pth4r5pqeyIKeZVVioHKq8PNtMzMcyMqHR8GPRybZow1NzrE5ck65DqQRMjyo3o2duCOS6jqvDuf1yRvqc3R2qTJV4emFHyBQPgTPi1qLVuQOcQ8IC77-Ku2VLxiVJYWymd6ecDfbjfTKQ8XoZyDeYjy22L_Z94BITCljLKL17f4E7E57dciM5PoEXJRxH6cWpRKinZoyJVnURK6hFM03bOIkX6-IG-aSZPkX4EgArhqs3-evbRihjTyHmcI1ewChaTbud6VNX2uvq-h0eakzpeeQuLBpNz3foeusr6sWONw2dR6lWpJKtSRdIy7rE8Jw0xYA-wv6oZa_osAiyq3d_YOQ_LizgSWi7Da9soySgJ2wYF5Qb7iz02hfx2pIgUM0pR4UuELYTay89pPA2kkuB6n2whci3Z5NDZAIJUwEhytn25NTV4nXCw8o6USZyF35req4ut6mhrJXKo2uSewT_Sc-gpG-pKVEcSQ4sJmt09umwQ75fjykTyHG4VhTyG9A-ramHkeI9hzlV6oN7Farx4spBuAUOMyHOcpt5lTHAuU3H1ipT4EHrXhtxfs540eJj1WCrJ0-YMoU856zbfos16SblviTaPvDWd_wnlgI_n_L6RF9XcEJECUaXXSCcmQyrvwirj4G9tBG0zU97XmuwzX5goveOIDusOcXJcuSqiz4_rYj3wO9UUCejNOMZBpJXTxwCDTAnwEyZF4y00OF-vRvmPCDt851CHK4Ka21ma8zEKU769CTpDFAZMkL3JGZsLO_Z4jVu-SskMsuQlmfvg2hk8gCkjGXKN6GAy8N64DQLoU6uOmjypKHioLNdFOIcZlZIZlz2UR-7ymcQQGWyvbYdVki3if50mc-kLwhEOoQUGb2ZXgf8wWLb91h4e1ke0uEcsaiuvucLHPqfI5hJeBiPl8yVIC5HS2K5vtrhSQiQnVFC8y8RWDB13EUlpyqlhw2NNwWrPXOIvnr-AaduMEGp87TKYZ5hB5jmL64KaKnPzleMlHVEt0BTGcK32PW-PF2aQfDYXmLSPO0yTSeY6r2OsQTBY8S2yzgnmcHgGhk0hMOevg88my3TgfbWOJu9kCcOe1Xs0-xDPT8s40D66V8F1uCkvCfptmVv0cAxnCBnK-_pKo72ctuBYhAwtciJkpKygzSV9YI9a5GY37jriMQ61UU7yYsT3PMU39_Kp2Ufe3lo3zQgGSaY3l6q5YKXNblQDD_ic3H9KWNnmDy2-3PTBl_v4K5fOaRBYPfEJcgvnBFSFHi_vJngeevyD7ss7O0aOW6mahFuReqnH1fOszzwrJHSQNiCflELzkJc62I16gTCzHYT5WwfhDeoq8MsoQALLAZSYlPo3WkvqtRoXoabfun2k4ruCVIef0LciLzou5VOCMBI_fYu61GvocYWj1EFLbiQGxR7HX1r83y4h16Zke83-hRHBu3KwPwjCZ1VQF7IDgdL0jfMDl2fsDRZSoxVkizAuMMBsPaj3RYDnmSrFHoNHNXjLMTsKFvYZSudNVmLZHW9QC5A63jgaQ2cRHxcpHb6vaGdjB81_C6zKl96CH-gTvKGHV97wKeN5-1-a57Srdq7223BKwlBFgNtXHYc4Kx0ROVNzl8OTGnlAlRZAuVmQvhHkgySB6WpieydunmTqiFNEMJGKS2AzW5hBMZTMj-DCr5eloVeGB64RGH_QoBuuLZP7tJXZQen&cid=CAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=16630688949248827000&adk=2857193498&idt=213&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8365cea3e277750cd7203e673596d77ce0cca27d97a30365408e440fdf673424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37593
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F1E 0
20 B 125ms
122ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6901629876719&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F1E 0
20 B 126ms
124ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6901629876719&version=m202307240101&ct=76&x=1&cor=1874735323545788200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2F1E 90 KB
37 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUw5jgZEHyMr-oagVJO-De-IpIItDimnFH4H3w2VQDmKZWrtIXWLKc_1DDEZVERQ8tuMgxECVBVjRVJRfZn3lLPopd7w&cry=1&dbm_d=AKAmf-B8m3WEUAPzGjwEN_NmICJuM6XUWNkHHqjZN_R62Ia9S2eO-21kK6jxtp3pCie4bsq9zsovdUndXOyFtzoJagbkZuA5bVmHWC-GBI3_RgNPdtTszY2Vr_xKr2fBwJIspxCNaDVydXtHr9UQ1g2xVpYjPxj9-z69DL0fv3frZBPd0wN3GegUWQxOdzFPp3S7x7k_0KJEwxOe21NU7tCnOAF2INhpBaOfLTMRtiEsXyM4EJ8nyzYa0S6y8arGeiOzTNy8HAiGXYT6gr25jJp0a7C0lt7XID1T0FhJK2f1eLAA5yeAypUCABEiH04fU7k01Cq9Uk5ckdEPtM7Vr4MKnXooGZAaYirM3FbDiqnqiPm8AYIWfoFCw_iaP_K50zcf7ARULKcBXClAi8dHwbsYWnlsDsEmwkpU3VR7QgB5WYRtyqjx5RU-PKDgeNP93Zm5LmlcsT79I0SJv9aDhU_7vrRpeFOTJ0OvR5Mk5jB61BQHwmG0iV2Hl3CF5LFFp-iuZPd_INlXNL4JVE1jLl4WySXtkkGU_PyPHUF2m263ZJJnm_kbI5GO1QYjhZgs4qyxeglQYS7r7XPEnNRuy8UrurEV1GwChK7rQBqTo6aCzbi7TJ4F79YLgEyLuCAK9VFKyFPKLqfKTEpwa4Am856dmnRZtPpkvsexSK3ic115nsdnGHpcfO7lzZNPAvedJ-0BMsdfnboef0CnWWOS4mPl5XG5Q4yyAAzoDO_5_xPuiL-9HWdIaqrrVXub3jKYPa6imYGMT___UYmpAX2KgmIJuQAcU-LoKD89nNaXfUE9rzb-lBlegFvTWgipimOfLGc5LhH_cksaAwXJz_yWhfcNWbjhxDg7qyJDdtnZ2pxQrOApGzoCfnQ0XjJuWUnMX-GMmdHabmd4JPMDzVoZ8Gx5APu7dmi_1WBsinQFi2jrhDp_mkg4XMkIq7PHtbF_bxU_ehEMEiLvFdeFT99gxvgy88ruQHaqlQalc2vEpbWhkfyOLe0BinE61SIJskHgM2pvpcu9TkaPVw4rZcWXFzimwMQigCLpWcwSLOmi_NsZ_YwL_BUJDJ54MqIBNXqLtuEcCebEJztcyYRL-g_qxNyQE2EaXagX76Jrwesc_3QaAhKP7-OZ3YyJQIhFuQvlLIL8yuAUbFZonNZ6RSlQvJW3zs95QL_C4UfQKxqg_rSZwmxZ5t6O608Sy8LCxBYRcaj8S--NqjYS0_o0cejUVc8uKgZboBH3V9zJv3kZmpxkkEUrQcFPT6us1BXsg5Rv1HMOmeclfBDVHsfjzn8Z37gSDq6k6l3qgWcl3DeZznVbVEtC0ktLqppMjwxQP0jSZaCtS4D3Vfmde8CXBnAvKnf2LZRTKKgREak2IT6MJxKLkOa6GkJzm9cZsgSMVaLmq0g1vtEZG2L3e7Y5t_AUuk1pgJARyly_oVy7dwyN_ZR2y35lIxr2Off4mHHvoTdDx-OOWwFph1yaxmR9M3tM88mXC7HCXFVR03-GjJj7Cm8pQRzxKo-ExDzn_WVRfoFI05e8zrhMM8pfiqvKWXxdu9HDhW32byafXbvHw_CWiw25jhocoresRnwdgW1rmeedLDR748JWcH4ZzYup1n1kOFAIPLOY4QrnGY_Lc5M9fkuPcynAljNp5bDA6lv982P9Ta5M4iYasF66AVOLLr9VlO_8M7iU1PE2IYbuw-5RF9XJxCguncjhHMGFiMBzYUXhm-2i7If_k0T9TB0R6J2uRtcWZRqrVHV41fk3mxU1DUMEhpg-yXk4I5z7_2OKbK1ToqBqAcDls0wjfIwFHU0DTyTYSAtwqoUyZTN3KIP7waTXyDax1AKDnkfAvJGmwB1PAGmAj9jj7YH5V8NOCj33-irTFjr2b0VRLbXqGWJfmscaqwXE3cuhUgMHHd-AnxVMQso8nEtfAetKGmtie12xdsstBvykmP5i62QpWHjROdkVW-TMWA0eKqY2pkhupFAm_pyBXHwDyR3oTnurkUAPTl4UoCX_0aHSM6Vl_0fBzt7gwta2Lba4Q2recR_xbWbVmU6aW0D68RjyLDmCcL47UjLe6AyrkM9dbL_j5w2eX5qI5-GTPP2aH0LL-C2jqwm2mbt0DEp9JjznvzEgRWCiTqJz2mOmsPpkfiSCeK_e_FDqXlqbq5oGc2mo1NLRdJ5wnSRKoUVjQnh92IeO1tdhh108msB1i6jdJOihVdR1n4A4arsQLAAf7G3EqKvZfbGMBXc642Vno-gp0zqXDTr4lNE0IDLyiMH-11mz5o4-XTspNglWCZ9OLxpoQ4NtJppJU2qLliFQB4tekwtke_dORhPHGWySeeCn0DIikZ8x4B_Aiqf2QC-nEraSKA9OvEL444dbqAr2NKETsjTGt_mNAltzf7EvnEGuwagaWjnkQHM-kBsOyc8NQ39Galv7xUXo3VINTgdBDvwwkOEAKiWXcCU6ZfFgWGgWa6-kKOXtvXZLFxrUAo2y3pmC-DlqDhvNfPzbdmk8P681ddTqDbZYV-Cl4oQBMpNTrFJT-i2P9YIUUptAo4S2fO9j0HMcvjpKtx4x5G8tKb8yrCZqqLIgvUzDZ_oWecJeYDPr5Bv6UGPUPXtLDR2YZ4CnJtjvtN0JLqfOeTgm97mDXcps5zjrDrFRA8gXszjR1FYnnG98_ljyEDyZpCla4OUSFiyhTr31qxxL-0lcx8gKsk76ZHiKoZhdXAsSfmWlNlRbMRILnhVYwzXmM6Sm2beC4xo9Z84SEc3aKCMUH_FZGhoY2GQwSKBcoG_UaqyViq3TrVMvSy7G2CBSb64nFdHc4-L0tDwrDNxIkZiE50RBKIn9z4PbBeuC7oYK-gTgLXmljBt3YBbw-GHmsRpEqU9W4ZmIPALRnQRmxH_O2vHDL52D7itZ377d7pFy4d2ecxGMeO43TEWIsPTvvLgTWMyHpF-1m4YqyAEcNxEH6NjBRKg4MF8lixA2U3C_GqqNjD2_dAf3wsgA86yaenEM7-JMFXLxSUCLmSOgH_S16XofplgLZbvdg4acsIN6qgjayh9yCxMX_KjjvjwHFAzN-UAPoaY5BME5fM9fLAeWzpU9SAhK0aE70sykC9qvlgqR5jPXPKK3SJv8cqmONA9PIInMRhpbi5RUWQR5VBlr0yc3AWBAqwsfa4XLhsZ5wN9lsjUz8KwY2PAvU4YT7T_-V-QmsKgkyaesKl6h2VBL7klCCmRETmAkmWCVnkmV7rKeG_artHYg8o29kxZBdPX0-xTeQzwPMj0cRYfyfkmVQXyLuPuuQZbPmO01vUINYACagBaqwgxRv6B3kfNm6cqaSMdWnXDNVMm0uysEzwYBWSjrwTP-jqEiucNuMWHcVDWIfcvNUiUiX1cDRmyeGlnaeFyyQ0RggrAB1E2lwZ5aZ6bjSsgOWz_L7yn9mpuZnt4SGuGEZ-5s4V4_cQHyxO6g_E818RQIxHiubS-0W10TT9iK-lLxJ7xsP2oQLTDGO7Xi-Jp8NUzUYmRNsV2j7Uw1j2uAxCaB93iQD9lhxKdpgNetBEcKaP4DEuJHxnVfeEpj4o2tyVsVBAOQEWv_NxcFtZexm-RqSBp-JXC1T-4J4xEKY3VzF0zi5CodlRFeSMST7A3oLzpZpXrhLE9BvxVgdJI&cid=CAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=1874735323545788200&adk=3047537735&idt=230&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acfe7f0e44d91d11d308eaa498d205aec0eb9a113bee8d799981536b626734ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37664
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3293 0
20 B 124ms
123ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1016107701019&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3293 0
20 B 164ms
163ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1016107701019&version=m202307240101&ct=76&x=1&cor=17056391933747937000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3293 89 KB
37 KB 130ms
130ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BftIFi02poxhl960PhpECrXuGmv_HyfDjSsVx7f4paWf2t5WwC81binePtzR5DhpgQGxhZX8v4CvsquoR2JE7K-lIXtQ&cry=1&dbm_d=AKAmf-D0dYmoI0eQrpiBS-ctgnIIN2Wwis__fow5OJhrUGOde7D8gNhjOwR3yP0cv77H7ijwgM8NhIhywzum9WNGXT7-16LUqOIrcqixLh0qSsL-aHN8394shXMWO2q5S9uRO2zJo2XqS2kT4ybF9XLWPrFvZeyntaIuCkYk53sEr-KPEQur9VV3kzhSyhG_ge4qY5GIphVBVXcuEg2Vf5327pA9kTH4vgOXPNpODGxP-WUpUoSCj50djZVUjrLpMM-m2aDIylMceHbGMFW6mo27hq6B2Ziwgvs08QO1aI9mMx6Nyi6N-5fqVC9y2-OWoMFqAP9CWkAhsgZY3SCb7OdAu2LJ4gc3XH6LFdxTEb8PZ8Z09Sk5rHTn20gcTQ05RDSuflyr3EwEzvKWDBDNEcp3kCYc3op5GU7ve9LLnPKjvvDcD2EODrIrVjhlHhgCo56VDJfMWsjoaLEWvU7KcYJ8mqb8tcEyeg9fdHbK4Y13WnXCY_xj78FQ_LAzCXtNRm0urL94pUMxL4036mB-VADOjUWk3dG4suZctXNNH2d_kIgssO9sEzFrNyYcxwBaZl1tdBmGrAcD_iwxt0azDjXy6SycnnExtPWXks7mYRq_PsBfbT9ihADbt7cYM2UEwL5yQ-mgH4KyFl7VxaOeOpmbiuG-a0LXdYkD1ESwlL3TuqWcpPuDY-k7Nl86TXyZWI87YBFFzQy2ATu-TwNmq5W9zthisL5vGK2f_3Bg-8dYkVjk1vL7-9T9u4vY7BsK2KNjIPDDlxXvS5Wrdj-8ntgd7Gpb4iT85G6EyIi_in0t6cqDZQsitcnSKwKhWpOB4-zDvmkUhJz5nRIlkmf6VFMtPMZfBdTTNHrcakvGqtyYEjqw3TsGWXrD-FOI4n2XBJxJCiphaINC6V1z62l_2Owm2TZF5-NUzL0ncecRRgPookYfV5onqFRUP5GuM7_6EewUW54k_g-Wi_t2XNdFfMj8i_X0oM_vpNCJOtZmPAXNRPR03R1W5w5qz7jmcUlchUEh1ixWUY7QaEEJwLjX8cMCsKYiNBhn74C2Q1u1fK7jp12riaOccUfphgFqQdC5WifnQpFlK1BXZ8Xgn7AwoK_83wL_c08xAlqGFYEOLBHJyARzYTyhI8It5muwtGbLw4CeO4GnU3LKDUmz1kKAvdONiih4pMTGAt7IejB-7YMENUgn4Iz-frA4fMbVCXQsw4G4tvz3hd02NIj8awkOW9aq04eUo-PRKzGs8JdkyTCe_LmuSUn3F4TlbjBpk4QjVHYefjD1XAofrbS9t7Vn-ojARlab2s6cyDGmRLvIQ2qwMV3sFRkAChR7JDN69jYFfUTrWlv74-cvizAnC0XSzM64vmo91K6IxYaT7jvI69Xhasgi2BedUBnYJtlK94NXE4J6u1qTamFzY-c0o1mEYoTdMZSILHWCLHQrfNF9_nVKOP1pE4qspbleQjpAYcMAaSZzaWXkaySRbkD9SxkhPXSO2UztvPfFBPyOCfXHhZC2EyR7x8nWIf8VzFR2EAiG3cq5NLOLlkQO16UHCvyonw7NyP0efZarywTmCt4uX7nIqtkRHKy69RVSlEnpP9CbMSrr6KlPjQcIoRzaM-_pA5EdOo4wVSW1Zt-76k-skcqzgX-GXTNLju-WEHZSTpr5QgIQeactJT4J4GDBv1rlAvZ8GUUVybWV5vZGVCdZeGdvmuLvFPsKXo52cdYGbztZIBRTHzMHwzVheqv7vhagiNXnRTEBQwLN3dpyVnKt0EONeZ0LMyVoe83Dj8lvmsjown4J9ZoFEGtsKzUiRKVXHKE15sTFyErayhFT4vEqrQ5gqSran807vh99dyv6edhwz_W5OP-o_L8ZvtzngzKIoCrj7F8181St3Nm4DdlKUCZ2Pvf6eLgbzr3bN9nSZfyDr8kk7PVvzDaR_HZMFv4EN8Yy2mZAPYgGNz7oJ4m9PtZrpg3rrEVk1D76C4hEZf4UM_5W2xQ1lrYpobBdFdDPn-brybU4aRwfqnZ8qtKMUVCLcF7aRdp8ejV65WGYcapR2kJOkpnLZAGxsdrvqzHR-yjnw6HKZOOyymUsc5_BrmFhxKNbq6j0FBaAtsSM1s47Rtmk-Z83vwZZ7XPZBukyyKSj2Qci43sguVsRY2zWrULYx_7mg0SRnyVKT4MlOrHrkjaeM18hxEe0Ilo-R3VCYDzjYG56wtHoHLSrZLw7v_4lU335PUArbuwuf6_VZuPmeyWrNZ2BHZAva3m3V9ZPKI-y8KkhCjC_szGqHBKZs1IdRIepG9A_XA02cT4IsM0QowcMDSlc-SFEXcabWPEKxLjmG31BAZfwKewqf7uk12ctyF70LzfhjDFCBdX5cLLd01RluPlZ4hR4P53eGPZY78jDwigjgpEm7rM7i8Yri3Yb_GheSkKwS6y14BAmD-Q4CKFnrdquGfiiqVwJoY6jj1nWB_u8W5ywTW6j0eCfuQzs9qifH4i7i84CJNnZvYh1yWRydQqyIEG3x1q0Q9CKhae_vlVWfFb2cgw9-mbE_X8sap7dSHUQIRVZ2TZ5vT9aJVbKkIzPrrtU1Nl-MCFxrNcEgCZ_F_W8Roqka6ZspWyUVCGYCvjHFeLG4nZlkKziGQ1VBCdeNnaJoKdmUq3YXun_6jhcgd7mzvR79B9OIr34B5EqZUvKT2m2Or_gh4jN1Y3f6p39qUr-WDefWKePjX35zKK_gdYPmrN49kiq5FWk2fU-m9mxX2cDoSoAJqNDG_Jc8bwYv41Z3beJMdcnukNmRBJRGvK7VBGPjnyhk0l_0OJd5DB8_AFGnuGDnfwvXgdYfiyKAiFVw1pFxpWmzF_1-MoSPzI9qRr5UHM2qtXSgq8euiWikBEBkPtQQ8qkeBdQOiMnJd8PbPA6-_RsKDN-quVuiDNBceWu4SaB_c-XjVE_7jwyTKLE54htwMZmhMmD-lx4tCX0EUpORgv8CAfaIgYNNRTD4t1bg8uEVNSnJeAA-154Z5pqSXT7TC1-PVBdqshp7KIqByoYkIlYo-K-reu1sFYYK4lDz3uM9zCwaOjtynFnGjVTorkiKOPpwXn-QTjhXBM0-14-zUUZsKELh_g6_e1ZnBUZ83naTuTyhBZDAq0fmyXGG4YUaIoal5aaRUjoC-yPJNAmf9oONWyLlPc1KzfEwCOIUWRY1Kb-L3_zz1hwjfXWjiOI4mHXLK318FD4WGmQjMOQ-2ZpUaJWNjqEvhaon_rIfl2NVLiyrqtxZxIz1kcxh1bPzph5EBXwrjFv-CI9AITcyjoq-iiI9jOmFmHhibhx8ZD4PZS32kQ1cLvLGuG9kWT33jB89b0RYbD6PcfxPlG9pexIwrMaJFzjq2l_8uaCp6Gq8S4AKVt3keGZ_vnx6PbUw4at_-7Bwd-Pu3Guyt8iI11ddDpTbZjufAb2IkEF1kVpFXPIzfKj_jYc6eXHLVLUYfCRh62jaJQrzWGhEyY3kcoZsOVMJhqVkpfQizGt2DNv_1es0i6s_Co2mAN5r2GvoUp4TWbIVUOb4l9OQGyHQ2cD8cUJV0Cc6gObejj6h2xjPjJgRO-Yof0TGTiO3tVJ475lGchaEjvCmxWFy7Q895wELmzQGHEV_87kh1u1sVYPQw1391jKa_r8YTZJ4d8FycFbaqQgWJt2FMCKECVb6fRlSCSYf0dfbRwncHzZoGojIJWhB82BAsDhCClUaMGO3NYV_jqbWjINWlrVtoqziHchPLbwsZosuRjYkcqKXexDwvTgMYTEWBnR0y3_3qNziwOaWfyscZp1_wzzTOu8jVlTVyKK04mtEiMoRw&cid=CAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=17056391933747937000&adk=2086295851&idt=255&cac=0&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07c96b17ccb4485444bb5ae76ef2eae38bc9d5982cca636ba2410d47962e58e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37879
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5584 0
20 B 157ms
157ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8033173165402&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5584 0
20 B 154ms
154ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8033173165402&version=m202307240101&ct=76&x=1&cor=2410934449464698000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5584 90 KB
37 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-k3tcl7u-SX76wPZufabS23t-fVbsGDDG3eVotd7TP039kgeauHk_AQsVfMHfNIIWymXEHB3CTCPRbPT1bx7rFQKXMg&cry=1&dbm_d=AKAmf-BPKJg_kaFoiVvs05NUl-30erlG-_2h9qpN7R4VEEHx468MOVimICgDMnovG0rEZwo47XvVJuC-mpSnhgGjrydoe3EOD9NteZLsOD_KgResLfpNheGWXP32Sc41yluz8eoqvbmRk2a70tGD29Kx_-4cnfZEi3Y8KmKmdzWS2WDC2AwCWw59PFNKZ2diyNbQtOEENYEyyH_N6d92xv4KaJyzqv3_GV4eXK97K64H7TE1k_1pcf5mbfScGc8Smo66HKoMqvCZwip0gJ9XUzW66yvpl1mK9DFLerZgxwit2XNTF_IIwslq1ladJYH4Q86qHO15_5jDTLd1ULjgOoBBZx13JdqwqEnncNzL45zo9ZaTDeo9hKXcril7Jb1j8ON3wC-qW0jtr2O8sEW3qM62q-MUGg7ZTrFPU0PUV20-7-xWmbH4BVnDurPZUzdX49koFnDxGkTQiPNc6stYq5MrWL4C5ZB2qAGDjMQ69ZDfcBJG-q7KFEi7PIeENPwo1cFuZ8g2VeA00eM8tZ9oHWUaGhi2mwOPUuWVvEGK_B30UD0zpgSfPG1G44LhJ5s8XVI3jyz7H1DsPg5NBD0ltGJKZkpAFMvHqf0h9VZ4zwVCSPeHrVZ5sfH_tU4qpDWUciMIViT8XdlWFe2oW6qClQvxLZpZ44ga0k9VzfNq-TGjb_2HtP5BWFx8ZvaDuNcpVwi6D-ii7s5L3RtoGQ37-JlbQjzKBRsMDnubfsO-PrxaJZgxyBUF7hMt8zSgDXZwgC2NeqCaTD7rgmIB8BktXj2haEWneOr795vh6CCB_GmCMdBwic5VCIXd_X-Ggd6Rtzl4jpeNUsR0I4I862gWtTUdUYzfyBSO36R_DOenDQhgb7czj7mMixY88VPlNoDJS639zThJiXfm-O-X83OOZv4betGSaZOrdvaaY0MQHfXymg4275J-3I8le8cQVPQgsXAU0yezGcSH8hQk5i0oECmjR-u0G4ZZV9QXl0bxXuYAGY2-0sDqzECLUXLqsfBSt_TN89zjp8Z4XoryN-Ebg-SePGa4CIIMJ94JFxhJ7AEj8KZDALwkFMOM6jBJoH1TyaqGHWgPn9DV2P2VYv8FHVuB1TGLfzy1FfLtYWVU372Ow7Ajt-H1CwdLHagHaZhUWrvwDFUXsgbrDWdYByj97MezDtw5USgd5oafR2vRrIDYR_r0qeHCgDyO7TvBhfDYVVnpMIqZPBaLV0QIIDxF0vb0GlGvFu3jb1p61jsAKNtUdEAqM95nk0bXREH5HutRz3eZoM2BIqdXGztU9IyjaBQjB5siXX1LblyvvQeQtthufdWRXjNyNoIPoOOSM0357BRXUVlqesze1QssLPAMdnRxHKTsfYfVUdO7idAeq9LtT-SimvHRA9fVXfrlWLTU4Y8D9-LWQVgJUv8L3SJZqKiYa_k8dNq-iYxSXY5KNhrPnsIEdmvQ1_fvwEBVAtnWRiT2jX_SaOCuoPDbek5ipYObUY5BMxNpyfNEuDw7-QS8ar8nYeQawX2nFcrenuep3MAau3g4oFd3YzHnXquWoW-z8GpSjGwDkzD0mUeOkoXu3Jewg0xlXqMpeaxb6LCcS4WWIAA7vg2oNQBDnRTAUDDVAoOiS6eCFVnWEES0Gs2lVyCybve_39CdZhd8BQgrtZ3qhcYhfhfUs8zKDFQCvSMjzU5jEtTeC2o4yiXzWRVKLh752qqrMXkR5P8j2zLjXV1P_edy68JuUniyi1HavNLjCAgHNVTJVLEnOZwhmYY79rE5Yq8CH-qeBvv_idYsquYVJFBOSa4ccj3-NO2v5HNsEwJqODs9hzRzj3RgNr-L8QixXe4u49HjHnADYPLPCoi4L0odLXneVBjMBDv6PJQTnJYtG4vsjtcPKdwYm67gRl7CvZCxGAgL3W0f6kXmPu9XFzKFinII7aeB9OksAu_KMQAlQw9s89X0b0Bey8lDNGoeylVdFpZUsmXGC-NcHT2gucEADGUrJt6B3owJiY76E-ydC8dfWKoPKtx7S0Zk_76s1y7srI8g6f0FlaysuJEtMKAgf-WDiHDqScJvJehFKq6rrjkR_5oWM7ep54urCXHcft-gRP8pYICXtCsozYPpgBxGBFypSD6V1xD4Jy5r6c-2Ij-1c7xw2fznZDGaa2pOMwdulpEnL_BFsLygtYWxNtS1OgQKevkAHOnNlJbSxLlSmFN82FN7Iev8Pd0w-XXTt-QrSPq4-3T8G66QbaY8pFK4F1rF7llrfXgX8XAqzHoinfssbS1JMkAGjOLUghH_pQpgpLs1KSnFLcSxaM5OTmucjBwdjEelNtVCR9OlzO3W1miPOUGYoHcKCiaPMXevzsiSY0JNRNhSRpgysvQYgxpTPG9AEah8dEc-7H_ky6wdgy94Ul6d843Wbgnm8ghaA8KfOPOppe452Eg1c2w61WhYWF_0K0Ijdrba7wNWYDnsBVDTcBUyqfJ10J5Xw3W9uzAMGKIz8J4ldA_esrcI6FI-pP-lQwwzn1SyQvT90r30ukkQkJo-0EfdiDGi6Nh1bv1fknKwWKx3QLnkhlAbwwc6CF7jPkd8o4ck-mVYBogFzu7ZZH6D2gKoImvLIJDpVbllD3voTtAucS0nd3AbM9t4qm8-IihLT7uxHxqf1laLYUKeVvqDFCAXxM_bVMuXDWP71jZuPYvT1HwDrSbC-ktDsXzX_pcaCixOLrL8DtKZVzWsHTSGER-nA1WnPcj3ioMmqopkNn7xDDvrOUb5MkzDG-9PsIUmqvngQSP7e0pvzmxFOPLDqLR0B7fJCPzP2_fU_zoE1rSYVwTcW0pUZdyjqokyfZ6fEbKAh6noI_NnebQDycVtoUM0gu_nudRE4tWWSJ2zzsAqdaQMn5EvmA5juvrnDgV8-e6Mxxl8vBFoq2HcMPpsBgqs_C6SWRHB8Mfc2-IWCYPIhzYqnxLG-TWOSPB4irBaq_SrFbJVLwe05mR2vhIUagLHRxVMTfZm80FOu4-C1teomvQNLyKZ4Omr-vd3PaRXRs7fgjYOcqsURaD9DC1FGHRRJnr5ZUtNvKL2Ipnd-70q0Di-YC_6dnFjQEdDXLvGMGsSiAWo7hUjzOTDmvH3bl7xGw8i467qOdqFdPQreJWyo6YXAGnhQQW0ixJ-Fj2wcn6t1CdU9rb3waDMTSH_1cIy4lQQlpd6GvvG7UY92xrdodjFCEZDmmKEvnTF0YzmozNRdmtLSh7p7YlhH01RCw0CmOyu7boTrFWc60oowXMEe1HTDWGVgIw_7hbMa049Eo9-eAQjamdw1DgiTeNgk4WnH7jkFw-Ml8Y3SVQRSSTdqDDNRzxJWoFbd_FgZVG3FbjhnwUdGB3PzasUHFFJPxyan6fpHZkSDearcziqjOEnmbl4LxAUemJl8PLHtAjq0xYjQ72u1yudUJ2-FqMu0kifxouyhVMN4jRHIczJgHlgnIU6tZbVZ-EJ0lxT-y670_hwtUyK986e7Z5xj4gqqv6EgAzLKsoXGtksj43blLQtde4OiRY4a92r_Opd-vFupxTdiYBSnbjs5Ytgg28MJ93ESlisSnWXbY_6I4NejQO2ut-Ihsb9SPUPa4sc1WdcpjY4FkDC3PZDBLwOZlyqPe-5dDiy7U5Msql-ysE&cid=CAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=2410934449464698000&adk=2988274607&idt=169&cac=0&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36ceb001033fe060659ce765e33d58552fb5725eda888725ba47e802624b2225

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37664
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 215F 0
20 B 159ms
158ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7078254643030&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 215F 0
20 B 125ms
124ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7078254643030&version=m202307240101&ct=77&x=1&cor=13029214530049864000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 215F 16 KB
12 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CfxnhxdhWgz26FEyS566Q-qwGPjmbnKl9SQku_xpxqTRfIQBNqjXrz5IrXkBDPJiKcQAHh8oPHho4ByZvU5vhrCTs4a9mz0dfP3f8yHuNKtmMe-eHMTs62NTfGyqUI3f9Srkm7fXi4znFMVs8uPzz4j0pvlWgkqHRE9pf0VBknO6xTOpo&cry=1&dbm_d=AKAmf-A3CMwibpiZm67Q3wIIDiyPRNKvbaJ6e4oRRJLJ6-o1OS5y8BLNpzLz_-OeIKDda-dBFBKahgoO16ebruklPzcOQhrF_FA823Cpe4_-aoKieRRz8Nl5rTOK0_FteysqYZItACMtXHNMlN278PZMIQImtUQdQMUWb4kjeFbOU5ts3zOk5A1CHpo8yB4RPpMOV_jRuw_pmnWsWYG6QEdI0If6W9_Ag0khBtReJxOw39hhGLhEyHQLhzw-YsVa0BCvU7TGKxvURpaD0PAQTKN97m-u1olrl4cWRB7hwhrnUUDbAqcBaE_5F0dAHSXwYfAeqB-IyNNaxmLdcIL7Kgl9J5Tlf-PLEID6ZGLTYBA2v_BZzccs1LndtvawX1Ec7D3HYDhhgRn5iYojC0LHtfr8jDlKl8o5GcbiJl2leTAVtKYCqIpyLQNep68HhGdr8v-DGGXOdAicW-9W6KocMcMlhOevZHANm1YS2H_5auoiE45wJCKiep74-CtigK27165UTimXgbeI0BPlFOgvgev_oyoP0_9fHTZQHc4T5N8Ywf9dSubnOhx5j1RaEINC2B86AIrqHd-Az4TsEwq5nCeLXY2-OJ0JuiuUAA60IK2gaX-nz9b3jZ-J5xq0lp_Sv91X9PImrPL2S6UEaaPyJl9IqyQ6c3p4F4RQ9G-SrTU2BAuXKlKMgnd18uiOU9GFTGFt3ZzUdWAIEv5mTCw-w4sNyAMl4NXWEMTVWHRtI8F4MperBSg7Z-0rdQcBxuCwW7GmmsaEaWDkhdbB7W9zKnZyE9I3TuaNqX3KenAyzHx3WAlGt_Jd4sHBDp4eVwKtiAOJj3wmxjZuVav3-CUlboFpGIW0bZc75U6m1NDI-NLi3-8vN5A5OauNaxIfDtdH6MRbhXhZn5mCcxgO-ALwNDsI38bN4JuAxY7vJtItpZF8zm30_S7QUMRSllvFOTOy1GEhg2AEFC8whjA4eWaB83tPJrd5PRyK-lznplqJhPIG-Sr441G72QczHsHPgCkuIGxKOQC-5oyls06rmn_49NuvLxRmOPcpN78zryd2r4IClPZOi9mTaPSvwRLI6cTSgnIxnPuIT0XsHz2O6XDgEneaWA_86FOEoPqtdjWX4bEppHkS0cg_ayp4Ps2VQoHL25lY-uvPnPmnbgRqc8da5WWrq7X_oDxjkaRGFuB7_19P_szBKIepl8CgUAw8zSM8_PfTGEF1EO7UUB70M9lpPaxSUsh2JV9yKoNSS7cnXN5ldFLwMZOh1elHsVvC5Iz5YlHDLnWqyLCeY6nwyFIWKQA8JRs9j523Rnuew79xkFeIbL6PzBedsz6uCv_InZvkjL4uQ_q387pRejhg-d4lZMQArjnNk1dOLcoKJwPWUejvJgZvNWtL4F1rvuaN17dfg93-u72dmtgRNXyrUCNeF8hM2WX-kxEqAwbJMll2VSmuD_Gp8j5ds6iCT983YMrDJgcOHkmgNTdPYcXPC6LMO-MQvB-QVzwiqRatveubkXHaKPGnKlwjNHXNnw8DeLskcfUuRCnD-ra-jzHI--yVHamkumljH3HcifubD7T61srrZvbn56lnU4ArWbVO_-r-m14XzWNPA2LGFe08HAeNFumUiImQJxXufOIejoJamUC7ca8vrlkn9-HCetvHdqpr4KgcjvZZTPbE4joaG2RXrbp3L0z0TeM1wE-No6ztPaVhoYOfYXn9bpeDd-w4x_GmbphYpSwOlGtP34V70tiHl7ZX69F48Xtm657Iv59VNMDcWjNZoQy_DSs8HUIBh1LcNw2d7Rjr9t4pYrsMoFs_DJWPYtsDI8uwv49r09FCFHMayLhT-Q0-Kk4A21z1KVZJtbfWSd_kQe5vwAwtwvBlLiC7eRNVlNnC31il0eUih-u5y0ObzDHGzVXhMp8kfz2laB2Tb0FhmlXeXOoltx9KxB5tg-8kOY2v2RCzCdvT8c4aMoj4mFTyE5ct8bMlbyd5Q8SnPv1_xC58J0JVjbprjignIZQVrY3pOSlnBihjZz7XQP6njhM976F2KTR6S3KsPm00rWHeBU6VBLE31bHPOwfyxWjFzS0URnosWN8tTAdHWvx7ro3mf0B81GyKNg0dUbB7kyioq7Y4R35j3SAd9z0iTagMUA69YbxUuDBy39GsxNDoDA_CGwF7UiqGP6QdTkVYP_bDyX0gJTjTXcMiHbay4FMGlWx9XOnaHxBH9HUJytcjOHIsc0f13UclzjGcf-XwrEsFCZSLfxu4caDhySdz3miKdgnnS61tsAjWUVbgfbVCzWzGdr8xw4IJ6GGkYsdKflguyXEyfG4aJwQ_vO3De6tLWRVHCGEmU6K4KkIk_IPlUT0GPhe1iMZAcO5UeYgvxQQFln0ozVRfsxsFJZ5zBmyI5F2ncdqxSop7sLMOVXWotiFa6eqGVSEytPbDfTv_JuMcSK7v0t6AUG-Q5_DvvYnnM7SB_7pr0A18ihOZusyefptFXkd8txO1ob3naWWp4kxt0ACUv1WVZ9yQJjN07jQah15O2jBMnbKZGhqsbEDVfiGZZzwolJe8dpRX4BFVLG--cG3fFShKNp4oOPsm04hamrivSJ_R7VmnzpLuV8gHeJBOk2hERTAlH0ijUxzNzHeFEmGkPqy65kNPU9KUjOf2icleH_uMEqkFreDRIEZfTmnBiHTNPNgtdCOCHlKf6KDHSyqybUYwe1t-8cYY9JqdP2GT569fN-HLy3GNYyoAli-Erv1-gkrJQjBCmvpX2JVJiOF3fCkylxxjbnLCKEdJfmNRChQ-Je2lgVrUu0aAIsLFxU_0idebmI2V1cDC7pF_IvI0VVjQ2IHdb8n4YlHyaoS1OvQWkSzss-uW1Xon0iMmmLjZaG-CLtccopjCc6wzWMwBhv0SXrsYNO5nQHZw-tz33guZyNT14IQeVcEHFXDELpUR_dOXEYf5iHRwpOo7wId1dgxEJzrhpDINDEy-PqkEwSnzztXiTImLsBSoVDhecl2awvJIovPiX40uqIvuxbO2o34lGRJlGUxLEZkzioA8IujWOvQpy8ZXkg7-nNVNCyDggx1LTxK8Zd4-5wqXrutVFd1s9pd3NnNom7G_vG0BXHF2n5nBsFjz0De30qb7lYM_MnI1Bd7QJmMzA_uNG2jNuLMXhXlyhf_APBvJtjlDlkFrs9Ffy3rjis0wBilNa70RUXypm_3VCj0o1KaKvRqSfixkU2XGS3x_WWSkWrZyxNUHZfarKAVw5354YkXTcul_Aql9245I6NfHzhaWj0P7Jl1pLeTCpTXSRkSX2O3kostf5PUz-B8RYlq6G4DhnhHrjCFEznqVehAl-Hra182IsM0eFhyt5wZnfss4jIeQ6q2tDyyS3_GL8K4No2HrvC5vuo0Ppgopd-bSv1SxDdIXiIR_Rw4qGAY32sQkk1qwdmd2ULGfN9KPJdyGAvnpzFm6wuhfD3UqJLn0AViCEm6XmeExLVewlPJWZUyw6_xE2i2lG02Ls05JclTm2j1oShxo62Yc4EjKLB3VnjhLlQexsKIgNLGv459LFJinSmwGz7DGDsCNEhN-6qZHAuMJZ02FGY_D8-RZVjUVMwESoMuL0cCpY4eI6pCIVglYm28A2LVxm9QQmXqRqP1CIJ_O8ALHMzttlOnCILhZi7Jd4IldLiHK4eyepEyv9mXXkTV2hsEh0wkWi0mFjZ03CQxlaTF4iT7pWgLJzeHvekX1_fLYYXu1olCJ0Qsu6LtbIOBzEFjUlYEISgUm3ToFIxyGIZkxrsyyMnGffpf3L13Gj2pJVZTHKd-QR55RLNFt9fv624OXJmgOJawDlgLQNCzrBTv8AJ6r7aMFfyCK8wR_WPnc&cid=CAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=13029214530049864000&adk=943508955&idt=212&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f332312fa73edcbedb64d5fffd35d8254d9347d5f5e721fc50ae2c30cd762643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11878
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9659
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1

43 B
632 B

28ms
28ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXBA88pAaRtGCD4GE91LwRRydbMHBqEl0nBmMwhYLrKb1Nnt-61wBvhyBIS_RSC_eSmsLeAXaVGIRzqrPQy5gaaKvXBkN2-YxwyL5l-rAnM8s-48iyrGRs1C0lAX0Izmi24yV-oax0YP6AzSl7FYtReZe1eM6PxPrpbSJOaL0bdmUk4D0Y
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 15:24:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9659
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOTTRqtQl6QNtpyq.4kOxQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2

43 B
632 B

30ms
30ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXBA88pAaRtGCD4GE91LwRRydbMHBqEl0nBmMwhYLrKb1Nnt-61wBvhyBIS_RSC_eSmsLeAXaVGIRzqrPQy5gaaKvXBkN2-YxwyL5l-rAnM8s-48iyrGRs1C0lAX0Izmi24yV-oax0YP6AzSl7FYtReZe1eM6PxPrpbSJOaL0bdmUk4D0Y
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 15:24:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=494
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAV1Z9CeZlVyH9f0dxFsTS8&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 9659
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1

43 B
839 B

46ms
46ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNXBA88pAaRtGCD4GE91LwRRydbMHBqEl0nBmMwhYLrKb1Nnt-61wBvhyBIS_RSC_eSmsLeAXaVGIRzqrPQy5gaaKvXBkN2-YxwyL5l-rAnM8s-48iyrGRs1C0lAX0Izmi24yV-oax0YP6AzSl7FYtReZe1eM6PxPrpbSJOaL0bdmUk4D0Y

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:55 GMT
an-x-request-uuid: ba3d1dee-26fa-4052-a583-6515cfdcd6d1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.22; 217.114.218.22; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECwsjyV5rG-3UBRbM1DdAnQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9659
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0

170 B
188 B

36ms
34ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0

Requested by

Protocol

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:55 GMT
an-x-request-uuid: 927edd90-7841-420d-a46c-f51556d824b5
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQ5MzE4NTQ4MTk5NzQxOTE0
x-proxy-origin: 217.114.218.22; 217.114.218.22; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4689 111 KB
39 KB 95ms
22ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Origin: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 18:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74034
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 18:51:01 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame 4689 11 KB
4 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BvBMGX7tBWpM721j2rzPdxMj0Xi4ObrrJsSbN4HkptuYXdbr_dfAeTC0o6UZY-Ax3tcsIzAl9AhqlvdM76vT9uviJcBw&cry=1&dbm_d=AKAmf-DiaCcwNorRGcH6ZZR6h35cjRmAEYVSnWxOZtGJu6yXTHMS7PlL2yoCOVDN2Rlo47bKOmzSKHX4KTiPkwQT-hT2n42kzRJRqmNxLh3korV0LyQQEmlFuvhH5fFlqEW4LXBxKCYFt3Q48wQd_Z4GmNK4Cvo_3FDX8LhgIcMaKMQDrbfRRC_4ywUpFeNbA77R1x4km1UV733j1wR-x9OOjFll2QgOswZYs7SYT6um1UaoU4_Wiyxi9JK-3k5udmA5PqAswzBE0XvFSfxv0MOPE-PBLHWEXNoHwt24DGR4Lx7exLPBiTCc_6x9ZaQWiZjHigQm3NEVhIv8hRo6iCfTeT7O9zKF-Tl_yHMN2SqNo9Trrw9dW3N446bn7mAF5IB-nA2c-bhKKjAdg8DdPx9mwFeoGOx_5_MRXPgrccRJNB4--cLZ-WnEsS6x2ZQAwxBalSl1vLuyZYEuvyQ12H2BQXJhVoYlrEN27z-9vWq4Q7F9Qe4S6xFGDAmB57M4eO1F-r8I_CbPqGfwbLbq8YqqYx3q6eIEYodJb83D9Sg4JB94k9RT6Ap6QbXdutvQdftkEA7v7ZulWCYQ1A0-FNi3DOKTEluNLRxhVvhfKUvLfvX05cpTJ8fOLOA2HtbK6HkbOsE2ZGhzKlfS2_EUb8d8FrMItjSPsZNRqZh5sBrtwvdFwfHyvESQ6o2KTpEg0QW4fJW8BF-qghyH0vIgi5SpgJR4s0rCNNJeyEAU6bjnH6l-nVIf2l5ghLNEHT6bmircua_TLe2sXdei8VCYz3wAHjlIdsmTS6bY1LTcZYlrZRPAcys5Gxc6rTRTx5MedkdJTuGVGPXKY6v4evkRoF_zaU2ztDkw4AyfM8kVk0vNtys8UKXbLLbp02Z6h59ZtBhY7Brinym8DYzm0GzXYbYmSzuJxim932Olp9iA8E5UNptezHagXAYetBo4mhHbntmZbLI_rzegmEgriigJuGzYIT4yTWF4hzR-wEp4wagoA0STYCUZ4QObhbD4tMGzLYyrVlBM45LwwO-yb1w5F4X93xuk3p-ml-qpvQW3WfJJMYBDDHSvd2-twdoStbsAkbWO6UIqdoYbmtKrBA29B-X0seECnFxg7JyDhJsCHEoGbEJ0i2euwHs-wOPCbfjg7O7NmOXluY45hx-uR-86Mp01bTqJdaWkTUaaVPpGsPvuXU_fzcSpOlBfGnCEOeXRphbf_KNcN-qOhousrXXt-pbiZ42MlJmGZa1WSR4e23ZzrolZ8Mcxgd7lu6UvghYaTGKiV8U04FV5FM5SDlzOkK5qqDGfZmS3-Cd6eFOAq1M_tisSrZengBXnxq_sCF9MTUZzvpf45ZhzFIQU-SOVlf6pOSDmeaTDDqBsXaA7k8SrDU77mp3exQVYTUi7muvRdjGBJ-xZtNLD21LA3kZU-sg0ptpn5Tb8KsHZyjs04YG9KpQYwHvWluz51ykIj_LYQd4Gb2TLHjhkkiXN6_2NdQVHAJQM7ewx7fOFNtRJrO_cMMw_g-ihf2DUTtSdFSkyHWPMEFxIsJBOk4yQIIHOQO0TJLFRWw6LROOuBxA2n96CjC_TKMHwqbfrTEIgQkhpDD4ktdoSQZpgpV_Bke-PtgEAeLVWMWjfH5fTmXpxK11bqMJMoIBn1GTc1Omn5UUHH09KuZg2rMrcch84SV3H152zcHgqq-yXBdeYIdxP2vLnLp-bxbWuz64dDnJzHl0Vpq-1m12oQOeG_oKNBiVVOYKfq9LDUASKsFgwb-trg74qOb9bHoJe6pISnHhhORCz1vnVcTVgpIrZpBoUVTZ8tXH25MXLDu6Dmz9bG9A0SwPd9-HW5BY6qOEIOY3sQs1U678a_YfEWv4sJB-BiGVgLWlXidhMct2OBD8w3rF0pBi1Z9zf-qzGj8FPQMUyi3OSYKVVVnKpjUo19bxssjtAsLJm-dNi415HCow1fdaVxt6sltwiM82o64IyJ92pDjAjzzMt-MSH7TFHGHIJOu6lxBpEIXu6H8uOa20FTJVGRl8HHI80nXWIEN6Be_VsJ_fCcc_uum33K4P612i3rVvGeo_H9lTcbCEa2M7lWHoGg02wnHkgXwOUrwUz2MKC50miPDgsvea-QrE2GAEjiEaUuLkfOpt3hTi7dwjHiZADb1KnF3INdGeIrpeQqHS44yK2ve1N9hV6x7y5Ly18d757FbSzDQaM824Ci7eBn8qnkOTTCQgVNL_gyCe_Ed10oC7bZ_83HZNQ5LjecPZjollW6r6qVOQm3oimKLjR7-BCCNbbwrHx6o0QaOtbCL55tE1EXrnnzKql1c-b10w1HQp8tfgIo3tF9zc1UcKRaMkkaaoajxorXSrZCl3h4vJiWxSSY8J_xh9HEMjDdHHDWqgCxkSaC9ck972L8onVlyOsRyG_sfsmQLrSjRJ8yWz2BkHu77UGX-v7qPJFqaliShYFp_QY1bvAZSxsLLAjWoplrpQciJ6m_kii10Pf6h1s5eLpe5fhGd9WMpQXKjbBke1klXSOq_mN0Jb1Nc3y4B3lbM1PD34FcMwDV1GI7zVHqK9_PNz75i-WiVhxvuoQr-pnBlBGS7mPQLXArm4yIvex92ZjJdMWwTUuKfk_TzLs8dtWhl5feFI6fZ-p2jIOZPNyKZDpzVCNTS73ArHqPhVHssmhM71m1D84fRY4UNAZYxBX9AlCkeJck3qg1ZsvNVk1kKtxg-oUFFUrzuoukZNJFjaYUtMO1XJ0D0gMT5iSzc6AvzSgpAx-9DsQnjBGGkAQ8mUjWqlIFV-k8nhy8pgaP0mDDZ7RdUTRGPycKxToM5QhTyM_TTI2iPpaAXwmUbCOkhqGMScupcai0_C4A2XBNqIU0uY7psaeYA36OSBEJH2LH2jK4dJniKy0To0C5wi9bVKHmtnsOsBaHYD-XiZiPm5gn3gl3vsXXWLWzmbnB4syp0A0XlsyIvmx0zBhuaKSMKVw_elU86yUemHPCujQdiwqLAp-zTUypot-hlceAm1sbMV6yVgGwQgjcfOYGBfRZ_I22GPiph9K_7qsCajtlS9DA1665ts92_RocAEuXc9kzg30KkGx6iTRMQr4-qnEeUuwgBEDtBJljaOOu1impUJlt-ZEgk0E3YTiXpRUQY_zsWgUotAndMKJhrbIVMUOxhQmzmX_hAK_DS14hQXpLVrQ7YAoNoc8Ht4hk9rh5K4n3d-1qKStIIGuG1auGs8LXHDetolzlDp7NFb5XjD6zlFO20HM_aCmINVqWzHhidOgFu0GTrwbUMuPfw3BDVfR1mXfZNnDDaXnguMj8cbPefRj6EO9weeOqHiZ61KcVeWXsoh-13NGYS6nKSYaGssJLOaKWG61Lxc28OKwHLvz_3oQl8TbxiEckgPuuh9ug_oQcc6dFRxXPPgWhmMbHTddox4Y92-Gy7q_DyMxdW8w6OWl-aI7XyXU3BVA3llL5xPdZ-4Z4aAcWj78t6E71PXM-lYX4ohH-YBTSYiH2ay3eLCDiT1WBgGKKKFWaiBMSt7J0_DE7cblPTk4GpRTU_NPoymUln4lbE3g1Wh7SLQlS07iW2ZmpDUIdV9zjQ6OH2dEp0c10L_C3TZTYSaaoZiprqDWAvDz8VYvYn0nobX1J5TrmVgYm0fVCrKdCO3VUBHuhwTwOL_kOF0P&cid=CAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=8236941930622017000&adk=1761367587&idt=158&cac=0&dtd=58

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:55:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 13:55:56 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 4689 30 KB
11 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:04:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11536
x-xss-protection: 0
server: cafe
etag: 2200807439755941123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 17:04:58 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4689 41 KB
13 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:11:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 386006
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 04:11:28 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3730 41 KB
13 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BEC3Dffk05N1YsbfpTQfqJTIQwiprhfgJVO4oSnFpxx6vGkaN0a9FdhXVjBIe6Q3Z8PZbQLzxFhRElRXcN8lBvjeoXWrWCsMN8QmYthwJa45scKwmbNCjJwVuBx8-j3fZ_bA2qdmUcVHl4L-X0SuX3lmxTqrAxE4fNqM5tnNgXc4CYFXo&cry=1&dbm_d=AKAmf-BrVSzV1jZWJ9xNXg3lAvdqIuPW7nejwXtoivQPneUkDx4dl7OsKC6gbn-ho-mY2Kp44wmaMq-xewd6AACDewVgL7jIPEId-hn2FwrwpVLOIDEOagbfOnhfcdbFoom33TsXAl9IXGgtKed3ShUxRZRSpkxPiGGb1m8XDJk6NS4lCt_JyR0czZZAFCwQDdUsp0xMwoPFHQXVRPwWaJg4XwoZIAaX8bjmxlSWMhKEgnWkWteD14oLPPb-5e6q0TJTj7Vyux5jScsKQB2olFWPZxaP2P_tE5RfP0zc5qy19FdZqgPaOVG5Nu-Wyv7FUYcnh8f8Gkfu7Lm1FUj0HbVF8rtXun5RBN-rZrdiYR9cSHex-ZFZx9k4KnW-H7_X0_amObDuVAmAMZmNKfZMirzLVMYFN1lALzVL-Ts-vH1DwsOdu_19XvCeQmL5bBuCdV-w5OGu9C3ClGumTSVmOIlTqPT7yLA_ruVR_sg-U9XiusnUT7LneKddzyXYirgdLdvhTFP_cPCbAT0ECeu2J7ihb9zmqtuWpQQRD7bBdt-mhLCFXcN3qEvCXlKE38XUplYZhcSc07zrzy6uchQoCOlhnGTslyfEuV4yDtXRayNM-_0ACyLvwpi7OZzMiq9DnvDpYPVpI1oG0AsAv7ye3PMjgArwM_OF4sT0DXmMujWwKgvXEa8MYB4zaqFXdX-SA1Ua6srh2wIrsf5xWMLW1cbR2EVJgKkMNRwBneXS4nCibztlEyvpaNk4sC4r46Z6vL8lumUG3tEt-GjnHamPyqvEv57FIV3lHP11dNnMCM18Bf728HvkB0IilMPR2DZLLN--3MBDWbgjqTny1OLZ514bK-3Tf_Au947jnDZiM5OKiQKOZTwk8txKelMpVBj1RzC1PdKwcUUwFgtV2lePuQE0J-AA4OxkH2LXDh9-cTL1_pyIBtMjzvTcYRitsJDoYenidqRE1jo9eLO90ke9DmQRqqz2lLmgC9j4deSnokppsYa9NZIsxnnvRkdRQqUgZH9Yl_AxejjKX-u3_Yb02ewxhdf9PdaUX5Arht3dyks_DVFHd5MbpOiKVMdwnv9mIQBzEulr5uMVoiJM_NLRi6TnJifjj5DC9zZql2jyuqxnIEsWQ74rnHVhK0fifKhyNkW_4ELjB08z3RaNNN8mbkVpmKnAnGXk0OZkdPO8uenD5h6TsfSyMct7liyaJ8L4KHg_e6QpjTTiz6fk75aSULUNbHWsqrWvyFf8dykpAdV8TozD7ciAj-Tuwb1r-lR2XkjORzNbib90FKqNSZwoCMQZGgglpVBecTkShSC63ovBnnVkyVtPs0KiOoFYm8lMNOy9ZdApuIRBVkkAurlPIFZh6g06jRsFBquUKUcJULAUIS7iI60069Z-oxEtdbc4R4oKYERHZcgmH8uZJXKe8JunB1GogBrtc6ea1D-nkLuN1pQkYxTCvgRQoXE8c7WQoCjHt2EIR0rLLVfBq14WODv8q920wtFN8IinwNUJ53S38-XGK5RGCaGw4aKjBxfMVfQd7AyEzXzvX-uqz1b0lA7SkGGNdAGA7lhSI_h0NF3czvOYzKesPsP4_62pt2qwtuiHSlgUq1vmUX1Fkn5TEr-rtC6SdTEY-aNB_HywqGJxtv88k479C2sBVglO0jNQB8HwU4WvErCHm6VQEQh2OCkEfXvTItkRHu9Qz_6LPPgeVrs-ob13ZtimsxWF6bJJ9VH1OyvR0OOh7GveY_GhaFihP6ucxyu8IniCDsmJ8_Did3y_3C0hQd3cN_LnCF41Fn4TAV2qDKaqchdHigLNQ6Gi4aXhBFHtco1dgsol0IzgIMOYcvhRmY1dZ_DzFPdFmThA7MSGdD0S6jLx6t9UQR7rz9-RTM7MHK9jLl2y9CMOD_scECgrTx7oordhO38FFL1-ojK6Axrp9SXKjO5gQafwDrZYhenCM77y5KCyRz2TGevP8kkD-9q7w1fgBKX5rz0WrzDYw6b05B4-YWvgOct9_ZMzcVU_j7-EkcWVZotKbQ3nqpoSKn6wHUGegws_TVgAGapyVEEJrBcZtQV6d84G91P6SAFnZymfI69tOBddXNlbKE4twrIMHPOJycGAk2j4QyzvBqbOKDZ4tPMPYgNVzFVs-X6qnFOSP0_TSCOr3TasUVQj_Ssupmj1_fL_vGK3iAD2w6j_S0LmAU8lzE8-Ajistj5hV7l_mxQIeNBk903C2bExbQs3lAzIzeydJvpgEoH7RibZEihv417o1jzShVNc0lnUCbrfjcr0pzIBal5ECKdDKIjez2K8QQ01P0-4GS_lXCx0qVM3oJrDemyFphwvyfITf1WFHuwIg-HHhZPkhfNxi5Sl6wTckF0wQPyyAuo4tZHMXm9-HNjWpI1N7MFPPGMHwfII4GDPUoJYSkBlpLsmmWodzvwbRTZGutMljftmfVHPZvArdS6_pQxi8zpd8WuW4OPNzLBpS0bJVeM3yJ31eM1Sz80uTuPolJ-1HmGebszgai5gWpogW7sToVib-fStcqvwyggvDE652MYw9WakdQQ9A1c82rZK9FoCe_QQ2gQ7sX968EbC1FFFyZ_4frP4xTHWp5mh0aTuC-7xLVc3YzwOzYgWjIbEkVPIJbgV5EUXTigOC9RdMztEKzrNRXFWbBWHvbk3g_Gax22u0NyREt7vQRm1HvH6CEd8A5A1H40PM-4TNA7FTWM1pW5FVzPNIT1xMeYiB_LPKUw8l2o0tVKfyJL061qcD0G88kaPL6ypEs99XulPdWntb89PdDmgstYIoDkPNqJjKnJX3_ZI5G1NO0Ilz-KNmauPnNHiUoI1dxbk9_pWK6OwYgueeBboCX0s1eBL2KZn7nc5cF0u4jK-kWM_-XDorMUPJFCW9rJAOM0Q7adSfVgQ40_rPVCI6yDfobjBdSBJZ6GQUl94-DeLof8PU1wTlgpuXUtp-FL-FmslF83TI1aK1uIKKo_hElFniccR-gCkMCjYtGkemDj54eKNIdpbYVMo2CaSQ981pQvgMblJ8mLllU_jd6X0fCOOUNGSpMtE7JW1JO9OIqGyS_h24NzQUxF7b-wnqUj6HkqDMQEJa3wwZpmJeOlFzhoyvSQLHd583dav0Cq16mp-GKD7T20PDkoZZWYdyEC_Wkg5zgXTBFd1NTJRBmt8E3bQITwLwv1m29qUipCZxRUb6wI6HYqiB5x20xNVD55g9qYVvCktQzfXX3VjIY5f_-X4KzSfM0XLt6Cb1KBIQZceGUdtENMV8awg1_VsXRGi4gwgoac1dQX-ezALNm0OzarbN7T-U46MnMMyPXAjRrBkWaFKv0BP-xnblEUcelKfeS7jpS0f13ildgmQkzmEh4zr9QK5CEnzl57os8oPAaSRozVyO9RP0tyREr7IDP5YZG6pJ82fZpxjLUkGMY-9_4YCn_a1r7tzjzZPotX__cRpGq8qPDaYZKWYcd5byY-IeWAJ7QtzW8p84GK7qBMMTrc3vXECab-CiPo1qeDno9QbupZf1fwsgf5glLxdk6ya9irhsOqmn_QLjJ9sXh1o02lfX5PUQoQB1lrERKiWl1zZPR6TDrHdonAV-AxrW6g-BtZ7i5Dw4WOtDu_LbYKyFlgoe4gQWkYuV9xZH7ExwZ5RTrZQYtImF8r6W77wX4l3_P7eOSeriuvPQQ2opdbNB0UTpCqvdtHpso2OAbOiRlYZ39_sYlzOac0Emj5xnPqsdmkqIVQPibaki-U4QE0OkbpVq9_D8MFsKedWIibjyCF1HwufRD2RxPeF9ChozI0ionxz-M6p12QjFse_6J_unGswjRRlbvpt4QVXyIcTRg1s13KfWmgED6slUEkPr-IN&cid=CAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=18022030269136744000&adk=2228999115&idt=233&cac=0&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:11:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 386007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 04:11:28 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 8C8F 111 KB
39 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Origin: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 18:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74034
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 18:51:01 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame 8C8F 11 KB
4 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CX9_T0MGZ0Q9HjgWHFobohRTdObYcq43QTpzYxhusEJqd-IFa7kAjg15QRvGYR68_YuoxPd39CJWefM5N9rZDsaleThg&cry=1&dbm_d=AKAmf-A8h0WYZi8mgh2I9aqIthy5i5yKfM1ULMXm7cqrk6dqNWatTegqYPMDXcrDH-rhSL_OVxMgFmBKnrBJa_C1--EXivVlfBSo3ZEYM-UR_mL3l3Q10rJjome966uoHWGcte7X20JHKZa_lCxqdrkyj7EhQ5j_NE-imkf76T-mqy-dgQtGj-LhZUHeiKtYKHjYwNse0uIFrBHAaJkRqTIPWBH6XVw6Ro1Se5YpVxfsF3NBYnQObex-h5gyKsPjULhGH1WKHbcpi_ZvLj3Y5B9HKXbzWPd-ripCCCYQ-qRN7v4JKtcA9mCqadYiAbNiczHPXNSGwS2uL1h9LBU_eva_0kXTDrXBfFn7LlqR16j25rL-gHcbyz68-IlgomGTPvF1txTQa-nuUYU8mhYBE_mquXO2rclb89FDppnoNVavsPjN2aO9ONl-BB_pRh5db8rQu8fe2TcHxqHw5SZRRANMSJ-8gvZp47jaJhCNKPev1cuzjRaa-82p593wxWTjwE30E-kAkIQ0QsbOjBelLG6tyywUu9zheGJoxkoM9xWwi3yv3MFZQAAO88RSMs7fVCgGxKCtpQYOqYfzpq2m7kFjANvkHUFqaeGbyZk09AWcMzoybw4UJGiXrlVoEXQ-QYGjNHMCLRVWJrhak5ABN1cEMYADJJ-R1hp4meOxVmgcostEEy7ZRfUdAWHWEvymzIDtCutzMClmu0wbb6s9GmtfvrENs45Vdje8jgUKFxiqLzvaY6Yy8BtE3ZEDrSnkx1i3uW5YYUa56U8HoWVHYUmYKAoGZ1lr-hiqXSE20wb3SXh2i85Wc2wQ0tihxmQG5nlozNygFNTnIYsDtWPvPJ0wCyv7cvN0A2jj1uwdS2AfxQ5N6lmEpG-hNHwCkU-ytKHXPZnhyCONFp_XOr3h97eTjsWo9tRWHKso3uMSjKkOCHp0d0s0OQjjeYULPGu2kjq-GtwOfeI9G_906Gn_Fl4FtfLL2NB9jrDv0OMETi0wd7XfQPajY0HNl2E6HnPqpB5Ck9SZbBL1U0FxTzUKATTvZTYPjuP-ojHAfzMgn8-pWRHksglM7aKtLQO5Neu9YjyrNBhfWEaXfufiHneiHtWrrEePYAKaX2LGmZ0KWCERSE9iqsJb2DZ4h7oqhY71IpkZmqDEQpDGHYUuSWkiLmlGLwkEHDxJe-NaPG4v8HFywm1syXuC-GpNYGLHpAQLorwsShKjJWZzfPEutOpLEGcrldM9d2jWvgCPmyH80pkakGpe-UB8IzDsyN2x24WKqrMIfI7Azu8MCQCbIqPkmQSYnR-4wpapJLfGlD3fqk5htSFsAcTyUNH6TcVelssGA8fIj2Xjza88pN1KmES9934RmW8tP31EGJhEZEjw_9y-l41_yxt5TAKrGCBAjjD1y7RopleSdsBSP7Mm5Y1KFrYZ7e10fiwCrBZHEzfgmBJTnVCSILj-FcHKGbwyvvPWdX3nsD5JPpZVhpCpywMiHFNPCdMz2eFTAl6qtNjT9LZqxVcfAnGA9EgQoLx0Sxzm6xlf5q3WevYqENoG08z6a3E-zPOaJ7uHP7-dq4EGWP1zSrPZyn7zd4-GvT5KH2wBnbDHU1PtHAQZZNhQiAKn5eq9AEHwS9oan2u-vO3KwPBQVgXrkQD9I0Tt-mKw-hqM8zZ5Rgr6Ja5wFj0yImzGUiWijgA3vfulA8qZ2je8qSTi3hjk9VKaBLPta2GaleOGOLxcG4IMOu_PO-ersNbsXIkI0NZuHYWAa7oQ4V-Eov8npw3fOuWIJDD2Kuas7PrWAdGB3dDvy9xRE6p_jzEVvzGuMm4qcKRzss7HYO_EtlfbGfXaaboPBByYmRi1xW8qy70rJCAKzbGSdK3Cks5_KlaKaVHY8To2qZ973-Zu3f38L35w1dZS0ETiASUwb_PbuRM5Pd_w2alLHTHFR93_PUFUSGkX1Prfz2Pth4r5pqeyIKeZVVioHKq8PNtMzMcyMqHR8GPRybZow1NzrE5ck65DqQRMjyo3o2duCOS6jqvDuf1yRvqc3R2qTJV4emFHyBQPgTPi1qLVuQOcQ8IC77-Ku2VLxiVJYWymd6ecDfbjfTKQ8XoZyDeYjy22L_Z94BITCljLKL17f4E7E57dciM5PoEXJRxH6cWpRKinZoyJVnURK6hFM03bOIkX6-IG-aSZPkX4EgArhqs3-evbRihjTyHmcI1ewChaTbud6VNX2uvq-h0eakzpeeQuLBpNz3foeusr6sWONw2dR6lWpJKtSRdIy7rE8Jw0xYA-wv6oZa_osAiyq3d_YOQ_LizgSWi7Da9soySgJ2wYF5Qb7iz02hfx2pIgUM0pR4UuELYTay89pPA2kkuB6n2whci3Z5NDZAIJUwEhytn25NTV4nXCw8o6USZyF35req4ut6mhrJXKo2uSewT_Sc-gpG-pKVEcSQ4sJmt09umwQ75fjykTyHG4VhTyG9A-ramHkeI9hzlV6oN7Farx4spBuAUOMyHOcpt5lTHAuU3H1ipT4EHrXhtxfs540eJj1WCrJ0-YMoU856zbfos16SblviTaPvDWd_wnlgI_n_L6RF9XcEJECUaXXSCcmQyrvwirj4G9tBG0zU97XmuwzX5goveOIDusOcXJcuSqiz4_rYj3wO9UUCejNOMZBpJXTxwCDTAnwEyZF4y00OF-vRvmPCDt851CHK4Ka21ma8zEKU769CTpDFAZMkL3JGZsLO_Z4jVu-SskMsuQlmfvg2hk8gCkjGXKN6GAy8N64DQLoU6uOmjypKHioLNdFOIcZlZIZlz2UR-7ymcQQGWyvbYdVki3if50mc-kLwhEOoQUGb2ZXgf8wWLb91h4e1ke0uEcsaiuvucLHPqfI5hJeBiPl8yVIC5HS2K5vtrhSQiQnVFC8y8RWDB13EUlpyqlhw2NNwWrPXOIvnr-AaduMEGp87TKYZ5hB5jmL64KaKnPzleMlHVEt0BTGcK32PW-PF2aQfDYXmLSPO0yTSeY6r2OsQTBY8S2yzgnmcHgGhk0hMOevg88my3TgfbWOJu9kCcOe1Xs0-xDPT8s40D66V8F1uCkvCfptmVv0cAxnCBnK-_pKo72ctuBYhAwtciJkpKygzSV9YI9a5GY37jriMQ61UU7yYsT3PMU39_Kp2Ufe3lo3zQgGSaY3l6q5YKXNblQDD_ic3H9KWNnmDy2-3PTBl_v4K5fOaRBYPfEJcgvnBFSFHi_vJngeevyD7ss7O0aOW6mahFuReqnH1fOszzwrJHSQNiCflELzkJc62I16gTCzHYT5WwfhDeoq8MsoQALLAZSYlPo3WkvqtRoXoabfun2k4ruCVIef0LciLzou5VOCMBI_fYu61GvocYWj1EFLbiQGxR7HX1r83y4h16Zke83-hRHBu3KwPwjCZ1VQF7IDgdL0jfMDl2fsDRZSoxVkizAuMMBsPaj3RYDnmSrFHoNHNXjLMTsKFvYZSudNVmLZHW9QC5A63jgaQ2cRHxcpHb6vaGdjB81_C6zKl96CH-gTvKGHV97wKeN5-1-a57Srdq7223BKwlBFgNtXHYc4Kx0ROVNzl8OTGnlAlRZAuVmQvhHkgySB6WpieydunmTqiFNEMJGKS2AzW5hBMZTMj-DCr5eloVeGB64RGH_QoBuuLZP7tJXZQen&cid=CAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=16630688949248827000&adk=2857193498&idt=213&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:55:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 13:55:56 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 8C8F 30 KB
11 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:04:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11536
x-xss-protection: 0
server: cafe
etag: 2200807439755941123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 17:04:58 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8C8F 41 KB
13 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:11:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 386007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 04:11:28 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 2F1E 111 KB
39 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Origin: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 18:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74034
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 18:51:01 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame 2F1E 11 KB
4 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUw5jgZEHyMr-oagVJO-De-IpIItDimnFH4H3w2VQDmKZWrtIXWLKc_1DDEZVERQ8tuMgxECVBVjRVJRfZn3lLPopd7w&cry=1&dbm_d=AKAmf-B8m3WEUAPzGjwEN_NmICJuM6XUWNkHHqjZN_R62Ia9S2eO-21kK6jxtp3pCie4bsq9zsovdUndXOyFtzoJagbkZuA5bVmHWC-GBI3_RgNPdtTszY2Vr_xKr2fBwJIspxCNaDVydXtHr9UQ1g2xVpYjPxj9-z69DL0fv3frZBPd0wN3GegUWQxOdzFPp3S7x7k_0KJEwxOe21NU7tCnOAF2INhpBaOfLTMRtiEsXyM4EJ8nyzYa0S6y8arGeiOzTNy8HAiGXYT6gr25jJp0a7C0lt7XID1T0FhJK2f1eLAA5yeAypUCABEiH04fU7k01Cq9Uk5ckdEPtM7Vr4MKnXooGZAaYirM3FbDiqnqiPm8AYIWfoFCw_iaP_K50zcf7ARULKcBXClAi8dHwbsYWnlsDsEmwkpU3VR7QgB5WYRtyqjx5RU-PKDgeNP93Zm5LmlcsT79I0SJv9aDhU_7vrRpeFOTJ0OvR5Mk5jB61BQHwmG0iV2Hl3CF5LFFp-iuZPd_INlXNL4JVE1jLl4WySXtkkGU_PyPHUF2m263ZJJnm_kbI5GO1QYjhZgs4qyxeglQYS7r7XPEnNRuy8UrurEV1GwChK7rQBqTo6aCzbi7TJ4F79YLgEyLuCAK9VFKyFPKLqfKTEpwa4Am856dmnRZtPpkvsexSK3ic115nsdnGHpcfO7lzZNPAvedJ-0BMsdfnboef0CnWWOS4mPl5XG5Q4yyAAzoDO_5_xPuiL-9HWdIaqrrVXub3jKYPa6imYGMT___UYmpAX2KgmIJuQAcU-LoKD89nNaXfUE9rzb-lBlegFvTWgipimOfLGc5LhH_cksaAwXJz_yWhfcNWbjhxDg7qyJDdtnZ2pxQrOApGzoCfnQ0XjJuWUnMX-GMmdHabmd4JPMDzVoZ8Gx5APu7dmi_1WBsinQFi2jrhDp_mkg4XMkIq7PHtbF_bxU_ehEMEiLvFdeFT99gxvgy88ruQHaqlQalc2vEpbWhkfyOLe0BinE61SIJskHgM2pvpcu9TkaPVw4rZcWXFzimwMQigCLpWcwSLOmi_NsZ_YwL_BUJDJ54MqIBNXqLtuEcCebEJztcyYRL-g_qxNyQE2EaXagX76Jrwesc_3QaAhKP7-OZ3YyJQIhFuQvlLIL8yuAUbFZonNZ6RSlQvJW3zs95QL_C4UfQKxqg_rSZwmxZ5t6O608Sy8LCxBYRcaj8S--NqjYS0_o0cejUVc8uKgZboBH3V9zJv3kZmpxkkEUrQcFPT6us1BXsg5Rv1HMOmeclfBDVHsfjzn8Z37gSDq6k6l3qgWcl3DeZznVbVEtC0ktLqppMjwxQP0jSZaCtS4D3Vfmde8CXBnAvKnf2LZRTKKgREak2IT6MJxKLkOa6GkJzm9cZsgSMVaLmq0g1vtEZG2L3e7Y5t_AUuk1pgJARyly_oVy7dwyN_ZR2y35lIxr2Off4mHHvoTdDx-OOWwFph1yaxmR9M3tM88mXC7HCXFVR03-GjJj7Cm8pQRzxKo-ExDzn_WVRfoFI05e8zrhMM8pfiqvKWXxdu9HDhW32byafXbvHw_CWiw25jhocoresRnwdgW1rmeedLDR748JWcH4ZzYup1n1kOFAIPLOY4QrnGY_Lc5M9fkuPcynAljNp5bDA6lv982P9Ta5M4iYasF66AVOLLr9VlO_8M7iU1PE2IYbuw-5RF9XJxCguncjhHMGFiMBzYUXhm-2i7If_k0T9TB0R6J2uRtcWZRqrVHV41fk3mxU1DUMEhpg-yXk4I5z7_2OKbK1ToqBqAcDls0wjfIwFHU0DTyTYSAtwqoUyZTN3KIP7waTXyDax1AKDnkfAvJGmwB1PAGmAj9jj7YH5V8NOCj33-irTFjr2b0VRLbXqGWJfmscaqwXE3cuhUgMHHd-AnxVMQso8nEtfAetKGmtie12xdsstBvykmP5i62QpWHjROdkVW-TMWA0eKqY2pkhupFAm_pyBXHwDyR3oTnurkUAPTl4UoCX_0aHSM6Vl_0fBzt7gwta2Lba4Q2recR_xbWbVmU6aW0D68RjyLDmCcL47UjLe6AyrkM9dbL_j5w2eX5qI5-GTPP2aH0LL-C2jqwm2mbt0DEp9JjznvzEgRWCiTqJz2mOmsPpkfiSCeK_e_FDqXlqbq5oGc2mo1NLRdJ5wnSRKoUVjQnh92IeO1tdhh108msB1i6jdJOihVdR1n4A4arsQLAAf7G3EqKvZfbGMBXc642Vno-gp0zqXDTr4lNE0IDLyiMH-11mz5o4-XTspNglWCZ9OLxpoQ4NtJppJU2qLliFQB4tekwtke_dORhPHGWySeeCn0DIikZ8x4B_Aiqf2QC-nEraSKA9OvEL444dbqAr2NKETsjTGt_mNAltzf7EvnEGuwagaWjnkQHM-kBsOyc8NQ39Galv7xUXo3VINTgdBDvwwkOEAKiWXcCU6ZfFgWGgWa6-kKOXtvXZLFxrUAo2y3pmC-DlqDhvNfPzbdmk8P681ddTqDbZYV-Cl4oQBMpNTrFJT-i2P9YIUUptAo4S2fO9j0HMcvjpKtx4x5G8tKb8yrCZqqLIgvUzDZ_oWecJeYDPr5Bv6UGPUPXtLDR2YZ4CnJtjvtN0JLqfOeTgm97mDXcps5zjrDrFRA8gXszjR1FYnnG98_ljyEDyZpCla4OUSFiyhTr31qxxL-0lcx8gKsk76ZHiKoZhdXAsSfmWlNlRbMRILnhVYwzXmM6Sm2beC4xo9Z84SEc3aKCMUH_FZGhoY2GQwSKBcoG_UaqyViq3TrVMvSy7G2CBSb64nFdHc4-L0tDwrDNxIkZiE50RBKIn9z4PbBeuC7oYK-gTgLXmljBt3YBbw-GHmsRpEqU9W4ZmIPALRnQRmxH_O2vHDL52D7itZ377d7pFy4d2ecxGMeO43TEWIsPTvvLgTWMyHpF-1m4YqyAEcNxEH6NjBRKg4MF8lixA2U3C_GqqNjD2_dAf3wsgA86yaenEM7-JMFXLxSUCLmSOgH_S16XofplgLZbvdg4acsIN6qgjayh9yCxMX_KjjvjwHFAzN-UAPoaY5BME5fM9fLAeWzpU9SAhK0aE70sykC9qvlgqR5jPXPKK3SJv8cqmONA9PIInMRhpbi5RUWQR5VBlr0yc3AWBAqwsfa4XLhsZ5wN9lsjUz8KwY2PAvU4YT7T_-V-QmsKgkyaesKl6h2VBL7klCCmRETmAkmWCVnkmV7rKeG_artHYg8o29kxZBdPX0-xTeQzwPMj0cRYfyfkmVQXyLuPuuQZbPmO01vUINYACagBaqwgxRv6B3kfNm6cqaSMdWnXDNVMm0uysEzwYBWSjrwTP-jqEiucNuMWHcVDWIfcvNUiUiX1cDRmyeGlnaeFyyQ0RggrAB1E2lwZ5aZ6bjSsgOWz_L7yn9mpuZnt4SGuGEZ-5s4V4_cQHyxO6g_E818RQIxHiubS-0W10TT9iK-lLxJ7xsP2oQLTDGO7Xi-Jp8NUzUYmRNsV2j7Uw1j2uAxCaB93iQD9lhxKdpgNetBEcKaP4DEuJHxnVfeEpj4o2tyVsVBAOQEWv_NxcFtZexm-RqSBp-JXC1T-4J4xEKY3VzF0zi5CodlRFeSMST7A3oLzpZpXrhLE9BvxVgdJI&cid=CAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=1874735323545788200&adk=3047537735&idt=230&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:55:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 13:55:56 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 2F1E 30 KB
11 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:04:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11536
x-xss-protection: 0
server: cafe
etag: 2200807439755941123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 17:04:58 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2F1E 41 KB
13 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:11:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 386007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 04:11:28 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 3293 111 KB
39 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Origin: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 18:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74034
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 18:51:01 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame 3293 11 KB
4 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BftIFi02poxhl960PhpECrXuGmv_HyfDjSsVx7f4paWf2t5WwC81binePtzR5DhpgQGxhZX8v4CvsquoR2JE7K-lIXtQ&cry=1&dbm_d=AKAmf-D0dYmoI0eQrpiBS-ctgnIIN2Wwis__fow5OJhrUGOde7D8gNhjOwR3yP0cv77H7ijwgM8NhIhywzum9WNGXT7-16LUqOIrcqixLh0qSsL-aHN8394shXMWO2q5S9uRO2zJo2XqS2kT4ybF9XLWPrFvZeyntaIuCkYk53sEr-KPEQur9VV3kzhSyhG_ge4qY5GIphVBVXcuEg2Vf5327pA9kTH4vgOXPNpODGxP-WUpUoSCj50djZVUjrLpMM-m2aDIylMceHbGMFW6mo27hq6B2Ziwgvs08QO1aI9mMx6Nyi6N-5fqVC9y2-OWoMFqAP9CWkAhsgZY3SCb7OdAu2LJ4gc3XH6LFdxTEb8PZ8Z09Sk5rHTn20gcTQ05RDSuflyr3EwEzvKWDBDNEcp3kCYc3op5GU7ve9LLnPKjvvDcD2EODrIrVjhlHhgCo56VDJfMWsjoaLEWvU7KcYJ8mqb8tcEyeg9fdHbK4Y13WnXCY_xj78FQ_LAzCXtNRm0urL94pUMxL4036mB-VADOjUWk3dG4suZctXNNH2d_kIgssO9sEzFrNyYcxwBaZl1tdBmGrAcD_iwxt0azDjXy6SycnnExtPWXks7mYRq_PsBfbT9ihADbt7cYM2UEwL5yQ-mgH4KyFl7VxaOeOpmbiuG-a0LXdYkD1ESwlL3TuqWcpPuDY-k7Nl86TXyZWI87YBFFzQy2ATu-TwNmq5W9zthisL5vGK2f_3Bg-8dYkVjk1vL7-9T9u4vY7BsK2KNjIPDDlxXvS5Wrdj-8ntgd7Gpb4iT85G6EyIi_in0t6cqDZQsitcnSKwKhWpOB4-zDvmkUhJz5nRIlkmf6VFMtPMZfBdTTNHrcakvGqtyYEjqw3TsGWXrD-FOI4n2XBJxJCiphaINC6V1z62l_2Owm2TZF5-NUzL0ncecRRgPookYfV5onqFRUP5GuM7_6EewUW54k_g-Wi_t2XNdFfMj8i_X0oM_vpNCJOtZmPAXNRPR03R1W5w5qz7jmcUlchUEh1ixWUY7QaEEJwLjX8cMCsKYiNBhn74C2Q1u1fK7jp12riaOccUfphgFqQdC5WifnQpFlK1BXZ8Xgn7AwoK_83wL_c08xAlqGFYEOLBHJyARzYTyhI8It5muwtGbLw4CeO4GnU3LKDUmz1kKAvdONiih4pMTGAt7IejB-7YMENUgn4Iz-frA4fMbVCXQsw4G4tvz3hd02NIj8awkOW9aq04eUo-PRKzGs8JdkyTCe_LmuSUn3F4TlbjBpk4QjVHYefjD1XAofrbS9t7Vn-ojARlab2s6cyDGmRLvIQ2qwMV3sFRkAChR7JDN69jYFfUTrWlv74-cvizAnC0XSzM64vmo91K6IxYaT7jvI69Xhasgi2BedUBnYJtlK94NXE4J6u1qTamFzY-c0o1mEYoTdMZSILHWCLHQrfNF9_nVKOP1pE4qspbleQjpAYcMAaSZzaWXkaySRbkD9SxkhPXSO2UztvPfFBPyOCfXHhZC2EyR7x8nWIf8VzFR2EAiG3cq5NLOLlkQO16UHCvyonw7NyP0efZarywTmCt4uX7nIqtkRHKy69RVSlEnpP9CbMSrr6KlPjQcIoRzaM-_pA5EdOo4wVSW1Zt-76k-skcqzgX-GXTNLju-WEHZSTpr5QgIQeactJT4J4GDBv1rlAvZ8GUUVybWV5vZGVCdZeGdvmuLvFPsKXo52cdYGbztZIBRTHzMHwzVheqv7vhagiNXnRTEBQwLN3dpyVnKt0EONeZ0LMyVoe83Dj8lvmsjown4J9ZoFEGtsKzUiRKVXHKE15sTFyErayhFT4vEqrQ5gqSran807vh99dyv6edhwz_W5OP-o_L8ZvtzngzKIoCrj7F8181St3Nm4DdlKUCZ2Pvf6eLgbzr3bN9nSZfyDr8kk7PVvzDaR_HZMFv4EN8Yy2mZAPYgGNz7oJ4m9PtZrpg3rrEVk1D76C4hEZf4UM_5W2xQ1lrYpobBdFdDPn-brybU4aRwfqnZ8qtKMUVCLcF7aRdp8ejV65WGYcapR2kJOkpnLZAGxsdrvqzHR-yjnw6HKZOOyymUsc5_BrmFhxKNbq6j0FBaAtsSM1s47Rtmk-Z83vwZZ7XPZBukyyKSj2Qci43sguVsRY2zWrULYx_7mg0SRnyVKT4MlOrHrkjaeM18hxEe0Ilo-R3VCYDzjYG56wtHoHLSrZLw7v_4lU335PUArbuwuf6_VZuPmeyWrNZ2BHZAva3m3V9ZPKI-y8KkhCjC_szGqHBKZs1IdRIepG9A_XA02cT4IsM0QowcMDSlc-SFEXcabWPEKxLjmG31BAZfwKewqf7uk12ctyF70LzfhjDFCBdX5cLLd01RluPlZ4hR4P53eGPZY78jDwigjgpEm7rM7i8Yri3Yb_GheSkKwS6y14BAmD-Q4CKFnrdquGfiiqVwJoY6jj1nWB_u8W5ywTW6j0eCfuQzs9qifH4i7i84CJNnZvYh1yWRydQqyIEG3x1q0Q9CKhae_vlVWfFb2cgw9-mbE_X8sap7dSHUQIRVZ2TZ5vT9aJVbKkIzPrrtU1Nl-MCFxrNcEgCZ_F_W8Roqka6ZspWyUVCGYCvjHFeLG4nZlkKziGQ1VBCdeNnaJoKdmUq3YXun_6jhcgd7mzvR79B9OIr34B5EqZUvKT2m2Or_gh4jN1Y3f6p39qUr-WDefWKePjX35zKK_gdYPmrN49kiq5FWk2fU-m9mxX2cDoSoAJqNDG_Jc8bwYv41Z3beJMdcnukNmRBJRGvK7VBGPjnyhk0l_0OJd5DB8_AFGnuGDnfwvXgdYfiyKAiFVw1pFxpWmzF_1-MoSPzI9qRr5UHM2qtXSgq8euiWikBEBkPtQQ8qkeBdQOiMnJd8PbPA6-_RsKDN-quVuiDNBceWu4SaB_c-XjVE_7jwyTKLE54htwMZmhMmD-lx4tCX0EUpORgv8CAfaIgYNNRTD4t1bg8uEVNSnJeAA-154Z5pqSXT7TC1-PVBdqshp7KIqByoYkIlYo-K-reu1sFYYK4lDz3uM9zCwaOjtynFnGjVTorkiKOPpwXn-QTjhXBM0-14-zUUZsKELh_g6_e1ZnBUZ83naTuTyhBZDAq0fmyXGG4YUaIoal5aaRUjoC-yPJNAmf9oONWyLlPc1KzfEwCOIUWRY1Kb-L3_zz1hwjfXWjiOI4mHXLK318FD4WGmQjMOQ-2ZpUaJWNjqEvhaon_rIfl2NVLiyrqtxZxIz1kcxh1bPzph5EBXwrjFv-CI9AITcyjoq-iiI9jOmFmHhibhx8ZD4PZS32kQ1cLvLGuG9kWT33jB89b0RYbD6PcfxPlG9pexIwrMaJFzjq2l_8uaCp6Gq8S4AKVt3keGZ_vnx6PbUw4at_-7Bwd-Pu3Guyt8iI11ddDpTbZjufAb2IkEF1kVpFXPIzfKj_jYc6eXHLVLUYfCRh62jaJQrzWGhEyY3kcoZsOVMJhqVkpfQizGt2DNv_1es0i6s_Co2mAN5r2GvoUp4TWbIVUOb4l9OQGyHQ2cD8cUJV0Cc6gObejj6h2xjPjJgRO-Yof0TGTiO3tVJ475lGchaEjvCmxWFy7Q895wELmzQGHEV_87kh1u1sVYPQw1391jKa_r8YTZJ4d8FycFbaqQgWJt2FMCKECVb6fRlSCSYf0dfbRwncHzZoGojIJWhB82BAsDhCClUaMGO3NYV_jqbWjINWlrVtoqziHchPLbwsZosuRjYkcqKXexDwvTgMYTEWBnR0y3_3qNziwOaWfyscZp1_wzzTOu8jVlTVyKK04mtEiMoRw&cid=CAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=17056391933747937000&adk=2086295851&idt=255&cac=0&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:55:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 13:55:56 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 3293 30 KB
11 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:04:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11536
x-xss-protection: 0
server: cafe
etag: 2200807439755941123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 17:04:58 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3293 41 KB
13 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:11:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 386007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 04:11:28 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 5584 111 KB
39 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Origin: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 18:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74034
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 18:51:01 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/ Frame 5584 11 KB
4 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-k3tcl7u-SX76wPZufabS23t-fVbsGDDG3eVotd7TP039kgeauHk_AQsVfMHfNIIWymXEHB3CTCPRbPT1bx7rFQKXMg&cry=1&dbm_d=AKAmf-BPKJg_kaFoiVvs05NUl-30erlG-_2h9qpN7R4VEEHx468MOVimICgDMnovG0rEZwo47XvVJuC-mpSnhgGjrydoe3EOD9NteZLsOD_KgResLfpNheGWXP32Sc41yluz8eoqvbmRk2a70tGD29Kx_-4cnfZEi3Y8KmKmdzWS2WDC2AwCWw59PFNKZ2diyNbQtOEENYEyyH_N6d92xv4KaJyzqv3_GV4eXK97K64H7TE1k_1pcf5mbfScGc8Smo66HKoMqvCZwip0gJ9XUzW66yvpl1mK9DFLerZgxwit2XNTF_IIwslq1ladJYH4Q86qHO15_5jDTLd1ULjgOoBBZx13JdqwqEnncNzL45zo9ZaTDeo9hKXcril7Jb1j8ON3wC-qW0jtr2O8sEW3qM62q-MUGg7ZTrFPU0PUV20-7-xWmbH4BVnDurPZUzdX49koFnDxGkTQiPNc6stYq5MrWL4C5ZB2qAGDjMQ69ZDfcBJG-q7KFEi7PIeENPwo1cFuZ8g2VeA00eM8tZ9oHWUaGhi2mwOPUuWVvEGK_B30UD0zpgSfPG1G44LhJ5s8XVI3jyz7H1DsPg5NBD0ltGJKZkpAFMvHqf0h9VZ4zwVCSPeHrVZ5sfH_tU4qpDWUciMIViT8XdlWFe2oW6qClQvxLZpZ44ga0k9VzfNq-TGjb_2HtP5BWFx8ZvaDuNcpVwi6D-ii7s5L3RtoGQ37-JlbQjzKBRsMDnubfsO-PrxaJZgxyBUF7hMt8zSgDXZwgC2NeqCaTD7rgmIB8BktXj2haEWneOr795vh6CCB_GmCMdBwic5VCIXd_X-Ggd6Rtzl4jpeNUsR0I4I862gWtTUdUYzfyBSO36R_DOenDQhgb7czj7mMixY88VPlNoDJS639zThJiXfm-O-X83OOZv4betGSaZOrdvaaY0MQHfXymg4275J-3I8le8cQVPQgsXAU0yezGcSH8hQk5i0oECmjR-u0G4ZZV9QXl0bxXuYAGY2-0sDqzECLUXLqsfBSt_TN89zjp8Z4XoryN-Ebg-SePGa4CIIMJ94JFxhJ7AEj8KZDALwkFMOM6jBJoH1TyaqGHWgPn9DV2P2VYv8FHVuB1TGLfzy1FfLtYWVU372Ow7Ajt-H1CwdLHagHaZhUWrvwDFUXsgbrDWdYByj97MezDtw5USgd5oafR2vRrIDYR_r0qeHCgDyO7TvBhfDYVVnpMIqZPBaLV0QIIDxF0vb0GlGvFu3jb1p61jsAKNtUdEAqM95nk0bXREH5HutRz3eZoM2BIqdXGztU9IyjaBQjB5siXX1LblyvvQeQtthufdWRXjNyNoIPoOOSM0357BRXUVlqesze1QssLPAMdnRxHKTsfYfVUdO7idAeq9LtT-SimvHRA9fVXfrlWLTU4Y8D9-LWQVgJUv8L3SJZqKiYa_k8dNq-iYxSXY5KNhrPnsIEdmvQ1_fvwEBVAtnWRiT2jX_SaOCuoPDbek5ipYObUY5BMxNpyfNEuDw7-QS8ar8nYeQawX2nFcrenuep3MAau3g4oFd3YzHnXquWoW-z8GpSjGwDkzD0mUeOkoXu3Jewg0xlXqMpeaxb6LCcS4WWIAA7vg2oNQBDnRTAUDDVAoOiS6eCFVnWEES0Gs2lVyCybve_39CdZhd8BQgrtZ3qhcYhfhfUs8zKDFQCvSMjzU5jEtTeC2o4yiXzWRVKLh752qqrMXkR5P8j2zLjXV1P_edy68JuUniyi1HavNLjCAgHNVTJVLEnOZwhmYY79rE5Yq8CH-qeBvv_idYsquYVJFBOSa4ccj3-NO2v5HNsEwJqODs9hzRzj3RgNr-L8QixXe4u49HjHnADYPLPCoi4L0odLXneVBjMBDv6PJQTnJYtG4vsjtcPKdwYm67gRl7CvZCxGAgL3W0f6kXmPu9XFzKFinII7aeB9OksAu_KMQAlQw9s89X0b0Bey8lDNGoeylVdFpZUsmXGC-NcHT2gucEADGUrJt6B3owJiY76E-ydC8dfWKoPKtx7S0Zk_76s1y7srI8g6f0FlaysuJEtMKAgf-WDiHDqScJvJehFKq6rrjkR_5oWM7ep54urCXHcft-gRP8pYICXtCsozYPpgBxGBFypSD6V1xD4Jy5r6c-2Ij-1c7xw2fznZDGaa2pOMwdulpEnL_BFsLygtYWxNtS1OgQKevkAHOnNlJbSxLlSmFN82FN7Iev8Pd0w-XXTt-QrSPq4-3T8G66QbaY8pFK4F1rF7llrfXgX8XAqzHoinfssbS1JMkAGjOLUghH_pQpgpLs1KSnFLcSxaM5OTmucjBwdjEelNtVCR9OlzO3W1miPOUGYoHcKCiaPMXevzsiSY0JNRNhSRpgysvQYgxpTPG9AEah8dEc-7H_ky6wdgy94Ul6d843Wbgnm8ghaA8KfOPOppe452Eg1c2w61WhYWF_0K0Ijdrba7wNWYDnsBVDTcBUyqfJ10J5Xw3W9uzAMGKIz8J4ldA_esrcI6FI-pP-lQwwzn1SyQvT90r30ukkQkJo-0EfdiDGi6Nh1bv1fknKwWKx3QLnkhlAbwwc6CF7jPkd8o4ck-mVYBogFzu7ZZH6D2gKoImvLIJDpVbllD3voTtAucS0nd3AbM9t4qm8-IihLT7uxHxqf1laLYUKeVvqDFCAXxM_bVMuXDWP71jZuPYvT1HwDrSbC-ktDsXzX_pcaCixOLrL8DtKZVzWsHTSGER-nA1WnPcj3ioMmqopkNn7xDDvrOUb5MkzDG-9PsIUmqvngQSP7e0pvzmxFOPLDqLR0B7fJCPzP2_fU_zoE1rSYVwTcW0pUZdyjqokyfZ6fEbKAh6noI_NnebQDycVtoUM0gu_nudRE4tWWSJ2zzsAqdaQMn5EvmA5juvrnDgV8-e6Mxxl8vBFoq2HcMPpsBgqs_C6SWRHB8Mfc2-IWCYPIhzYqnxLG-TWOSPB4irBaq_SrFbJVLwe05mR2vhIUagLHRxVMTfZm80FOu4-C1teomvQNLyKZ4Omr-vd3PaRXRs7fgjYOcqsURaD9DC1FGHRRJnr5ZUtNvKL2Ipnd-70q0Di-YC_6dnFjQEdDXLvGMGsSiAWo7hUjzOTDmvH3bl7xGw8i467qOdqFdPQreJWyo6YXAGnhQQW0ixJ-Fj2wcn6t1CdU9rb3waDMTSH_1cIy4lQQlpd6GvvG7UY92xrdodjFCEZDmmKEvnTF0YzmozNRdmtLSh7p7YlhH01RCw0CmOyu7boTrFWc60oowXMEe1HTDWGVgIw_7hbMa049Eo9-eAQjamdw1DgiTeNgk4WnH7jkFw-Ml8Y3SVQRSSTdqDDNRzxJWoFbd_FgZVG3FbjhnwUdGB3PzasUHFFJPxyan6fpHZkSDearcziqjOEnmbl4LxAUemJl8PLHtAjq0xYjQ72u1yudUJ2-FqMu0kifxouyhVMN4jRHIczJgHlgnIU6tZbVZ-EJ0lxT-y670_hwtUyK986e7Z5xj4gqqv6EgAzLKsoXGtksj43blLQtde4OiRY4a92r_Opd-vFupxTdiYBSnbjs5Ytgg28MJ93ESlisSnWXbY_6I4NejQO2ut-Ihsb9SPUPa4sc1WdcpjY4FkDC3PZDBLwOZlyqPe-5dDiy7U5Msql-ysE&cid=CAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=2410934449464698000&adk=2988274607&idt=169&cac=0&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 13:55:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 13:55:56 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/ Frame 5584 30 KB
11 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230817/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 17:04:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11536
x-xss-protection: 0
server: cafe
etag: 2200807439755941123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 17:04:58 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5584 41 KB
13 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:11:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 386007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 04:11:28 GMT

GET
DATA 200
OK truncated
/ Frame 5584 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d525ce755c835bdf1d5fac23b33db7157028ae7a5013404a92d252eefe551e45

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 215F 41 KB
13 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CfxnhxdhWgz26FEyS566Q-qwGPjmbnKl9SQku_xpxqTRfIQBNqjXrz5IrXkBDPJiKcQAHh8oPHho4ByZvU5vhrCTs4a9mz0dfP3f8yHuNKtmMe-eHMTs62NTfGyqUI3f9Srkm7fXi4znFMVs8uPzz4j0pvlWgkqHRE9pf0VBknO6xTOpo&cry=1&dbm_d=AKAmf-A3CMwibpiZm67Q3wIIDiyPRNKvbaJ6e4oRRJLJ6-o1OS5y8BLNpzLz_-OeIKDda-dBFBKahgoO16ebruklPzcOQhrF_FA823Cpe4_-aoKieRRz8Nl5rTOK0_FteysqYZItACMtXHNMlN278PZMIQImtUQdQMUWb4kjeFbOU5ts3zOk5A1CHpo8yB4RPpMOV_jRuw_pmnWsWYG6QEdI0If6W9_Ag0khBtReJxOw39hhGLhEyHQLhzw-YsVa0BCvU7TGKxvURpaD0PAQTKN97m-u1olrl4cWRB7hwhrnUUDbAqcBaE_5F0dAHSXwYfAeqB-IyNNaxmLdcIL7Kgl9J5Tlf-PLEID6ZGLTYBA2v_BZzccs1LndtvawX1Ec7D3HYDhhgRn5iYojC0LHtfr8jDlKl8o5GcbiJl2leTAVtKYCqIpyLQNep68HhGdr8v-DGGXOdAicW-9W6KocMcMlhOevZHANm1YS2H_5auoiE45wJCKiep74-CtigK27165UTimXgbeI0BPlFOgvgev_oyoP0_9fHTZQHc4T5N8Ywf9dSubnOhx5j1RaEINC2B86AIrqHd-Az4TsEwq5nCeLXY2-OJ0JuiuUAA60IK2gaX-nz9b3jZ-J5xq0lp_Sv91X9PImrPL2S6UEaaPyJl9IqyQ6c3p4F4RQ9G-SrTU2BAuXKlKMgnd18uiOU9GFTGFt3ZzUdWAIEv5mTCw-w4sNyAMl4NXWEMTVWHRtI8F4MperBSg7Z-0rdQcBxuCwW7GmmsaEaWDkhdbB7W9zKnZyE9I3TuaNqX3KenAyzHx3WAlGt_Jd4sHBDp4eVwKtiAOJj3wmxjZuVav3-CUlboFpGIW0bZc75U6m1NDI-NLi3-8vN5A5OauNaxIfDtdH6MRbhXhZn5mCcxgO-ALwNDsI38bN4JuAxY7vJtItpZF8zm30_S7QUMRSllvFOTOy1GEhg2AEFC8whjA4eWaB83tPJrd5PRyK-lznplqJhPIG-Sr441G72QczHsHPgCkuIGxKOQC-5oyls06rmn_49NuvLxRmOPcpN78zryd2r4IClPZOi9mTaPSvwRLI6cTSgnIxnPuIT0XsHz2O6XDgEneaWA_86FOEoPqtdjWX4bEppHkS0cg_ayp4Ps2VQoHL25lY-uvPnPmnbgRqc8da5WWrq7X_oDxjkaRGFuB7_19P_szBKIepl8CgUAw8zSM8_PfTGEF1EO7UUB70M9lpPaxSUsh2JV9yKoNSS7cnXN5ldFLwMZOh1elHsVvC5Iz5YlHDLnWqyLCeY6nwyFIWKQA8JRs9j523Rnuew79xkFeIbL6PzBedsz6uCv_InZvkjL4uQ_q387pRejhg-d4lZMQArjnNk1dOLcoKJwPWUejvJgZvNWtL4F1rvuaN17dfg93-u72dmtgRNXyrUCNeF8hM2WX-kxEqAwbJMll2VSmuD_Gp8j5ds6iCT983YMrDJgcOHkmgNTdPYcXPC6LMO-MQvB-QVzwiqRatveubkXHaKPGnKlwjNHXNnw8DeLskcfUuRCnD-ra-jzHI--yVHamkumljH3HcifubD7T61srrZvbn56lnU4ArWbVO_-r-m14XzWNPA2LGFe08HAeNFumUiImQJxXufOIejoJamUC7ca8vrlkn9-HCetvHdqpr4KgcjvZZTPbE4joaG2RXrbp3L0z0TeM1wE-No6ztPaVhoYOfYXn9bpeDd-w4x_GmbphYpSwOlGtP34V70tiHl7ZX69F48Xtm657Iv59VNMDcWjNZoQy_DSs8HUIBh1LcNw2d7Rjr9t4pYrsMoFs_DJWPYtsDI8uwv49r09FCFHMayLhT-Q0-Kk4A21z1KVZJtbfWSd_kQe5vwAwtwvBlLiC7eRNVlNnC31il0eUih-u5y0ObzDHGzVXhMp8kfz2laB2Tb0FhmlXeXOoltx9KxB5tg-8kOY2v2RCzCdvT8c4aMoj4mFTyE5ct8bMlbyd5Q8SnPv1_xC58J0JVjbprjignIZQVrY3pOSlnBihjZz7XQP6njhM976F2KTR6S3KsPm00rWHeBU6VBLE31bHPOwfyxWjFzS0URnosWN8tTAdHWvx7ro3mf0B81GyKNg0dUbB7kyioq7Y4R35j3SAd9z0iTagMUA69YbxUuDBy39GsxNDoDA_CGwF7UiqGP6QdTkVYP_bDyX0gJTjTXcMiHbay4FMGlWx9XOnaHxBH9HUJytcjOHIsc0f13UclzjGcf-XwrEsFCZSLfxu4caDhySdz3miKdgnnS61tsAjWUVbgfbVCzWzGdr8xw4IJ6GGkYsdKflguyXEyfG4aJwQ_vO3De6tLWRVHCGEmU6K4KkIk_IPlUT0GPhe1iMZAcO5UeYgvxQQFln0ozVRfsxsFJZ5zBmyI5F2ncdqxSop7sLMOVXWotiFa6eqGVSEytPbDfTv_JuMcSK7v0t6AUG-Q5_DvvYnnM7SB_7pr0A18ihOZusyefptFXkd8txO1ob3naWWp4kxt0ACUv1WVZ9yQJjN07jQah15O2jBMnbKZGhqsbEDVfiGZZzwolJe8dpRX4BFVLG--cG3fFShKNp4oOPsm04hamrivSJ_R7VmnzpLuV8gHeJBOk2hERTAlH0ijUxzNzHeFEmGkPqy65kNPU9KUjOf2icleH_uMEqkFreDRIEZfTmnBiHTNPNgtdCOCHlKf6KDHSyqybUYwe1t-8cYY9JqdP2GT569fN-HLy3GNYyoAli-Erv1-gkrJQjBCmvpX2JVJiOF3fCkylxxjbnLCKEdJfmNRChQ-Je2lgVrUu0aAIsLFxU_0idebmI2V1cDC7pF_IvI0VVjQ2IHdb8n4YlHyaoS1OvQWkSzss-uW1Xon0iMmmLjZaG-CLtccopjCc6wzWMwBhv0SXrsYNO5nQHZw-tz33guZyNT14IQeVcEHFXDELpUR_dOXEYf5iHRwpOo7wId1dgxEJzrhpDINDEy-PqkEwSnzztXiTImLsBSoVDhecl2awvJIovPiX40uqIvuxbO2o34lGRJlGUxLEZkzioA8IujWOvQpy8ZXkg7-nNVNCyDggx1LTxK8Zd4-5wqXrutVFd1s9pd3NnNom7G_vG0BXHF2n5nBsFjz0De30qb7lYM_MnI1Bd7QJmMzA_uNG2jNuLMXhXlyhf_APBvJtjlDlkFrs9Ffy3rjis0wBilNa70RUXypm_3VCj0o1KaKvRqSfixkU2XGS3x_WWSkWrZyxNUHZfarKAVw5354YkXTcul_Aql9245I6NfHzhaWj0P7Jl1pLeTCpTXSRkSX2O3kostf5PUz-B8RYlq6G4DhnhHrjCFEznqVehAl-Hra182IsM0eFhyt5wZnfss4jIeQ6q2tDyyS3_GL8K4No2HrvC5vuo0Ppgopd-bSv1SxDdIXiIR_Rw4qGAY32sQkk1qwdmd2ULGfN9KPJdyGAvnpzFm6wuhfD3UqJLn0AViCEm6XmeExLVewlPJWZUyw6_xE2i2lG02Ls05JclTm2j1oShxo62Yc4EjKLB3VnjhLlQexsKIgNLGv459LFJinSmwGz7DGDsCNEhN-6qZHAuMJZ02FGY_D8-RZVjUVMwESoMuL0cCpY4eI6pCIVglYm28A2LVxm9QQmXqRqP1CIJ_O8ALHMzttlOnCILhZi7Jd4IldLiHK4eyepEyv9mXXkTV2hsEh0wkWi0mFjZ03CQxlaTF4iT7pWgLJzeHvekX1_fLYYXu1olCJ0Qsu6LtbIOBzEFjUlYEISgUm3ToFIxyGIZkxrsyyMnGffpf3L13Gj2pJVZTHKd-QR55RLNFt9fv624OXJmgOJawDlgLQNCzrBTv8AJ6r7aMFfyCK8wR_WPnc&cid=CAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ&dv3_ver=m202307240101&rfl=https%3A%2F%2Fa2zapk.io%2F&ds=l&xdt=1&iif=1&cor=13029214530049864000&adk=943508955&idt=212&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 04:11:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 386007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 04:11:28 GMT

GET
H/1.1 200
OK e95xao572jml Show response
hal9000.redintelligence.net/zone/ Frame 3730 12 KB
4 KB 341ms
30ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/e95xao572jml?subid=&gdpr=&gdpr_consent=&rnd=1692717893185161&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRqJaRdPkZMmmC4XE7gO0gbnoBKblvaBp5Zicp8kP8C4QASDeuKidAWCV8v2BlAfIAQmpApzIbW2TRLI-qAMByAObBKoE3wFP0BFkV1CfYo4BtDAy2SlqPSuKrF4vt2u0MoW4B4iCLgGD_9XrMDJWuvQo1TSosrdGkYpN7tjT5SqnLljZaWNVMkWE02zCUGA-CGgaElcxyL7GcYUQhdYq1EB0NhLC5vxA993UuT-NrvnYWBLjxo53J4SNXz3LiuTox0YqGzH3IMuaA9_g2UMxDHcJsYgR6ZE-F5Xv0RfPr3R1PgjkRm5FX5yzlyB0IEhy1yRAEiZ3opYLkElpIny8jXxGl7z3fp43c6u0ur-gFbg7T2HN_VCosN379mw2nskxG5OTV3mdwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIid3pxcnwgAMVBaJ7Ch20QA5NEAEYASAAEgLh1_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ%26sig%3DAOD64_1LXy86Tb20gTm1Xeis9M0Qvk0E9A%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Ao8nP58Q2110b9HpxOPXPHE4EZin4Vo452_7IfbW582IiBbZ-BF4nfN0TZ65nKkyiE4XIpLpb_V7udv5-IioOk8jaCfUx4uwYo91JkFkZgAfltAxhDM5XFwyQQplXi178AACFJfPtNYUESiZBgriA7lhKiX2UYp8IbW9GZ6HBbRt5Sse0%26cry%3D1%26dbm_d%3DAKAmf-AOzv1gG6lWEagY4EyX-KA7pBy5sUslpFfLB_LIeaFNaLb4glONEn-Z3XPA5uy2JR344_Z8PB8S4HyaDSQP3uSZ0sGbztIuLS5U14QyOXQbIgAFhV-bwqoKyk8liin8yVlOGk4CoxY0HcBursaMwSpacqZZKZF8NQorQy37yd0XU5T0fl--Me7_Ou4FbouVdsYoNv9Es5LqVke18ozvwndiu6YjJWiYept0HGRJmtEHM1PLaXDSTuUX_TWVWNrggztUagVUixFmtRNqgh27ehhU1jJZh_AImBpahVoQoXAgiSdKludQkFndhY-dSVMDzAVCrjAKSazbvUQrJSw6B6dyLR-lsLK7PeeTa7GFeQa8MyVRxR4jOQiT9aBdHGfGyduovf6n6itFd18xkrvrgWQgQ0XKKPFQc85OL5avhDqKOOjS-Iw3DWMFR1q9Mulp_khY63ufuXpXQ3B-jLY6F3keyJdKRzc26OAqnrHfqLaA2hRPFebt59fiuxsNLDNj-abwBUJxu8yoZOoHpt6905jR8StpKcF2VyJMAiP7QnfDm87x3ctG3PUf2J2HgY2I2Db01MJ8OQ7Pm3z0vL1qX9SXbvkP7IGxjOl9ppAWcrzxOXZwT7f-Hzgc9oimbC3gJNxVgog1%26adurl%3D
Requested by: Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 83deb3635d61dd68b123e5f1f2de9ef814d7cbdcd7cd66c27f65bde46cc67b14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 15:24:55 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4250
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 8C8F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b11c6a309d810d472cb0ad5ec4a7d4d2c03e411a794a1c262e89c83f37de81c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2F1E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 047739620d70265708f54a40f0d7c3ae34af1cdc206f2504686f5dd613dab6ce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3293 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc042e9d04bdf6921dabdc0d445afab738642de484bea10cfad9b7bff4565f84

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame 215F 12 KB
4 KB 1024ms
82ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1692717893185166&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCo898RdPkZM6mC4XE7gO0gbnoBKblvaBphZWcp8kP8C4QASDeuKidAWCV8v2BlAfIAQmpApzIbW2TRLI-qAMByAObBKoE3gFP0NMzPOloBhKe9b4x_9ApfL6xQctHCAiF0mi9jHEo-pPCHnIjwCl_GqA-i2D9W8NOP5rIrWnnWgMGS8qLCNju1aUsKua7nVLH_nws48RtU0rvYk80J0kVY6RDB9lhdqNQi3IWZ7UaDhRvleF_vgWRcLYXvGk5RXH8fn7LtWh63FMp_HAPySuqNI2X1e1fX2FbXa-FzWUWxjyZx5D-pShkNiBTGsEwMDEvztdatk8AF7fGVLY_xyj_3AO-RJOUWpAUFTzUaVrgN4IDkr1eaLy2hr7S9dC2DkkHW17W943ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIjt3pxcnwgAMVBaJ7Ch20QA5NEAEYASAAEgLQmPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ%26sig%3DAOD64_3hcDvIOnsTP7cJ4OMt_WLvFBHDAw%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Ckw0EMYcAsSc1CnIoIfVSy9AkmlxdQSRmi6ewmNf-fa2n-aJV5irzekOGWZ5o_k1VJEx7YrP14T9vlMUsf7BVjz4jn1XjQIkUnwRRiIPUR0YlbZ1RRhmxKt136Y55vxWfEU1J0zWGwseiKhMacBgJ_caRPRZyMxwMfSg-mcK_QtGGBKAE%26cry%3D1%26dbm_d%3DAKAmf-AzMNjEpMA2Fz9GMUQt9RZTJAHgNznzRK5MeguD1_aFP5Ey-g8GxVnUPvNrmd2W1MbX9dV7RudGI3Qevj79b28Xo2rQLrg0GxqWwrkPNklpKRWZBNFMAQRudSRX4DDuOjyjGQ2ciZ7Ulht8PZglzjscz7BQIeUpcSsDIx6oQxkITaF0yOjXdCqzR1f6PhzoZ8bS4zfA7-54gLLdqJAziKSoJnLG6A0KwOPHQ1LqizCOx3R0ciHnD6XLsNWoD6g0lnwF4c8hGdf8k-SBCIf_QKJmH1CF8hUdtpi2WoJ8sQT56tVs7MvpaMNbEzhu6aMuqMMSWyEalDHpJ9aYIN2GaYUUggnzUiiAL1AOS8p-wdiRyX3IN1ri3_ovubNFmA_GfHrT41H1lUPLw8SOJZ3DIBPpuJ6AiNnpmErhGVYeva0KRqZdB8R-g7M22ALA1fjPwT4v8uDFlJoA5_zSbftVfMF_tsPUPNfrzaNUitsbv2UEXPBkjHz-YL9tdiLK6XD4fX6j56VXIFOVw31kBor7liX3a0_VndZUpC0Uyj6HyGukpLXyW3RT1M6wd6gG5y3Zsfl47k6wl-Ju8FCrpAAs-r9o73BJlEDqYKK9ix-fr5aHf0nq8p3vJeO46vm8b6dKHx6aUNV9%26adurl%3D
Requested by: Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 3caf825c4b9b5bbad5a83bc6dd590794185712f7d459f16f7d0dad79a96fe743

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 15:24:56 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4248
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 27D8 22 KB
8 KB 28ms
27ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 437020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:01:15 GMT
expires: Fri, 16 Aug 2024 14:01:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/ Frame 106C 12 KB
4 KB 126ms
27ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b260c616a6d660b3ae76f05922d6608e49cfc3ab869e7ca1f603f0f72cea7930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 293217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4006
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 05:57:58 GMT
expires: Sun, 18 Aug 2024 05:57:58 GMT
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D4B6 22 KB
8 KB 61ms
60ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 437020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:01:15 GMT
expires: Fri, 16 Aug 2024 14:01:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/ Frame 935B 12 KB
4 KB 121ms
35ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b260c616a6d660b3ae76f05922d6608e49cfc3ab869e7ca1f603f0f72cea7930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 293217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4006
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 05:57:58 GMT
expires: Sun, 18 Aug 2024 05:57:58 GMT
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8C8F 0
0 266ms
187ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_q2Tn14Z1eMM6JbhTvwy1SYgZg1vH5N10US224iGustdF6FZuGmwPs3J45e5IYboRdmWepDYvgAAHJjvflLLsBcswphq8Sk7ByyBm4DuiOJLN2wBqPsFqVAtQCve8zWY9Fp9xtFE9O7QJ3ihTPyTW1XEHasAa9bDTZgEhk6xPqaHV_UoxKuG4rv7kz2KxBFO3R36ncdinjQCoSc38ZI2WMshhG2RY2Tf7y-AsawOBwb5bx099BDvvQw0SrjQ6zT4AFEtUIYARfkAGqK5g-wjR1ZLwN_tCx5WaGXEXYNddw51GQS0BfRlIDa_ErjsHjWJ5qlh_BIN9s4KPdX5JCw9n9WaEtPSCf1cCQSS6kQKeZTJ-1GRheWbURDtfkffhpjsYzDDvxIFJ8i06mqWdTtQKGmw4lpR8fYJdApgVf0V-PnJMM1VeNXXTykqLWaI_ea3WxDTu6fNjQvslUkCMC6X90mim2o2pB5SX9luD8VWpFgv3g12N47Axwb8EvdyY67EsGJ6VTXkznsYNLmYdJnBx2Q0Su5r0lk9xT4ElP2NuEfvc_PCvKUrg8GWQY3BXWDEJvpKFIJULsp9xtsqOzP6_-ZEQZZdT_RQYGO2STmmO7djcpp15JqVtAdCoSVnJvJr5hr1kJ0DLXLVYBjo2OA9uguMxksRy24ICuf7wcixb8twoKnyNvaCpHmPQ6PzYTXlgX26jG3UQLEGrqSG9jfGHS9atnlzItCqhXd8heI9dYA6SdCS26tyI-Z8wrcZcT2YpElpCycKRXgq45Ii2KrJx8pPSIZSwD-PGFLcsWqNAwkea4ZnmUZRAI7LMsv0D-FaYmDVkYlHdgZ5cJSMvYNrP2TxuB3hNHqGmZhPdfDe1Lw7sl5vtlwHOKlh6Ulz18nGn0uauf4KxFXAsVuqDCi6uRhs7ypAFfW8LzkAyLZ1L_vsvzJnXkgKH6Y7rtkUYC6YI-v0ER6z9GofkZrmnbpyxpa2Sm3ZgOCTn5P5685NaxcZA9CdlOBQPv02MYbewYE_g0LRWVi3rb5EFBc-f8DQrQ4smcFMMyyvduz1_41THJFgCBszbhUOmQxkA6sM9-ZWPN60QsnTnP7bFp0dwFmOcIbklkKYYmB1-OR2fj0H1YGv9of-XTP7Pz5toxFc3RxHemoAgv-DZVTsR4h3_HwyVHaOgoFwFgqcfBd-EU0-dwtRJT_xDRDs_OCtGxJSbJ5MoFMgrsZD81JEWFTSHqoRV_qZoLIfEaFDToNYcSUlZ_ny_KZQeOxE&sai=AMfl-YT3OIfO2_j8tGAsw0GO2R3wvL6TnA281_83Z-t09_04eI3r7KFblRbabT0MpKQEt4cEOOzcO_xU_0b0J9TAYJWPSQdK-nk8-d3378YpS6uzlFi2YOY8QIAVvUuRp1XjRuKKlAEjETaBeJMk7iu1Eq69BCNDzdm98dXLZHGUMeU5ufVBVWrnO-BTXCoZT-uvYP6V-a8I_kvopFpDf3w_1KxMKruVxkJynjtEwktMXtUNyxrNKHmTmIp_7z1HsgnIY4jOjkmxaoe5lIYl3LapnSF3R4aR-5tIZjMD&sig=Cg0ArKJSzKAOoMg7dGoWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=288&cbvp=1&cstd=286&cisv=r20230817.90821&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 22 Aug 2023 15:24:55 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 22 Aug 2023 15:24:55 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/ Frame 2752 11 KB
4 KB 121ms
40ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b7c1f9b0cd43d700389d777d0d7e54ac741860e29caa6ad833ca4d3eb27585d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 237042
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3986
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 21:34:13 GMT
expires: Sun, 18 Aug 2024 21:34:13 GMT
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2F1E 0
0 262ms
188ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss71CsLvTVjPaOoZCRnrwgEznz4KN_uSbrv7JieLOkd9f_-45i7kXjHGKSiLLY-4zDNmAsrQ5f70dwhcwPX_XpwHunVZ20DDpXT_6Tn3nLnDWMEREuaHxF_z_IbaAbNk-687G2KMsZOmCh6ZkHlL8yjHDRLQs4EKq8y90lzleTLzPzBPDb8GZRSpQpZ-wAQ89TaO883wePJosG_Hdc9nMnpESmtrPZbEspcWk4Qa_i00yLXkyYq8X1701V-z1j12nFu0Qyib5HHrDbYG-tXFrpahCXIQHIv7G6ElFc5RnBXaEU4p41ZPLI7r0_x3kzzMEdskPQv-XfMK93p-cl1Yjg5oh0lZVjhB9h4iECCxzNbXvZfukBt2Yq7AzVxuEccbJKAN3HrIPqOIl-aoVE918AhP2Ry1A3vhDRRxDjhvftJdAsrk5mxPAEo2WaR5cbWvV82ziOjE0qhp340CqkULbyXAwaP72eaO1PmbK9UmpEP_g6HeErw1wrbJPA-Vi_CxUySUWZpjJxmSv4xMaHMgabAfLY95D0XXvkH2MqfW-oflcJGp9JaFrZ3jEu8CCS7rvxR6q_B-u1degsTooSWu5KNB18kSfU_b1Ybkn8SexSzXVQuwVY1TVW0YTHJbXyhj-uTyyjqR19VXFdHs6brBw71URirEgtRPMuHRa2oOntz5oDZPZpG2Cy7ImtV5ymu-tV3oMk_vQkQVryZnJ3xelLpbi-NDedoML-aLAMtabsb-_OzxZWWfSTtXoLMp4qZDEoGvglQtKKTTwkgHqTUCqhb3dS-U_uMozRZoiifag8AGCS_MC8JkNKh2z_n4lsA6bxW3Ar_zz1FtMYV6wBlPA-c7fAC2yt-MDIISpS2c75JuWJCQ8tBTVzL1I0dBGu_HrVeuUD6pKXpbRI-01HjwxM_kf7zA_ga_JNVJSnsb3tfmcr3ctVmky5yezp-yMutJUlscASgjdBGE6ACBwx1r323BvnQKakYrEOg6gOfDXAP2klXBt_0J0EY9t4uzNXVLyHMgXW5RH8LKqpMmkYCdRaphNPWCh-91gPUlEB4xP9M38xv5dc5bi6lPgj9ZR9dwPx5ro5GFG_QEwg8tXzw-Kfc9DXrb9z2NuHJDuUtgEytYx3mP6B1Pz7SQvzeBJePJZ2XxznR8jLxJeKQ2RgauLRZQt37wfXZ4Pg6oLX_0WQS1yo3jQNOVxVfASCLlFQki-lDYxSX2w7fi1DuWbT16H_fe_CJU9Twh7HhTOLdZrbW1-jx&sai=AMfl-YQ-v2Q-HN6wg7hCBUzUoDgEO2OyCqRTXm-eljF7AZEBaEdB0RYouCwYks4i7k3Pn1uD0tWAhRa3dhCFLNNIkFUEucqjzGCKy8Ab3b3qy3vFWScsBLoSIimt2pLgWOpg3wBMclQaPTjEfYExT3pe9efE4TXAK0mGRbEVeq25_jRYcV4Ej6zSPB16vfr7adfcopISyqjYFgf7DfX1sseUKMJWk8iGSbL0JSKxqpVZJ7wAo4r6enQ17V-pqjP6YLVpfeddGOwiWw391T9AV7oBUY8-ZniXszLut0dG&sig=Cg0ArKJSzP6kyXSjfUHHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=282&cbvp=1&cstd=280&cisv=r20230817.93365&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 22 Aug 2023 15:24:55 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 22 Aug 2023 15:24:55 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2962663798543763056/ Frame 1AE9 11 KB
4 KB 108ms
32ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2962663798543763056/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7c9d306bb08ff848ecf8ecf5a043a8d566be5b87d0fc07503917db9ad38bcbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 292748
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4019
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 06:05:47 GMT
expires: Sun, 18 Aug 2024 06:05:47 GMT
last-modified: Wed, 26 Jul 2023 09:31:09 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3293 0
0 357ms
288ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssjUoJXcbRYudXc_n21OJHn16loToGfKyQM20vg0S2EyACShOUEwzbds1dGx3LODvrfKS4AKnrkVZxojLQjfHQM1WqI9ak63noUsv7UCSxvtNktXckW46R9zFhkpQeYjbAofIeJzCMRTGbaISXWalxfzePymvwmVNzmU2U8Tq8XAi5yg5gIl2WN0OCb1zR51GFU_ehbN45RB1KYzBgSZg3nOzurrz0Lcy90axANZAbHkZW21q8HsyyZK0AwKlx0twK5c3dP3AAV_pSch2BUJ74AjvQIBEnrefKxANG5_VX3TSkAWQJ3HjxpFqyF28hh14PmNEJ-MTwlZQ-HpN7DE6voftiGULUyoNtOlXJuxBiuyzhsbxTXPWfDOE617M0ngVD46G0ylRx7OYh4rciPznXSPcKd8T-WtVYF1q_MF6hQjOeJp2ulicbbqn-u87M32pjyUsgjb6TQEW4Vivl2pNjQYCjT-sZZB7iePcOHFqMxfxsWDzoV0nzdIO8BnzHB36SLyoPfCR1P7tVjXbyVoyuAyjhPBvxWHrQQZ6JRCAWqhfKBS7ZKYg5cc-Xp6qc3nd7Dtbd2H32ttcswmzb7JzMnnCaToH30sRS5hjj-_XVUBm6Awg0BUUphzcshECGWbKnfQdWka4lxNcmlogRoHyFUzKAsyrVlBMcZ1UlZ2BilprVsYjt4Qm4jLdL6WZvkhCXmNefPSBiIuYtCP2nV1qOhFiiX1-WL_ZDqvys_YU3TAAJm0CBU8d-dRVJAXpWM9ym7GxMuopCBNbUzWzVds4A9c03png3Op2NhWcOZcnrajow6HOztERA9N46RKA1XVEvi4LakW2TVO_O6ZsLtVF_g0yR5lZexuz3xoUE6gOYshA-1HLkhUcQiBdD6bP-AlfLJEFBHsgwHsiuQGlbhQv5-2353xc5Wp3ZGpYlLwBaqBUTkAWpv8MzxyCfkQOF6HD37JMkO8yg2hSUbzFPXNUNSeSLvBu85vpUBZTVZFksCiVtYp5vtrCQL9YEYgm1r_zj-TzYrx_kk2y30RmKGfbVqOdxwkPgSzZAgsxFotNPlg7S33NJH7nGEw0kYlDa1QYq2lsIUMsHtpFwcQI5xjU_oOxCWkNv2rRGCpRpUM2iHtNRDsuSa0hu7fDU6td11ka2D2KNqWRxFvzWx0El-UM5_Cx4YiikrxYcbRwCA7P8gsY7GBJOb9RvIE5X6l8NoPDfJi8ZYZagGQBS0gMUSW3StYPw&sai=AMfl-YSEAbKbZ16Y6fI6o9Z1yfJO8XODm_KyMXot-F-Y4j20bCjQ9xkGRv1Sr9nW0gwAaF4GQo8cxYIHR4O0gQcGC-JB87D1wxciKTcP-hh7dGMJ7ZApUTPfs7bAI0Z5IAQgA-WQZql5J0SDUPuxf_UUPHc7aIGdIXBEEbsqO-iyAp-USlByHUGswOZEiMKJQNcvxl8piotCH4X84ypgzYKzbd7N4ZVYEQ4qmUASMYvSner5SdU3iS0v00grITSguFF8DMIQVSuZuyFZm2jLqM1YK19GWa0pGScM0vAp&sig=Cg0ArKJSzAatQx3lnkKXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=276&cbvp=1&cstd=274&cisv=r20230817.31395&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 22 Aug 2023 15:24:55 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 22 Aug 2023 15:24:55 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 3293 60 B
60 B 374ms
35ms Image
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=8&extPu=31180-dfa&extLi=30184624&extCr=196066686&extPm=371506893&gdpr=&gdpr_consent=

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.91 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 15:24:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Di, 22 Aug 2023 03:24:55 GMT
X-ET-Code: 0
Content-Type: image/gif
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp: 1645
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A2BC 22 KB
8 KB 28ms
27ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 437020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:01:15 GMT
expires: Fri, 16 Aug 2024 14:01:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/ Frame EAA0 11 KB
4 KB 99ms
29ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b7c1f9b0cd43d700389d777d0d7e54ac741860e29caa6ad833ca4d3eb27585d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 237042
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3986
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 21:34:13 GMT
expires: Sun, 18 Aug 2024 21:34:13 GMT
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5584 0
0 351ms
289ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_SFTehdThgz4qFvv-eOh7moWqsuubbM9iZIaJkM4zvHqw_BvPyOgZBO0aj8nIu7vBZ3ej-4ySING_FCV-Ak9oCejQYitrfBYn_SSQyfvtmpDPuoyI63WQQXnTzBk0E0SIZUL6gmbTYNohQiqSr-y7px6sY5scHB55byyZr4UbJ27473eoqpiHwGKiMItxDz3nUIyZb1aTCS7i7R-3c1mps94ese7gTuL67LyuUYl07vEwYJ6uu_biYWx5_FR-9BASFSm3eUE5-pgOAmyloye_rTpPB3q00sZ8AsvbALTGUzi49-hLQFmgXjqfOdF3BOMn04vYaj4Vn53f54nEB3k3nHyVmxveeEQvNOfcugLq5zEJ8DV531LrdIFBimYxGxXjExR4VHWsZvQAkbQM9uGGFsYgIbKQ9YCDFlbjapUHdXDtvaqzB0wU8p60QUmd9vTRWli1WgJHjsbY-RL1fBeLONdxv0iQvsOLWK_4c80gz2mW7d9Adp747M-q0_fY09rwzOCLsMCjsGQpPwq3GnspsPHuTUxifBlxeDh7VDg_zib2tdSy-DVmJnbwFPXH0-HVUUUFe36mY3pIPzK2GwMTrX33SYUBdnzvGtdXT1C9ssHRx60fiGaX2jR4F_L8Ggmwgc_QtC_xLNOfuRYo_3nLQvCEqPRONVg9lFgiMlAD1jL1wC6x1sVltABRRxAR-959EDpApGE-uh3EslH_6oAdhq7w0Z9nzRYeDw63ggs_CHQeN6Bl5ydbbrFBkc2g1EomWc2KANDnWpeorPpV0MLL-kCVZ7UQFLqFku63Y5df2Pgx0x1AWegNiUuJkM5hk-GxtOPIy6ishciR6rCh8VuNNlZwItVTOOQSZxDeIt3koAPbhnMIZN79wVvg8-BIwRAtwV1WhFGVLDUowQk1_17o8wuVhkC13DGEtitScViEjA2If-gHJC0E2ig1k4GO76RxWbzwR83vJUY2-mLpcZxl9dIROqCqD4ptfTO2s1NcQ7ktoPfdQpZgZZftATHYU0Jqw_ek-E1KiVMZCDDnmJM7aAm610pKXXiMfTDrHiTCb3CCvdJ5Tr3R3nPNGWVcskIeyNGBk3-bTYUFJ1lHKC9_XPuP6lLZ1rXG-bK0sYoVkx8N0mFxFyOplrjsXDpIGZKkyJMBX_PahDYTCnw3YiezvY_SOvweg0nCQEBXwt6p3E30qgw5Lq8SKR_lt9NyqdRGhPOFNSPdTPb3yZPr4gIjmhx1tlgFuqEef1cLpGVLY6EMmhc&sai=AMfl-YSQDz-6RlJtxlOKvxp6cEdXuUBMpHy0TSSFoeqStR7EFgfiJYwd9KHTwF8Ud3ahtER0JEwGEprzvPhX0qL_OK9K1ryljjzA3PIjo7aPFax7TAvcVhOg3xRuiaHDmWF2035B1B0SLQFnphxDLMukjd8s0rEo23kJXCHifKuGQu3J6rT06Z_z4HnsnebTjm8TgswAvj22csLnsGKG2PmKxXFXaW3P4XLqNvlZsk4mXS216q6eyEK_-4iEDFEBtRneBG9v2EcdSE0iU5F7KSpl2BLc3mpLV3DWQvDc&sig=Cg0ArKJSzCHJxRdpV0jiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=271&cbvp=1&cstd=270&cisv=r20230817.36664&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 22 Aug 2023 15:24:55 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 22 Aug 2023 15:24:55 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 945E 22 KB
8 KB 28ms
27ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 437020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:01:15 GMT
expires: Fri, 16 Aug 2024 14:01:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 88C6 22 KB
8 KB 26ms
25ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 437020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:01:15 GMT
expires: Fri, 16 Aug 2024 14:01:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F52F 22 KB
8 KB 26ms
25ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 437020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:01:15 GMT
expires: Fri, 16 Aug 2024 14:01:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 59D1 22 KB
8 KB 24ms
23ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 437020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Aug 2023 14:01:15 GMT
expires: Fri, 16 Aug 2024 14:01:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 27D8 37 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 06:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 204633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 06:34:22 GMT

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 945E 37 KB
14 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 06:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 204633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 06:34:22 GMT

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 88C6 37 KB
14 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 06:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 204633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 06:34:22 GMT

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame A2BC 37 KB
14 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 06:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 204633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 06:34:22 GMT

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame F52F 37 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 06:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 204633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 06:34:22 GMT

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame D4B6 37 KB
14 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 06:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 204633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 06:34:22 GMT

GET
H3 200 VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js Show response
pagead2.googlesyndication.com/bg/ Frame 59D1 37 KB
14 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 06:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 204633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14636
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 19 Aug 2024 06:34:22 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.3/ Frame 106C 64 KB
23 KB 33ms
32ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.3/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b4e40ffeea4f88fa78707ac8a7aa1beefb4f707d7bba71eb8b0e40ce20fbc94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1160472
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23286
last-modified: Thu, 22 Jun 2023 11:03:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a86-5af6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQa%2BUFg9N3fqWi2V0CjqumeSMGNuvIjqtBi0gTequsnhnH6Q7PVa2YIdYmhJUlnKvcWwlGrDxxSL4gi4Ul7Vq6o%2F7EptkKtM2dQcWgcbzEtebFul7s7RkgL1FXE8swTFqATZvFlor8ARuQu%2BPqlz2cGp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fac201eaef02bbc-FRA
expires: Sun, 11 Aug 2024 15:24:55 GMT

GET
H3 200 creative-1.0.9-alpha.js Show response
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/scripts/ Frame 106C 3 KB
1 KB 27ms
27ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/scripts/creative-1.0.9-alpha.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de22b749dfb9461f4308fddfbc79f0b636f78f4add1e26a481fdd23be02cb3c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 08:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282415
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1012
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 08:58:00 GMT

GET
H3 200 keyvisual-x2.jpg
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 106C 117 KB
117 KB 27ms
26ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/keyvisual-x2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27b829bc85a90bf3495216530c225dd7a4e4130722583ab8f3fb5df1d3893daa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 08:04:21 GMT
x-content-type-options: nosniff
age: 285634
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119814
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 08:04:21 GMT

GET
H3 200 donut-1-x2.png
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 106C 2 KB
2 KB 27ms
26ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/donut-1-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cca87c9e0a74be43a6aec384185b284b076af568ab3a32a1ab5d09b15a1e127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 10:28:41 GMT
x-content-type-options: nosniff
age: 363374
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2293
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Aug 2024 10:28:41 GMT

GET
H3 200 donut-2-x2.png
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 106C 1 KB
1 KB 32ms
32ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/donut-2-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

731c6d54aeb00ca8f4fb178937c2007d74e0a352f3336f01f687761678945a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:02:55 GMT
x-content-type-options: nosniff
age: 292920
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1206
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 06:02:55 GMT

GET
H3 200 partner.svg
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 106C 414 B
305 B 30ms
27ms Image
image/svg+xml 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/partner.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23f1437cd33df500ccadb5cacf49ba212539c95a7a25567c45b99caa9f26ed5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 00:33:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485464
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 276
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 00:33:51 GMT

GET
H3 200 text-1-x2.png
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 106C 2 KB
2 KB 29ms
27ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/text-1-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6adac6428edb51a484c2c40855013df405dd2e310931b863963b7f63810316c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 02:35:02 GMT
x-content-type-options: nosniff
age: 305393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1894
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 02:35:02 GMT

GET
H3 200 text-2-x2.png
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 106C 1 KB
1 KB 30ms
28ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/text-2-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af0f28e8f1cd2fda8d4772a6498c611b1e5aacf9f3b96e899ec84835ee1c318

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:26:33 GMT
x-content-type-options: nosniff
age: 280702
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1499
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 09:26:33 GMT

GET
H3 200 text-3-x2.png
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 106C 5 KB
5 KB 34ms
31ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/text-3-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f82981d361d0f65315c7326b33ffa0428635479dd48dd1df4785c19126f37556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 02:04:06 GMT
x-content-type-options: nosniff
age: 307249
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4636
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 02:04:06 GMT

GET
H3 200 cta-x2.png
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 106C 5 KB
5 KB 32ms
30ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/cta-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6514f1a7a8a2e6357f713fe366123e6ac746b99a68463a34a324531ca3d1c81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:15:37 GMT
x-content-type-options: nosniff
age: 295758
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5065
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 05:15:37 GMT

GET
H3 200 overlay-donut-1-x2.png
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 106C 4 KB
4 KB 33ms
30ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/overlay-donut-1-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c78de03d62d435f83aed780f66367bf49e48d696cc0bd7fb9c85983e77884d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:53:43 GMT
x-content-type-options: nosniff
age: 307872
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4532
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 01:53:43 GMT

GET
H3 200 overlay-donut-2-x2.png
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 106C 3 KB
3 KB 31ms
29ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/overlay-donut-2-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb0b9b2a8a5010d882296aa6c3ba890fadc5343b83a52b780d145944558b2db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 20:32:41 GMT
x-content-type-options: nosniff
age: 327134
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3205
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Aug 2024 20:32:41 GMT

GET
H3 200 overlay-cta-hover-x2.png
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 106C 8 KB
8 KB 30ms
28ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/overlay-cta-hover-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45fbd96af253805dac2c58d386ad9388438986bddcee28f7a9334f554d4ce1e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 00:08:36 GMT
x-content-type-options: nosniff
age: 314179
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7772
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 00:08:36 GMT

GET
H3 200 overlay-cta-x2.png
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 106C 8 KB
8 KB 34ms
31ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/overlay-cta-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2a07539fc73368c642559b37f67f0a60d6e759419e4ca880eea809b0882fe6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 11:50:53 GMT
x-content-type-options: nosniff
age: 272042
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7885
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 11:50:53 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.3/ Frame EAA0 64 KB
23 KB 63ms
62ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.3/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b4e40ffeea4f88fa78707ac8a7aa1beefb4f707d7bba71eb8b0e40ce20fbc94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1160472
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23286
last-modified: Thu, 22 Jun 2023 11:03:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a86-5af6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUJjkAdTTCiEqJWsg0FiNBDrgYl6805YMtNqoqLkoKbwlwlK46umbXSZib%2BubrxnSyoQdaN6qCej%2FVvaZeTV3Ul%2FWv5gTdDD9O54q6%2B3A9nc%2BAWFtDSaXKUnXdWOmpkdkTdaVRo1246ym%2BhgGBickBpS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fac201edf322bbc-FRA
expires: Sun, 11 Aug 2024 15:24:55 GMT

GET
H3 200 creative-1.0.9-alpha.js Show response
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/scripts/ Frame EAA0 3 KB
1 KB 32ms
32ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/scripts/creative-1.0.9-alpha.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de22b749dfb9461f4308fddfbc79f0b636f78f4add1e26a481fdd23be02cb3c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 20:32:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327133
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1012
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Aug 2024 20:32:42 GMT

GET
H3 200 keyvisual-x2.jpg
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/ Frame EAA0 105 KB
105 KB 29ms
28ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/keyvisual-x2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee0cc967bc3c04a443424ba76e45144612dc6c1d79697d242f2b05838af5c475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 20:42:34 GMT
x-content-type-options: nosniff
age: 326541
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107849
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Aug 2024 20:42:34 GMT

GET
H3 200 donut-1-x2.png
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/ Frame EAA0 4 KB
4 KB 27ms
27ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/donut-1-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bc0b41d96faf37f1a7392d804ad6cb2b980be26596753761024b7d3d9bb79de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 07:52:19 GMT
x-content-type-options: nosniff
age: 286356
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3967
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 07:52:19 GMT

GET
H3 200 donut-2-x2.png
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/ Frame EAA0 2 KB
2 KB 28ms
28ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/donut-2-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6032ace0de4c42162f71431b2ab16aa63aa8c8bbed88d49eaf6e6fb7baf9448c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 02:30:04 GMT
x-content-type-options: nosniff
age: 564891
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Aug 2024 02:30:04 GMT

GET
H3 200 partner.svg
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/ Frame EAA0 414 B
314 B 44ms
43ms Image
image/svg+xml 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/partner.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23f1437cd33df500ccadb5cacf49ba212539c95a7a25567c45b99caa9f26ed5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 21:35:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 276
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 21:35:11 GMT

GET
H3 200 text-1-x2.png
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/ Frame EAA0 2 KB
2 KB 45ms
43ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/text-1-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4965785a1b1ac9a9aa14ba0b102acc350032529a5dbbe79fabe0a742d6c27fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:03:09 GMT
x-content-type-options: nosniff
age: 368506
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2073
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Aug 2024 09:03:09 GMT

GET
H3 200 text-2-x2.png
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/ Frame EAA0 2 KB
2 KB 45ms
43ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/text-2-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f999b666b45cd6b584b91655f22e7198716c2add9dca93d80e0161bfeffb5b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 07:55:58 GMT
x-content-type-options: nosniff
age: 286137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1760
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 07:55:58 GMT

GET
H3 200 cta-x2.png
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/ Frame EAA0 4 KB
4 KB 107ms
105ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/cta-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5b2b6f1e352f3575c381f47f2bb0aba701b7cf5b36f5cc9e689e607d375c370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:21:05 GMT
x-content-type-options: nosniff
age: 3830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4299
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Aug 2024 14:21:05 GMT

GET
H3 200 overlay-donut-1-x2.png
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/ Frame EAA0 4 KB
4 KB 109ms
108ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/overlay-donut-1-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e7f6d3bc4e956a9e9606c86cbd7c3c558ee412d27a64f57eabeb160b7ce161

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 17:26:17 GMT
x-content-type-options: nosniff
age: 597518
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3762
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Aug 2024 17:26:17 GMT

GET
H3 200 overlay-donut-2-x2.png
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/ Frame EAA0 2 KB
2 KB 131ms
130ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/overlay-donut-2-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed9f95fa0e7551e2ed988e3e31066ccc1d169b992ba04a76f1fc00d8e219654d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 21:31:27 GMT
x-content-type-options: nosniff
age: 237208
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2385
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 21:31:27 GMT

GET
H3 200 overlay-cta-hover-x2.png
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/ Frame EAA0 3 KB
3 KB 108ms
107ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/overlay-cta-hover-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82a714eed18ecef4daa162cd9dbde8dc79a9679ad93d1bb1cdce7ff35a468a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 22:16:34 GMT
x-content-type-options: nosniff
age: 320901
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3186
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Aug 2024 22:16:34 GMT

GET
H3 200 overlay-cta-x2.png
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/ Frame EAA0 3 KB
3 KB 107ms
106ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/overlay-cta-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

473922d81a67d36d47e37ecd58944bb25d8955ebb5407a9b6712a7cabf5b6640

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:31:58 GMT
x-content-type-options: nosniff
age: 294777
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3186
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 05:31:58 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 1AE9 236 KB
63 KB 40ms
36ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2962663798543763056/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2962663798543763056/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 15:24:55 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.3/ Frame 935B 64 KB
23 KB 50ms
49ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.3/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b4e40ffeea4f88fa78707ac8a7aa1beefb4f707d7bba71eb8b0e40ce20fbc94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1160472
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23286
last-modified: Thu, 22 Jun 2023 11:03:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a86-5af6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCLEJMZEJjjm%2BlLjgYglWg1qRHULwdxVWZUY1YfaI1oZl6aQ9Es8wQBxS38iW2G5XPyJPhBG7zLnfhXIdvmVR2MrAySfzg7PxGLhuCS%2FGI2n4xO%2BG2FgPHiloGW5PVkkvdrC0V5zPLfwQaKSy14YEkRq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fac201edf342bbc-FRA
expires: Sun, 11 Aug 2024 15:24:55 GMT

GET
H3 200 creative-1.0.9-alpha.js Show response
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/scripts/ Frame 935B 3 KB
1 KB 25ms
24ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/scripts/creative-1.0.9-alpha.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de22b749dfb9461f4308fddfbc79f0b636f78f4add1e26a481fdd23be02cb3c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 08:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282415
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1012
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 08:58:00 GMT

GET
H3 200 keyvisual-x2.jpg
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 935B 117 KB
117 KB 65ms
65ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/keyvisual-x2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27b829bc85a90bf3495216530c225dd7a4e4130722583ab8f3fb5df1d3893daa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 08:04:21 GMT
x-content-type-options: nosniff
age: 285634
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119814
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 08:04:21 GMT

GET
H3 200 donut-1-x2.png
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 935B 2 KB
2 KB 29ms
28ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/donut-1-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cca87c9e0a74be43a6aec384185b284b076af568ab3a32a1ab5d09b15a1e127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 10:28:41 GMT
x-content-type-options: nosniff
age: 363374
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2293
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Aug 2024 10:28:41 GMT

GET
H3 200 donut-2-x2.png
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 935B 1 KB
1 KB 27ms
26ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/donut-2-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

731c6d54aeb00ca8f4fb178937c2007d74e0a352f3336f01f687761678945a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:02:55 GMT
x-content-type-options: nosniff
age: 292920
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1206
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 06:02:55 GMT

GET
H3 200 partner.svg
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 935B 414 B
305 B 28ms
27ms Image
image/svg+xml 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/partner.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23f1437cd33df500ccadb5cacf49ba212539c95a7a25567c45b99caa9f26ed5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 00:33:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 485464
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 276
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Aug 2024 00:33:51 GMT

GET
H3 200 text-1-x2.png
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 935B 2 KB
2 KB 83ms
82ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/text-1-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6adac6428edb51a484c2c40855013df405dd2e310931b863963b7f63810316c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 02:35:02 GMT
x-content-type-options: nosniff
age: 305393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1894
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 02:35:02 GMT

GET
H3 200 text-2-x2.png
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 935B 1 KB
1 KB 57ms
56ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/text-2-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af0f28e8f1cd2fda8d4772a6498c611b1e5aacf9f3b96e899ec84835ee1c318

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:26:33 GMT
x-content-type-options: nosniff
age: 280702
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1499
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 09:26:33 GMT

GET
H3 200 text-3-x2.png
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 935B 5 KB
5 KB 30ms
28ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/text-3-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f82981d361d0f65315c7326b33ffa0428635479dd48dd1df4785c19126f37556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 02:04:06 GMT
x-content-type-options: nosniff
age: 307249
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4636
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 02:04:06 GMT

GET
H3 200 cta-x2.png
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 935B 5 KB
5 KB 30ms
29ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/cta-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6514f1a7a8a2e6357f713fe366123e6ac746b99a68463a34a324531ca3d1c81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:15:37 GMT
x-content-type-options: nosniff
age: 295758
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5065
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 05:15:37 GMT

GET
H3 200 overlay-donut-1-x2.png
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 935B 4 KB
4 KB 31ms
29ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/overlay-donut-1-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c78de03d62d435f83aed780f66367bf49e48d696cc0bd7fb9c85983e77884d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 01:53:43 GMT
x-content-type-options: nosniff
age: 307872
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4532
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 01:53:43 GMT

GET
H3 200 overlay-donut-2-x2.png
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 935B 3 KB
3 KB 32ms
31ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/overlay-donut-2-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb0b9b2a8a5010d882296aa6c3ba890fadc5343b83a52b780d145944558b2db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 20:32:41 GMT
x-content-type-options: nosniff
age: 327134
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3205
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Aug 2024 20:32:41 GMT

GET
H3 200 overlay-cta-hover-x2.png
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 935B 8 KB
8 KB 32ms
31ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/overlay-cta-hover-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45fbd96af253805dac2c58d386ad9388438986bddcee28f7a9334f554d4ce1e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 00:08:36 GMT
x-content-type-options: nosniff
age: 314179
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7772
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 00:08:36 GMT

GET
H3 200 overlay-cta-x2.png
s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/ Frame 935B 8 KB
8 KB 58ms
57ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/images/overlay-cta-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2a07539fc73368c642559b37f67f0a60d6e759419e4ca880eea809b0882fe6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/385730044459267856/SIGGI-KANN_300x250/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 11:50:53 GMT
x-content-type-options: nosniff
age: 272042
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7885
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 14:04:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 11:50:53 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.10.3/ Frame 2752 64 KB
23 KB 47ms
46ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.10.3/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b4e40ffeea4f88fa78707ac8a7aa1beefb4f707d7bba71eb8b0e40ce20fbc94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1160472
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 23286
last-modified: Thu, 22 Jun 2023 11:03:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a86-5af6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUoR4z9IpNHk7pEEFz3Vx%2BiLDnd7JtvU1jxPBpNOFS7YISgczU2urJ2cqC%2BsHRAoUnFiGNIv9xrkf0ymEo1oBduxPIOve17YnLzqHuAjRfFzXtxaTWJ6NAeI9I1%2B1oUwG7fPYub7AZ8SX9QIGQxdnzxi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fac201edf362bbc-FRA
expires: Sun, 11 Aug 2024 15:24:55 GMT

GET
H3 200 creative-1.0.9-alpha.js Show response
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/scripts/ Frame 2752 3 KB
1 KB 24ms
24ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/scripts/creative-1.0.9-alpha.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de22b749dfb9461f4308fddfbc79f0b636f78f4add1e26a481fdd23be02cb3c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 20:32:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327133
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1012
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Aug 2024 20:32:42 GMT

GET
H3 200 keyvisual-x2.jpg
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/ Frame 2752 105 KB
105 KB 24ms
24ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/keyvisual-x2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee0cc967bc3c04a443424ba76e45144612dc6c1d79697d242f2b05838af5c475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 20:42:34 GMT
x-content-type-options: nosniff
age: 326541
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107849
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Aug 2024 20:42:34 GMT

GET
H3 200 donut-1-x2.png
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/ Frame 2752 4 KB
4 KB 25ms
25ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/donut-1-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bc0b41d96faf37f1a7392d804ad6cb2b980be26596753761024b7d3d9bb79de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 07:52:19 GMT
x-content-type-options: nosniff
age: 286356
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3967
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 07:52:19 GMT

GET
H3 200 donut-2-x2.png
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/ Frame 2752 2 KB
2 KB 29ms
28ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/donut-2-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6032ace0de4c42162f71431b2ab16aa63aa8c8bbed88d49eaf6e6fb7baf9448c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 02:30:04 GMT
x-content-type-options: nosniff
age: 564891
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Aug 2024 02:30:04 GMT

GET
H3 200 partner.svg
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/ Frame 2752 414 B
314 B 33ms
32ms Image
image/svg+xml 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/partner.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23f1437cd33df500ccadb5cacf49ba212539c95a7a25567c45b99caa9f26ed5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 21:35:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 276
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 21:35:11 GMT

GET
H3 200 text-1-x2.png
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/ Frame 2752 2 KB
2 KB 33ms
31ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/text-1-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4965785a1b1ac9a9aa14ba0b102acc350032529a5dbbe79fabe0a742d6c27fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:03:09 GMT
x-content-type-options: nosniff
age: 368506
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2073
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Aug 2024 09:03:09 GMT

GET
H3 200 text-2-x2.png
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/ Frame 2752 2 KB
2 KB 34ms
32ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/text-2-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f999b666b45cd6b584b91655f22e7198716c2add9dca93d80e0161bfeffb5b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 07:55:58 GMT
x-content-type-options: nosniff
age: 286137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1760
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 07:55:58 GMT

GET
H3 200 cta-x2.png
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/ Frame 2752 4 KB
4 KB 116ms
115ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/cta-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5b2b6f1e352f3575c381f47f2bb0aba701b7cf5b36f5cc9e689e607d375c370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:21:05 GMT
x-content-type-options: nosniff
age: 3830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4299
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Aug 2024 14:21:05 GMT

GET
H3 200 overlay-donut-1-x2.png
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/ Frame 2752 4 KB
4 KB 112ms
111ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/overlay-donut-1-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e7f6d3bc4e956a9e9606c86cbd7c3c558ee412d27a64f57eabeb160b7ce161

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 17:26:17 GMT
x-content-type-options: nosniff
age: 597518
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3762
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Aug 2024 17:26:17 GMT

GET
H3 200 overlay-donut-2-x2.png
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/ Frame 2752 2 KB
2 KB 110ms
108ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/overlay-donut-2-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed9f95fa0e7551e2ed988e3e31066ccc1d169b992ba04a76f1fc00d8e219654d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 21:31:27 GMT
x-content-type-options: nosniff
age: 237208
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2385
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 21:31:27 GMT

GET
H3 200 overlay-cta-hover-x2.png
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/ Frame 2752 3 KB
3 KB 111ms
110ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/overlay-cta-hover-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82a714eed18ecef4daa162cd9dbde8dc79a9679ad93d1bb1cdce7ff35a468a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 22:16:34 GMT
x-content-type-options: nosniff
age: 320901
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3186
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Aug 2024 22:16:34 GMT

GET
H3 200 overlay-cta-x2.png
s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/ Frame 2752 3 KB
3 KB 108ms
107ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/images/overlay-cta-x2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

473922d81a67d36d47e37ecd58944bb25d8955ebb5407a9b6712a7cabf5b6640

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/397941754120502185/SIGGI-KANN_728x90/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:31:58 GMT
x-content-type-options: nosniff
age: 294777
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3186
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 06:59:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 05:31:58 GMT

GET
H/1.1

200
OK

request.php Show response
hal900015.redintelligence.net/ Frame 3730
Redirect Chain

https://hal900015.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=75b846e833&subid=&uid=92503b835e86705a&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900015.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=75b846e833&subid=&uid=92503b835e86705a&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

5 KB
2 KB

212ms
151ms

Script
application/x-javascript

138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=75b846e833&subid=&uid=92503b835e86705a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRqJaRdPkZMmmC4XE7gO0gbnoBKblvaBp5Zicp8kP8C4QASDeuKidAWCV8v2BlAfIAQmpApzIbW2TRLI-qAMByAObBKoE3wFP0BFkV1CfYo4BtDAy2SlqPSuKrF4vt2u0MoW4B4iCLgGD_9XrMDJWuvQo1TSosrdGkYpN7tjT5SqnLljZaWNVMkWE02zCUGA-CGgaElcxyL7GcYUQhdYq1EB0NhLC5vxA993UuT-NrvnYWBLjxo53J4SNXz3LiuTox0YqGzH3IMuaA9_g2UMxDHcJsYgR6ZE-F5Xv0RfPr3R1PgjkRm5FX5yzlyB0IEhy1yRAEiZ3opYLkElpIny8jXxGl7z3fp43c6u0ur-gFbg7T2HN_VCosN379mw2nskxG5OTV3mdwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIid3pxcnwgAMVBaJ7Ch20QA5NEAEYASAAEgLh1_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ%26sig%3DAOD64_1LXy86Tb20gTm1Xeis9M0Qvk0E9A%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Ao8nP58Q2110b9HpxOPXPHE4EZin4Vo452_7IfbW582IiBbZ-BF4nfN0TZ65nKkyiE4XIpLpb_V7udv5-IioOk8jaCfUx4uwYo91JkFkZgAfltAxhDM5XFwyQQplXi178AACFJfPtNYUESiZBgriA7lhKiX2UYp8IbW9GZ6HBbRt5Sse0%26cry%3D1%26dbm_d%3DAKAmf-AOzv1gG6lWEagY4EyX-KA7pBy5sUslpFfLB_LIeaFNaLb4glONEn-Z3XPA5uy2JR344_Z8PB8S4HyaDSQP3uSZ0sGbztIuLS5U14QyOXQbIgAFhV-bwqoKyk8liin8yVlOGk4CoxY0HcBursaMwSpacqZZKZF8NQorQy37yd0XU5T0fl--Me7_Ou4FbouVdsYoNv9Es5LqVke18ozvwndiu6YjJWiYept0HGRJmtEHM1PLaXDSTuUX_TWVWNrggztUagVUixFmtRNqgh27ehhU1jJZh_AImBpahVoQoXAgiSdKludQkFndhY-dSVMDzAVCrjAKSazbvUQrJSw6B6dyLR-lsLK7PeeTa7GFeQa8MyVRxR4jOQiT9aBdHGfGyduovf6n6itFd18xkrvrgWQgQ0XKKPFQc85OL5avhDqKOOjS-Iw3DWMFR1q9Mulp_khY63ufuXpXQ3B-jLY6F3keyJdKRzc26OAqnrHfqLaA2hRPFebt59fiuxsNLDNj-abwBUJxu8yoZOoHpt6905jR8StpKcF2VyJMAiP7QnfDm87x3ctG3PUf2J2HgY2I2Db01MJ8OQ7Pm3z0vL1qX9SXbvkP7IGxjOl9ppAWcrzxOXZwT7f-Hzgc9oimbC3gJNxVgog1%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=1517097769546&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: af603036bcd8aface2e4c4ae1e6e8700e4b655fc2492f167cf34f5d397ff7d3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 15:24:55 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 24815000087975004445008012424015
Connection: close
Content-Length: 1406
Expires: Tue, 22 Aug 2023 16:24:55 +0200

Redirect headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 15:24:55 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=75b846e833&subid=&uid=92503b835e86705a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRqJaRdPkZMmmC4XE7gO0gbnoBKblvaBp5Zicp8kP8C4QASDeuKidAWCV8v2BlAfIAQmpApzIbW2TRLI-qAMByAObBKoE3wFP0BFkV1CfYo4BtDAy2SlqPSuKrF4vt2u0MoW4B4iCLgGD_9XrMDJWuvQo1TSosrdGkYpN7tjT5SqnLljZaWNVMkWE02zCUGA-CGgaElcxyL7GcYUQhdYq1EB0NhLC5vxA993UuT-NrvnYWBLjxo53J4SNXz3LiuTox0YqGzH3IMuaA9_g2UMxDHcJsYgR6ZE-F5Xv0RfPr3R1PgjkRm5FX5yzlyB0IEhy1yRAEiZ3opYLkElpIny8jXxGl7z3fp43c6u0ur-gFbg7T2HN_VCosN379mw2nskxG5OTV3mdwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIid3pxcnwgAMVBaJ7Ch20QA5NEAEYASAAEgLh1_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ%26sig%3DAOD64_1LXy86Tb20gTm1Xeis9M0Qvk0E9A%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Ao8nP58Q2110b9HpxOPXPHE4EZin4Vo452_7IfbW582IiBbZ-BF4nfN0TZ65nKkyiE4XIpLpb_V7udv5-IioOk8jaCfUx4uwYo91JkFkZgAfltAxhDM5XFwyQQplXi178AACFJfPtNYUESiZBgriA7lhKiX2UYp8IbW9GZ6HBbRt5Sse0%26cry%3D1%26dbm_d%3DAKAmf-AOzv1gG6lWEagY4EyX-KA7pBy5sUslpFfLB_LIeaFNaLb4glONEn-Z3XPA5uy2JR344_Z8PB8S4HyaDSQP3uSZ0sGbztIuLS5U14QyOXQbIgAFhV-bwqoKyk8liin8yVlOGk4CoxY0HcBursaMwSpacqZZKZF8NQorQy37yd0XU5T0fl--Me7_Ou4FbouVdsYoNv9Es5LqVke18ozvwndiu6YjJWiYept0HGRJmtEHM1PLaXDSTuUX_TWVWNrggztUagVUixFmtRNqgh27ehhU1jJZh_AImBpahVoQoXAgiSdKludQkFndhY-dSVMDzAVCrjAKSazbvUQrJSw6B6dyLR-lsLK7PeeTa7GFeQa8MyVRxR4jOQiT9aBdHGfGyduovf6n6itFd18xkrvrgWQgQ0XKKPFQc85OL5avhDqKOOjS-Iw3DWMFR1q9Mulp_khY63ufuXpXQ3B-jLY6F3keyJdKRzc26OAqnrHfqLaA2hRPFebt59fiuxsNLDNj-abwBUJxu8yoZOoHpt6905jR8StpKcF2VyJMAiP7QnfDm87x3ctG3PUf2J2HgY2I2Db01MJ8OQ7Pm3z0vL1qX9SXbvkP7IGxjOl9ppAWcrzxOXZwT7f-Hzgc9oimbC3gJNxVgog1%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=1517097769546&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Tue, 22 Aug 2023 16:24:55 +0200

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 132ms
131ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308170101&jk=2293991328335920&bg=!_f6l_rHNAAZGPLJIZjw7ADQBe5WfOGW4y_zzz-Lh2VRBA1NIanQMMfaW26SkxrasYOAn92thzfQv9hNAhP9_EX2x9wKHAgAABRdSAAAADWgBB5kCxikZ_AyZvahCgj6kID88Xa5JIbp5g0h8zlLhCZIoS8fw2ReUhkW8T-HPvlUUWo3wpjeJoFquDlyaqXFJdyui0REUdPnQRTQGe9_lfwglJW0dMGe9ekvVaIqF64aPshPYviC1zJEMa4IwgLIQCnbGOi38Eg57MgPzP3TxiT0wwB4BEWq76i1N71hNr8IOitVsz9BnxIBxXlXpaa-cjc9C3jnjdBE5JJtoaKmnKd-OK5IaA1MgmW2WxI4hqPWe1U0YpaZSRGPfN083-bz0ClMOpT_oVDIOfEgZ9R2Bqq-S8rWHiGr_emCH11lqHHbGc6TE2fr5M6yg_cFCCfxa455rjEcHMrsDxgp7EUm4BK3UPH3C-N2nHwz4UYlIuW9xKeK_V5_e1-wgfyPUQOvoWutEz5s56a9P9e_y63VW-K6geH9YxK7tV-03nDho7fF0JGpnwoOekW7iGLwa8FwdXIJoHe1In6pcMt2V9H4rymiY6Uh5qH0sSsg9C6CRdGYYpVgyzOZNksDzTkpEqkq5jYZdK-qxm6WkhYaV7lxDZyz1wmSWGHd_Gv-HnM4TVkmc3Y8I-46JnRLj2HLN77-nIBACZlr6QfRa8kO-wxYQEotwOl49Wma6ZLT2JlIzsxmS5nUjdhiwk71hLgOfYV6vyFhC1kvR0g0IGhS1Rk29kXjIEuvruI2XUCTySAxBSKMLhFzgQwEJBvxx8Rkm-_mlH4o9q4u9HB0cJvBQKS53rgBKEz3yhaN-Ps2IT8qNNLvPSxSpHEk-agOtOJsYTTyKFP1J1biUy2mZhAooPacLwfE5gSUQe6b1c71pt4f0kCGvN3W6dRppmhdefKD3QRfXyyze7E3ps8IC0mgU6bOkt1yAerpX4baPc5mOQlL_8UII7_XT6wFbrJ8BzomjoIpD7ECIqWGGlaNeB4ouEPqm20D0dGmOopEje7HU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a2zapk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3293 0
0 133ms
131ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssjUoJXcbRYudXc_n21OJHn16loToGfKyQM20vg0S2EyACShOUEwzbds1dGx3LODvrfKS4AKnrkVZxojLQjfHQM1WqI9ak63noUsv7UCSxvtNktXckW46R9zFhkpQeYjbAofIeJzCMRTGbaISXWalxfzePymvwmVNzmU2U8Tq8XAi5yg5gIl2WN0OCb1zR51GFU_ehbN45RB1KYzBgSZg3nOzurrz0Lcy90axANZAbHkZW21q8HsyyZK0AwKlx0twK5c3dP3AAV_pSch2BUJ74AjvQIBEnrefKxANG5_VX3TSkAWQJ3HjxpFqyF28hh14PmNEJ-MTwlZQ-HpN7DE6voftiGULUyoNtOlXJuxBiuyzhsbxTXPWfDOE617M0ngVD46G0ylRx7OYh4rciPznXSPcKd8T-WtVYF1q_MF6hQjOeJp2ulicbbqn-u87M32pjyUsgjb6TQEW4Vivl2pNjQYCjT-sZZB7iePcOHFqMxfxsWDzoV0nzdIO8BnzHB36SLyoPfCR1P7tVjXbyVoyuAyjhPBvxWHrQQZ6JRCAWqhfKBS7ZKYg5cc-Xp6qc3nd7Dtbd2H32ttcswmzb7JzMnnCaToH30sRS5hjj-_XVUBm6Awg0BUUphzcshECGWbKnfQdWka4lxNcmlogRoHyFUzKAsyrVlBMcZ1UlZ2BilprVsYjt4Qm4jLdL6WZvkhCXmNefPSBiIuYtCP2nV1qOhFiiX1-WL_ZDqvys_YU3TAAJm0CBU8d-dRVJAXpWM9ym7GxMuopCBNbUzWzVds4A9c03png3Op2NhWcOZcnrajow6HOztERA9N46RKA1XVEvi4LakW2TVO_O6ZsLtVF_g0yR5lZexuz3xoUE6gOYshA-1HLkhUcQiBdD6bP-AlfLJEFBHsgwHsiuQGlbhQv5-2353xc5Wp3ZGpYlLwBaqBUTkAWpv8MzxyCfkQOF6HD37JMkO8yg2hSUbzFPXNUNSeSLvBu85vpUBZTVZFksCiVtYp5vtrCQL9YEYgm1r_zj-TzYrx_kk2y30RmKGfbVqOdxwkPgSzZAgsxFotNPlg7S33NJH7nGEw0kYlDa1QYq2lsIUMsHtpFwcQI5xjU_oOxCWkNv2rRGCpRpUM2iHtNRDsuSa0hu7fDU6td11ka2D2KNqWRxFvzWx0El-UM5_Cx4YiikrxYcbRwCA7P8gsY7GBJOb9RvIE5X6l8NoPDfJi8ZYZagGQBS0gMUSW3StYPw&sai=AMfl-YSEAbKbZ16Y6fI6o9Z1yfJO8XODm_KyMXot-F-Y4j20bCjQ9xkGRv1Sr9nW0gwAaF4GQo8cxYIHR4O0gQcGC-JB87D1wxciKTcP-hh7dGMJ7ZApUTPfs7bAI0Z5IAQgA-WQZql5J0SDUPuxf_UUPHc7aIGdIXBEEbsqO-iyAp-USlByHUGswOZEiMKJQNcvxl8piotCH4X84ypgzYKzbd7N4ZVYEQ4qmUASMYvSner5SdU3iS0v00grITSguFF8DMIQVSuZuyFZm2jLqM1YK19GWa0pGScM0vAp&sig=Cg0ArKJSzAatQx3lnkKXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=797&vt=11&dtpt=521&dett=3&cstd=274&cisv=r20230817.31395&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 22 Aug 2023 15:24:55 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8C8F 0
0 162ms
162ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_q2Tn14Z1eMM6JbhTvwy1SYgZg1vH5N10US224iGustdF6FZuGmwPs3J45e5IYboRdmWepDYvgAAHJjvflLLsBcswphq8Sk7ByyBm4DuiOJLN2wBqPsFqVAtQCve8zWY9Fp9xtFE9O7QJ3ihTPyTW1XEHasAa9bDTZgEhk6xPqaHV_UoxKuG4rv7kz2KxBFO3R36ncdinjQCoSc38ZI2WMshhG2RY2Tf7y-AsawOBwb5bx099BDvvQw0SrjQ6zT4AFEtUIYARfkAGqK5g-wjR1ZLwN_tCx5WaGXEXYNddw51GQS0BfRlIDa_ErjsHjWJ5qlh_BIN9s4KPdX5JCw9n9WaEtPSCf1cCQSS6kQKeZTJ-1GRheWbURDtfkffhpjsYzDDvxIFJ8i06mqWdTtQKGmw4lpR8fYJdApgVf0V-PnJMM1VeNXXTykqLWaI_ea3WxDTu6fNjQvslUkCMC6X90mim2o2pB5SX9luD8VWpFgv3g12N47Axwb8EvdyY67EsGJ6VTXkznsYNLmYdJnBx2Q0Su5r0lk9xT4ElP2NuEfvc_PCvKUrg8GWQY3BXWDEJvpKFIJULsp9xtsqOzP6_-ZEQZZdT_RQYGO2STmmO7djcpp15JqVtAdCoSVnJvJr5hr1kJ0DLXLVYBjo2OA9uguMxksRy24ICuf7wcixb8twoKnyNvaCpHmPQ6PzYTXlgX26jG3UQLEGrqSG9jfGHS9atnlzItCqhXd8heI9dYA6SdCS26tyI-Z8wrcZcT2YpElpCycKRXgq45Ii2KrJx8pPSIZSwD-PGFLcsWqNAwkea4ZnmUZRAI7LMsv0D-FaYmDVkYlHdgZ5cJSMvYNrP2TxuB3hNHqGmZhPdfDe1Lw7sl5vtlwHOKlh6Ulz18nGn0uauf4KxFXAsVuqDCi6uRhs7ypAFfW8LzkAyLZ1L_vsvzJnXkgKH6Y7rtkUYC6YI-v0ER6z9GofkZrmnbpyxpa2Sm3ZgOCTn5P5685NaxcZA9CdlOBQPv02MYbewYE_g0LRWVi3rb5EFBc-f8DQrQ4smcFMMyyvduz1_41THJFgCBszbhUOmQxkA6sM9-ZWPN60QsnTnP7bFp0dwFmOcIbklkKYYmB1-OR2fj0H1YGv9of-XTP7Pz5toxFc3RxHemoAgv-DZVTsR4h3_HwyVHaOgoFwFgqcfBd-EU0-dwtRJT_xDRDs_OCtGxJSbJ5MoFMgrsZD81JEWFTSHqoRV_qZoLIfEaFDToNYcSUlZ_ny_KZQeOxE&sai=AMfl-YT3OIfO2_j8tGAsw0GO2R3wvL6TnA281_83Z-t09_04eI3r7KFblRbabT0MpKQEt4cEOOzcO_xU_0b0J9TAYJWPSQdK-nk8-d3378YpS6uzlFi2YOY8QIAVvUuRp1XjRuKKlAEjETaBeJMk7iu1Eq69BCNDzdm98dXLZHGUMeU5ufVBVWrnO-BTXCoZT-uvYP6V-a8I_kvopFpDf3w_1KxMKruVxkJynjtEwktMXtUNyxrNKHmTmIp_7z1HsgnIY4jOjkmxaoe5lIYl3LapnSF3R4aR-5tIZjMD&sig=Cg0ArKJSzKAOoMg7dGoWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=966&vt=11&dtpt=678&dett=3&cstd=286&cisv=r20230817.90821&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 22 Aug 2023 15:24:56 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 7D79
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=24815000087975004445008012424015&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24815000087975004445008012424015&actionid=879111&produktid=ratenkredit&dt_url=

0
201 B

184ms
38ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24815000087975004445008012424015&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=75b846e833&subid=&uid=92503b835e86705a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRqJaRdPkZMmmC4XE7gO0gbnoBKblvaBp5Zicp8kP8C4QASDeuKidAWCV8v2BlAfIAQmpApzIbW2TRLI-qAMByAObBKoE3wFP0BFkV1CfYo4BtDAy2SlqPSuKrF4vt2u0MoW4B4iCLgGD_9XrMDJWuvQo1TSosrdGkYpN7tjT5SqnLljZaWNVMkWE02zCUGA-CGgaElcxyL7GcYUQhdYq1EB0NhLC5vxA993UuT-NrvnYWBLjxo53J4SNXz3LiuTox0YqGzH3IMuaA9_g2UMxDHcJsYgR6ZE-F5Xv0RfPr3R1PgjkRm5FX5yzlyB0IEhy1yRAEiZ3opYLkElpIny8jXxGl7z3fp43c6u0ur-gFbg7T2HN_VCosN379mw2nskxG5OTV3mdwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIid3pxcnwgAMVBaJ7Ch20QA5NEAEYASAAEgLh1_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ%26sig%3DAOD64_1LXy86Tb20gTm1Xeis9M0Qvk0E9A%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Ao8nP58Q2110b9HpxOPXPHE4EZin4Vo452_7IfbW582IiBbZ-BF4nfN0TZ65nKkyiE4XIpLpb_V7udv5-IioOk8jaCfUx4uwYo91JkFkZgAfltAxhDM5XFwyQQplXi178AACFJfPtNYUESiZBgriA7lhKiX2UYp8IbW9GZ6HBbRt5Sse0%26cry%3D1%26dbm_d%3DAKAmf-AOzv1gG6lWEagY4EyX-KA7pBy5sUslpFfLB_LIeaFNaLb4glONEn-Z3XPA5uy2JR344_Z8PB8S4HyaDSQP3uSZ0sGbztIuLS5U14QyOXQbIgAFhV-bwqoKyk8liin8yVlOGk4CoxY0HcBursaMwSpacqZZKZF8NQorQy37yd0XU5T0fl--Me7_Ou4FbouVdsYoNv9Es5LqVke18ozvwndiu6YjJWiYept0HGRJmtEHM1PLaXDSTuUX_TWVWNrggztUagVUixFmtRNqgh27ehhU1jJZh_AImBpahVoQoXAgiSdKludQkFndhY-dSVMDzAVCrjAKSazbvUQrJSw6B6dyLR-lsLK7PeeTa7GFeQa8MyVRxR4jOQiT9aBdHGfGyduovf6n6itFd18xkrvrgWQgQ0XKKPFQc85OL5avhDqKOOjS-Iw3DWMFR1q9Mulp_khY63ufuXpXQ3B-jLY6F3keyJdKRzc26OAqnrHfqLaA2hRPFebt59fiuxsNLDNj-abwBUJxu8yoZOoHpt6905jR8StpKcF2VyJMAiP7QnfDm87x3ctG3PUf2J2HgY2I2Db01MJ8OQ7Pm3z0vL1qX9SXbvkP7IGxjOl9ppAWcrzxOXZwT7f-Hzgc9oimbC3gJNxVgog1%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=1517097769546&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 22 Aug 2023 15:24:55 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Tue, 22 Aug 2023 05:24:56 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Content-Length: 0
Content-Type: application/javascript
Date: Tue, 22 Aug 2023 15:24:56 GMT
Host: pv.medialead.de
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24815000087975004445008012424015&actionid=879111&produktid=ratenkredit&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-IPLB-Instance: 40027
X-IPLB-Request-ID: D972DA16:8BA6_91EFC182:01BB_64E4D348_4DBFB59:22024

GET
H2 200 / Show response
adv.office-partner.de/ Frame 7476 930 B
931 B 115ms
24ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=75b846e833&subid=&uid=92503b835e86705a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRqJaRdPkZMmmC4XE7gO0gbnoBKblvaBp5Zicp8kP8C4QASDeuKidAWCV8v2BlAfIAQmpApzIbW2TRLI-qAMByAObBKoE3wFP0BFkV1CfYo4BtDAy2SlqPSuKrF4vt2u0MoW4B4iCLgGD_9XrMDJWuvQo1TSosrdGkYpN7tjT5SqnLljZaWNVMkWE02zCUGA-CGgaElcxyL7GcYUQhdYq1EB0NhLC5vxA993UuT-NrvnYWBLjxo53J4SNXz3LiuTox0YqGzH3IMuaA9_g2UMxDHcJsYgR6ZE-F5Xv0RfPr3R1PgjkRm5FX5yzlyB0IEhy1yRAEiZ3opYLkElpIny8jXxGl7z3fp43c6u0ur-gFbg7T2HN_VCosN379mw2nskxG5OTV3mdwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIid3pxcnwgAMVBaJ7Ch20QA5NEAEYASAAEgLh1_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ%26sig%3DAOD64_1LXy86Tb20gTm1Xeis9M0Qvk0E9A%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Ao8nP58Q2110b9HpxOPXPHE4EZin4Vo452_7IfbW582IiBbZ-BF4nfN0TZ65nKkyiE4XIpLpb_V7udv5-IioOk8jaCfUx4uwYo91JkFkZgAfltAxhDM5XFwyQQplXi178AACFJfPtNYUESiZBgriA7lhKiX2UYp8IbW9GZ6HBbRt5Sse0%26cry%3D1%26dbm_d%3DAKAmf-AOzv1gG6lWEagY4EyX-KA7pBy5sUslpFfLB_LIeaFNaLb4glONEn-Z3XPA5uy2JR344_Z8PB8S4HyaDSQP3uSZ0sGbztIuLS5U14QyOXQbIgAFhV-bwqoKyk8liin8yVlOGk4CoxY0HcBursaMwSpacqZZKZF8NQorQy37yd0XU5T0fl--Me7_Ou4FbouVdsYoNv9Es5LqVke18ozvwndiu6YjJWiYept0HGRJmtEHM1PLaXDSTuUX_TWVWNrggztUagVUixFmtRNqgh27ehhU1jJZh_AImBpahVoQoXAgiSdKludQkFndhY-dSVMDzAVCrjAKSazbvUQrJSw6B6dyLR-lsLK7PeeTa7GFeQa8MyVRxR4jOQiT9aBdHGfGyduovf6n6itFd18xkrvrgWQgQ0XKKPFQc85OL5avhDqKOOjS-Iw3DWMFR1q9Mulp_khY63ufuXpXQ3B-jLY6F3keyJdKRzc26OAqnrHfqLaA2hRPFebt59fiuxsNLDNj-abwBUJxu8yoZOoHpt6905jR8StpKcF2VyJMAiP7QnfDm87x3ctG3PUf2J2HgY2I2Db01MJ8OQ7Pm3z0vL1qX9SXbvkP7IGxjOl9ppAWcrzxOXZwT7f-Hzgc9oimbC3gJNxVgog1%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=1517097769546&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Tue, 22 Aug 2023 15:24:56 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Tue, 29 Aug 2023 15:24:56 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 5BC3
Redirect Chain

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=24815000087975004445008012424015&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=64e4d348e7656cda16c10c1d&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

0
629 B

178ms
38ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=64e4d348e7656cda16c10c1d&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 22 Aug 2023 15:24:55 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Tue, 22 Aug 2023 05:24:56 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Content-Length: 0
Content-Type: application/javascript
Date: Tue, 22 Aug 2023 15:24:56 GMT
Host: pv.medialead.de
Location: https://pb.media01.eu/view.aspx?trackid=FCAFEED7E361667AB6C39756DB56E118&dt_subid1=64e4d348e7656cda16c10c1d&dt_subid2=&actionid=56481&produktid=&bannerID=FYRSTDisplay&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx
Strict-Transport-Security: max-age=15768000
Vary: Origin
X-IPLB-Instance: 40028
X-IPLB-Request-ID: D972DA16:8BAA_91EFC182:01BB_64E4D348_4E1F38A:B82B

GET
H2

200

htlp Show response
futalis.de/ Frame 8BC3
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=24815000087975004445008012424015&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3012214761

350 B
401 B

306ms
27ms

Document
text/html

49.12.22.42
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3012214761
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=e95xao572jml&nw=20&renderingType=javascript&namespace=75b846e833&subid=&uid=92503b835e86705a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x480&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRqJaRdPkZMmmC4XE7gO0gbnoBKblvaBp5Zicp8kP8C4QASDeuKidAWCV8v2BlAfIAQmpApzIbW2TRLI-qAMByAObBKoE3wFP0BFkV1CfYo4BtDAy2SlqPSuKrF4vt2u0MoW4B4iCLgGD_9XrMDJWuvQo1TSosrdGkYpN7tjT5SqnLljZaWNVMkWE02zCUGA-CGgaElcxyL7GcYUQhdYq1EB0NhLC5vxA993UuT-NrvnYWBLjxo53J4SNXz3LiuTox0YqGzH3IMuaA9_g2UMxDHcJsYgR6ZE-F5Xv0RfPr3R1PgjkRm5FX5yzlyB0IEhy1yRAEiZ3opYLkElpIny8jXxGl7z3fp43c6u0ur-gFbg7T2HN_VCosN379mw2nskxG5OTV3mdwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIid3pxcnwgAMVBaJ7Ch20QA5NEAEYASAAEgLh1_D_BwE%26num%3D1%26cid%3DCAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ%26sig%3DAOD64_1LXy86Tb20gTm1Xeis9M0Qvk0E9A%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Ao8nP58Q2110b9HpxOPXPHE4EZin4Vo452_7IfbW582IiBbZ-BF4nfN0TZ65nKkyiE4XIpLpb_V7udv5-IioOk8jaCfUx4uwYo91JkFkZgAfltAxhDM5XFwyQQplXi178AACFJfPtNYUESiZBgriA7lhKiX2UYp8IbW9GZ6HBbRt5Sse0%26cry%3D1%26dbm_d%3DAKAmf-AOzv1gG6lWEagY4EyX-KA7pBy5sUslpFfLB_LIeaFNaLb4glONEn-Z3XPA5uy2JR344_Z8PB8S4HyaDSQP3uSZ0sGbztIuLS5U14QyOXQbIgAFhV-bwqoKyk8liin8yVlOGk4CoxY0HcBursaMwSpacqZZKZF8NQorQy37yd0XU5T0fl--Me7_Ou4FbouVdsYoNv9Es5LqVke18ozvwndiu6YjJWiYept0HGRJmtEHM1PLaXDSTuUX_TWVWNrggztUagVUixFmtRNqgh27ehhU1jJZh_AImBpahVoQoXAgiSdKludQkFndhY-dSVMDzAVCrjAKSazbvUQrJSw6B6dyLR-lsLK7PeeTa7GFeQa8MyVRxR4jOQiT9aBdHGfGyduovf6n6itFd18xkrvrgWQgQ0XKKPFQc85OL5avhDqKOOjS-Iw3DWMFR1q9Mulp_khY63ufuXpXQ3B-jLY6F3keyJdKRzc26OAqnrHfqLaA2hRPFebt59fiuxsNLDNj-abwBUJxu8yoZOoHpt6905jR8StpKcF2VyJMAiP7QnfDm87x3ctG3PUf2J2HgY2I2Db01MJ8OQ7Pm3z0vL1qX9SXbvkP7IGxjOl9ppAWcrzxOXZwT7f-Hzgc9oimbC3gJNxVgog1%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=1517097769546&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-3.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 22 Aug 2023 15:24:56 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3012214761
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 3730
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=24815000087975004445008012424015&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24815000087975004445008012424015&actionid=879111&produktid=ratenkredit&dt_url=

0
201 B

142ms
40ms

Script
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24815000087975004445008012424015&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:55 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 22 Aug 2023 05:24:56 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 22 Aug 2023 15:24:56 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Host: pv.medialead.de
X-IPLB-Request-ID: D972DA16:8BA8_91EFC182:01BB_64E4D348_4DB61D8:22023
X-IPLB-Instance: 40027
Vary: Origin
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=24815000087975004445008012424015&actionid=879111&produktid=ratenkredit&dt_url=
Access-Control-Expose-Headers: X-Request-ID
Access-Control-Allow-Credentials: true
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 3730 43 B
482 B 222ms
69ms Image
image/gif 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=24815000087975004445008012424015&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 Valence, France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 15:24:56 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Host: pv.medialead.de
X-IPLB-Request-ID: D972DA16:8BA6_91EFC182:01BB_64E4D348_4DBFB69:22024
X-IPLB-Instance: 40027
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-ID
Access-Control-Allow-Credentials: true
Content-Length: 43
Proxy-Host: pv.medialead.de

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2F1E 0
0 129ms
129ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss71CsLvTVjPaOoZCRnrwgEznz4KN_uSbrv7JieLOkd9f_-45i7kXjHGKSiLLY-4zDNmAsrQ5f70dwhcwPX_XpwHunVZ20DDpXT_6Tn3nLnDWMEREuaHxF_z_IbaAbNk-687G2KMsZOmCh6ZkHlL8yjHDRLQs4EKq8y90lzleTLzPzBPDb8GZRSpQpZ-wAQ89TaO883wePJosG_Hdc9nMnpESmtrPZbEspcWk4Qa_i00yLXkyYq8X1701V-z1j12nFu0Qyib5HHrDbYG-tXFrpahCXIQHIv7G6ElFc5RnBXaEU4p41ZPLI7r0_x3kzzMEdskPQv-XfMK93p-cl1Yjg5oh0lZVjhB9h4iECCxzNbXvZfukBt2Yq7AzVxuEccbJKAN3HrIPqOIl-aoVE918AhP2Ry1A3vhDRRxDjhvftJdAsrk5mxPAEo2WaR5cbWvV82ziOjE0qhp340CqkULbyXAwaP72eaO1PmbK9UmpEP_g6HeErw1wrbJPA-Vi_CxUySUWZpjJxmSv4xMaHMgabAfLY95D0XXvkH2MqfW-oflcJGp9JaFrZ3jEu8CCS7rvxR6q_B-u1degsTooSWu5KNB18kSfU_b1Ybkn8SexSzXVQuwVY1TVW0YTHJbXyhj-uTyyjqR19VXFdHs6brBw71URirEgtRPMuHRa2oOntz5oDZPZpG2Cy7ImtV5ymu-tV3oMk_vQkQVryZnJ3xelLpbi-NDedoML-aLAMtabsb-_OzxZWWfSTtXoLMp4qZDEoGvglQtKKTTwkgHqTUCqhb3dS-U_uMozRZoiifag8AGCS_MC8JkNKh2z_n4lsA6bxW3Ar_zz1FtMYV6wBlPA-c7fAC2yt-MDIISpS2c75JuWJCQ8tBTVzL1I0dBGu_HrVeuUD6pKXpbRI-01HjwxM_kf7zA_ga_JNVJSnsb3tfmcr3ctVmky5yezp-yMutJUlscASgjdBGE6ACBwx1r323BvnQKakYrEOg6gOfDXAP2klXBt_0J0EY9t4uzNXVLyHMgXW5RH8LKqpMmkYCdRaphNPWCh-91gPUlEB4xP9M38xv5dc5bi6lPgj9ZR9dwPx5ro5GFG_QEwg8tXzw-Kfc9DXrb9z2NuHJDuUtgEytYx3mP6B1Pz7SQvzeBJePJZ2XxznR8jLxJeKQ2RgauLRZQt37wfXZ4Pg6oLX_0WQS1yo3jQNOVxVfASCLlFQki-lDYxSX2w7fi1DuWbT16H_fe_CJU9Twh7HhTOLdZrbW1-jx&sai=AMfl-YQ-v2Q-HN6wg7hCBUzUoDgEO2OyCqRTXm-eljF7AZEBaEdB0RYouCwYks4i7k3Pn1uD0tWAhRa3dhCFLNNIkFUEucqjzGCKy8Ab3b3qy3vFWScsBLoSIimt2pLgWOpg3wBMclQaPTjEfYExT3pe9efE4TXAK0mGRbEVeq25_jRYcV4Ej6zSPB16vfr7adfcopISyqjYFgf7DfX1sseUKMJWk8iGSbL0JSKxqpVZJ7wAo4r6enQ17V-pqjP6YLVpfeddGOwiWw391T9AV7oBUY8-ZniXszLut0dG&sig=Cg0ArKJSzP6kyXSjfUHHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=995&vt=11&dtpt=713&dett=3&cstd=280&cisv=r20230817.93365&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 22 Aug 2023 15:24:56 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5584 0
0 128ms
128ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_SFTehdThgz4qFvv-eOh7moWqsuubbM9iZIaJkM4zvHqw_BvPyOgZBO0aj8nIu7vBZ3ej-4ySING_FCV-Ak9oCejQYitrfBYn_SSQyfvtmpDPuoyI63WQQXnTzBk0E0SIZUL6gmbTYNohQiqSr-y7px6sY5scHB55byyZr4UbJ27473eoqpiHwGKiMItxDz3nUIyZb1aTCS7i7R-3c1mps94ese7gTuL67LyuUYl07vEwYJ6uu_biYWx5_FR-9BASFSm3eUE5-pgOAmyloye_rTpPB3q00sZ8AsvbALTGUzi49-hLQFmgXjqfOdF3BOMn04vYaj4Vn53f54nEB3k3nHyVmxveeEQvNOfcugLq5zEJ8DV531LrdIFBimYxGxXjExR4VHWsZvQAkbQM9uGGFsYgIbKQ9YCDFlbjapUHdXDtvaqzB0wU8p60QUmd9vTRWli1WgJHjsbY-RL1fBeLONdxv0iQvsOLWK_4c80gz2mW7d9Adp747M-q0_fY09rwzOCLsMCjsGQpPwq3GnspsPHuTUxifBlxeDh7VDg_zib2tdSy-DVmJnbwFPXH0-HVUUUFe36mY3pIPzK2GwMTrX33SYUBdnzvGtdXT1C9ssHRx60fiGaX2jR4F_L8Ggmwgc_QtC_xLNOfuRYo_3nLQvCEqPRONVg9lFgiMlAD1jL1wC6x1sVltABRRxAR-959EDpApGE-uh3EslH_6oAdhq7w0Z9nzRYeDw63ggs_CHQeN6Bl5ydbbrFBkc2g1EomWc2KANDnWpeorPpV0MLL-kCVZ7UQFLqFku63Y5df2Pgx0x1AWegNiUuJkM5hk-GxtOPIy6ishciR6rCh8VuNNlZwItVTOOQSZxDeIt3koAPbhnMIZN79wVvg8-BIwRAtwV1WhFGVLDUowQk1_17o8wuVhkC13DGEtitScViEjA2If-gHJC0E2ig1k4GO76RxWbzwR83vJUY2-mLpcZxl9dIROqCqD4ptfTO2s1NcQ7ktoPfdQpZgZZftATHYU0Jqw_ek-E1KiVMZCDDnmJM7aAm610pKXXiMfTDrHiTCb3CCvdJ5Tr3R3nPNGWVcskIeyNGBk3-bTYUFJ1lHKC9_XPuP6lLZ1rXG-bK0sYoVkx8N0mFxFyOplrjsXDpIGZKkyJMBX_PahDYTCnw3YiezvY_SOvweg0nCQEBXwt6p3E30qgw5Lq8SKR_lt9NyqdRGhPOFNSPdTPb3yZPr4gIjmhx1tlgFuqEef1cLpGVLY6EMmhc&sai=AMfl-YSQDz-6RlJtxlOKvxp6cEdXuUBMpHy0TSSFoeqStR7EFgfiJYwd9KHTwF8Ud3ahtER0JEwGEprzvPhX0qL_OK9K1ryljjzA3PIjo7aPFax7TAvcVhOg3xRuiaHDmWF2035B1B0SLQFnphxDLMukjd8s0rEo23kJXCHifKuGQu3J6rT06Z_z4HnsnebTjm8TgswAvj22csLnsGKG2PmKxXFXaW3P4XLqNvlZsk4mXS216q6eyEK_-4iEDFEBtRneBG9v2EcdSE0iU5F7KSpl2BLc3mpLV3DWQvDc&sig=Cg0ArKJSzCHJxRdpV0jiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1002&vt=11&dtpt=731&dett=3&cstd=270&cisv=r20230817.36664&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 22 Aug 2023 15:24:56 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5584 42 B
174 B 130ms
129ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7D52uC7gtMUg4RCD_TZ_lxpW9S2oJM6XkglPS-hf8MzQYAra44ryHQqq0luZK8pXlAL0SzNN7FPR3HlY97Dj_-2Agf8_03_Yo5QnZwyMmLLixPEeHr7PeyaaBWVFF8W_gz48CbMnmgDY-&sai=AMfl-YTx-Ro8zu3MY3Aoh3sb2a58TFN5wNvdQOIi0JpTM6_swAjXoHPtt53DNgiBBAa9DhhHt-wiqqarIWorxB5KmSfJSWyxABr3gOSO1Li_oLlQ9Cn3jjc0WOeNZ2Nn--0fqwG8aNsXTL9XBBNseQ&sig=Cg0ArKJSzFLqZ4GncR16EAE&cid=CAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ&id=lidar2&mcvt=1058&p=0,0,90,728&mtos=1058,1058,1058,1058,1058&tos=1058,0,0,0,0&v=20230821&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1309157062&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692717894020&rpt=1070&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 27D8 0
20 B 198ms
197ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhxfyRtPkZKCMEImyx_AP5YanaAAAAAA4AeAEAg&bg=!fn2lfTLNAAZGPLJIZjw7ADQBe5WfOCjucTos2gB-KG0vgLp5DVpsJtwUOALh-UfJlLdWSlS2LAdE3aJwdfr-rY-j6-9gAgAAAmFSAAAABmgBB5kDWEO2y4acQ6jdN0p3z9fLnzPf7mRLpkvKEOW2uHCu4NlCS7YOGG17dJaCjZHZmscbrminseQ9SSGZrcl0SO5jKUcwMR4BH7DHCe7GjRCsO5SacYOGrxrRlH4WCUa8kBgl0d0iSH8srMbPH7WVsUZ5zgkZAwCU8oKkI4lRMxWY9yCiiCB5f729Ipy1stQwFnKRbS-HUaf2oD5XW-gDdGWmzvkxdcKEIE54rkcQSpdauLoSFkf5sb2fp0Uo7UY8Y5VbL_KUAJdjYYGUGnqN9nhdz-nGPr5POhtC4UsH7fFlxIySlwEHXZBjCrdDWU9zu0nAx2S6jIUAup3O9TCgkUUnEgXN3d1D6THpE7Q9Qya-jGorwHvallKa3oGy6vgmWOVmV03UfyJBCPFKuDj9-QGZx2Id11WqWer9UFMmDl5l9dW1RPJoJGzTz8sDeW6cthGPZfBuLvyCX_w22Dv0ig6Fl7yOKqkigYS2IDyI2-LKp9tKFZSlEiPe6s-k2RETHXRyk8MKXumWl_jxWKHAV9AvbZNLhS2FRhR-aUxqW-yO-nXcdFAJin6vKCJdL3VDVWFYatopNkMT6q1HX5Sz4NE7HWAHOY5oVRQ4uoqSvk76_FTWT8pHYTlXxd3B5mGq-x1r2bwMcGhESfgcRuXoqnHMyHq4pLnK-SShtp6zH_Fo6uZNIbWhbcl9BNEJU7EGoWKK6n9kl-pfuo9N6XTFMsXFvKmEhJsDMvOv164jLpUCwDr2q1xRZWmFtIhafotrH4usX-Cx4onhJK7fGbS8khoSUU5lettYdjVujgHaTgnsw9jxtGgm8YGQkDBbfi2MgUdy_TTYwYPNH7_RiUwKLowlif7sQjipn1i9CuDVcirC8ICMkhULa1eFXdRvC-yrPd-aFHowUj3ebxAfbHIIKHZbsqxOdiaUKpJP1GYtx7xNKTSeZ6FB4sKidHnteSyTtowC-rYSGQSuYAn-Qg_7oJFs3E5gLERofM0uQwX5cxjpJEzQZ6i1KDmLYsfVALp6Euicj3G1ZGLS5vfKyNtyZ43Z9baDLnNAWeHaQM7On37ql89MTz0I17cEVps6v2ZOJKT7HAN0JbiKegsQQUUxKcStoabPCqaI2LraiFj2df8Tz4vqPRyaKp9IOwk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 7476 119 KB
45 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a3090c306d4cff07a923e3524f0f9ea8d7439a9eff8cb8da0233137415f0e7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46268
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Aug 2023 15:24:56 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 945E 0
20 B 156ms
156ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0D0pRtPkZJuPGda6x_APx-GZ2AwAAAAAOAHgBAI&bg=!AQKlAk3NAAZGPLJIZjw7ADQBe5WfOC76HI6Oxusxnr0-K8vc2KgbLgER7Hgitq3rLteJC4pP8wlW070iWHU-9qDVrDsAAgAAAm1SAAAABGgBB5kC_JEN-q-86nFwfAlQMVBIm5CxVyYFhlzfpQoaB1Ogwzw8Mnco-astsu0C4o24kh-FRk97WOo-Q0jw8zl2vuIb5JfJRtq2LMrizeC52pscEtkANdPqIUVXwMKvcMw5mVll43_WuUx9CTFovNeah68idHi1IQmtPWcr2H-kAKsbJYt9s-0wuKVu0PKf8Gj7CVJvtoR97tixSwgA2aHGNJLrWgIRI1COcKUCMkZy7-uVb2eAWaSoSvI-b6rNE_amx3h30IbBi_BsnACxB03d_hD95yFxT_KxOJPV34KqLC29hSf5L5VxMHCdFg_GjP2F2E8YcGYpXw9rmijUHaLsFR1sTVr9ftSHTpMop4KUDEG3A806JDzLMs4wZCgkIsD7ltIPULe8cUiAIb3wxJ3YiwcDW6FC0o7d1nfT-64T0_EJhb_SzeBfOyYWIH4mB67viBMvtB5nm7quy0y2OOpmSBqhv0BxdhNRlQGWw9cnslFgm54WDzuUbH0SoATUve9JpLGhYnvNLYiJsmw3yK43Un4KYw8dxPz-RHaafVd49mna0waCsy_pwTJ_u7ovx2EQg3lJPelbtqP6Y5WgiX08tenV1eEa_D7eenWAbKnNUq_BSbE0gCJprl1bbAswLWavg9o2vBFCCodMHGKz3Us1RMiAfrKHVIiXWQ-zY--ziGbxqN7bS3dDq4LsKfx7BsPlf_FbwcK3HvisDcufEiX3HU3lIX8eu45N-WSECnBnJJ0uMGJlAji7EQHJd8jE08Zq0x7yXCfB7nzJXRqzQ8VNSmLOa3uX3hYJEsNfz1t-ucyAtgy2UfgBsTdrZdiF10TeyjNlTAvlWRsDVBPVLURMfb4SUB6eFY3HFJdY6ZXTSrrvREX2wSCqrzNATTE4bnrCSPcY4xjaSRz8-GsYuFs263oEA2P_sGaac-99DnnELi0j5S7Xv2OfC7av5mQ0ddZ05UIT05TG_TT_-ieYZ_gcrlz9eIovF9SXCAt-dSIBuTg961gJ0lpmE_emqjNaejJs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A2BC 0
20 B 150ms
150ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGkpHRtPkZJqgOt6RjuwPs4yPkA4AAAAAOAHgBAI&bg=!i4iliMfNAAZGPLJIZjw7ADQBe5WfOKNdba0dow4c6_si81FReF0_pR2vSSzWwEDiX0aL9pVu_2730UHw4D5jZrMb7OJzAgAAAl5SAAAABWgBB5kC7nLagqUFYDQq1taoum69JpXVR5KnJJtSSvKlNx3GzsbTdjKzWXjzxPVzmdYH__cQha0F19fhwy9pg3iFszn9bDR_AQvhd3ZpJI7Fh60Vr0MZsn1VOBcom2akA4wye_r1DEevRuVnf_PgVEBUgd4kDKn0AeAoSBOYGrI-LL3OcYTlEqivVprez4SY4ADrGfiqMlYoc03W1juf-fV3hu-1ajKgu7Ny5YimsGqokv4CfI3z3Obcnfa6rMdegyCAP6yjrzxUIPA3Bj-KMKwW0ESrp52ByjtwxqeSjF2cCxHC5cWfktYTcKvWWyqSDJhE3kCJyjDQ3cAwyRIzIaQoB2ta-9vqtH6740NonK3V7yxk93nsfa9o7l1RIOEQp8Ghb9RuYGYrVl8c9fPkSy8Paa8lzrU5Q31bs8AyU7PmLDJkdzZnzaSNACgp7BthbJpt3mNCr3CBdm-6KOalkPskM0Kas0vh_ATKMqmHtKlFhB7VRsftOXxEtH6nPirm-NuxsoBqMaHNdBGTDPMu2SnQoKyoQ6tmRVzlRdlcJmXvE-P-Sh3MbEBvMDIa1ucUZtLpBFCFTjEWpfFB7-bDmSqaF2FHxTYuD3VB8juT-24nVluAx2f5S5NxSaVvtlfLYAWYnD5oxlhs7DF10yvJw4O8fVlDNmhWeUy7p4eykX-BU16AE18B6UkjtXjNLBskaqq402vHMJvp8diZSofaUHfvANX9V9jnbvUvlklMZ7j4b2tgR-WZs1Xvq8rSkjY2bEPqv6-H4XEUvcSdlRoKWKPMuxgsQOTdXDH9jfQ67HW0Kh7DRzffckE8-dwvUetGAWLgkg8pihynMK2evBCbBS7qrB6ewWXkokaVAfWpOUXrOCC3iXYuStZCKlJAEb5CtJ8rxYrDprhYZcXOaMgXwQSVuV1yTZstWjX7isnmGOEAYSJEQ7K0W1JLTVUM7bseCP6MjYc-uEA08UuM6Wwi-ZlM-WNeiLYgAhzYje8j2fRWWtcRxw

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F52F 0
20 B 149ms
149ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhMtNRtPkZPuwGYq1-gb1uLSwDgAAAAA4AeAEAg&bg=!ICOlI2zNAAZGPLJIZjw7ADQBe5WfODrTEQUOFPs-v1j7LN9_THy2KG7tl6trlFmteOd4dqJ1scZK8xG-Rltn8_eXAY73AgAAAk9SAAAABGgBBwoAOx9OIcPz1Nir9u8QbS9te8_EH6xw7RYjuI3pzaZy97hDM8CTXemoabMhwnsuZThRk3CqoNFZzhMhe-r8mQL7Z2RgiqADBWBYi9CQq6ooAYEKOmra8oZy0cc6dUIM8PNJy19xgfsyZMWmioSEehLgIcNtNtSUJwTH9IpZB-6QwRgkOdDpYIeMCIGJDYlQMa1MpvVtoOs5GFdv5JNAiCn1sTyDT84Mtq7x5_sxf9Euz6RBul9mUuzoaDcIKhUnu2u8BLN9XkwNjufVHP6cB5DZRZWX7aA8TkCcl3r--rX4QpcrryLMO521MIZzaFMMIZp5shwtIPZNvd-XhVrWBzNQG2K3VtUABqsaaY8xCuHwqb5Wl2zwOy8iQ9yDCpXLH8GsPeS24CQCyrewGrZunqjoHb14RdatrE5ZmfI23IZK6z5ggB5NrymI9bOwSnGdNIsKKX2fpcdxIyVy4aJcTLMDnuV9wYERlfRc2L7hcG99R3g4yvBhTQx7lOiOS0BV1On5isT6Az26ry4GXEFItHZQpQ68p2lDi4yXNb5CXslyzEYM_chQ6WqwBtZDXDV5k3egGtaviRtcMGBvseMpCLjAYI9duJBprSCb7WOBcR1JBmks9EyDOSkR0kRVQcbgzgtq9tuS6Xxee-nk20KbOlFnFyIc8cKkhvLtEcDZZ6PjJhV8ZN-fQf0KH45KxWVSvdAqMEXhyCuNygpqtIuGQbbSnkqs7SjBvhptUru0oD9RQ9ewOW-XHA62mm_gpMyBBgooD2OS6eSOUFrM0mjMdRIfurDVNr_jTXLj9r5rfILafEhy0kE2QvicDuvm2NKoLvOHnfM8q_tO0ex0Zig5VGIsYNd4XL943AJy35sLMCCLx9W81KhD0_BfU5PqqatLS7_67H9IajdD4pGSq6SciTBCX-0aLxxxZzIRB_uJOt4IUK9f21TnHMe324_bC42VC8RbLUHN0K4x8Ba8Wr_bE-ScTRGa83kZVGD4iUQrManU6PlA_5xZ_jaULgJs-hth5Ay2k58XkCO_m_XGmfn5qUDVG36gC_rQp6hc6bLA_7XlmUPQKqqArvy4DcLG41U1H40xd7NPeBveU90lvQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D4B6 0
20 B 148ms
148ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjFFERtPkZOL-FPy49u8PzcWK-AQAAAAAOAHgBAI&bg=!mJulm9TNAAZGPLJIZjw7ADQBe5WfOLlYBk8NzL8agwPZHCMkvkKihaI7FAlGk5c2dXvIExYp-bPpEEaZoJb6GCKi9trxAgAAAkNSAAAABmgBBwoALgRPfbQZJD99o0Ceakhmi2TwmAYXS_vst8Vz1vCtj8eVkrhNdeRNXUYvkK4kqeSZAwZBjcGgcqK0itZeYQzGKZM2QBfkxh3AFKKFABNitsrPLN42zcyZB96fGAEruRB0AgXcidiCp23UpSj6SmK5yRZqQjpQ1u4G5vEq5loar7WSEPuZyBa-YGHMAtUXQWZq4uh_xhRIueglT488K8ievFRR5XkJ9OpIiTrJ-XDMWppV-udCNUP4GeXewONf2o5f7Q39aUjIREzX3cKZn5TVfhjfL3UnglbbedYjSQ7wIiytW7R-LcQ8ZyS6UaVOcQRiV1ZMeDQm7g2JTL2KxoH8Zfds5Zh6vx3yPuXJvARmxlxUixboyWWSmQs6IIY4gqXRCRD-347RRqhCogVyYA-9ysXSJpB8iFeNIl84mznmAaAmK1xtwIWa9YvsOavOxW0vh05xDtP5qQ6wAFonx2fhh2g25RzT82nAAasWp08OGn-PbvtDGWAniw1ir0kjvqRNWSadZehswsPgy2yk7ckVrdwRGx9IV2yzGnq3QMX194-p1B5nqKFXjXNivw01cI9ut5wEm1VT7xMBdD4-rKwPCgya0oCl3MckkZQEidX-ofwiRrq1TohfewXE_8__hEE20K5AUo2GXefqaBgzZ2WtjHzyoKa_mEwAxl9BJBCBH27z7J3c3wkD5UsIfSPnQvXEYAIJSVnEP4wft_0nlnhabBa53vsK5BPSllAzM0jc561GldFaIBNWoh4GrEtFHs8ZLPtooN7vRvLb__zSAvxs-ILMuiEFp-ljS9bqr4oSQbNTKQSNybQ_ZioxvdIqBkOaANQffVczjKRrbnwq6_iFKk_-RkZr2wyPo9yCXANgLXw277fNWgWEdf-PGrHaTi_MLtVU0-55KoZ7_luJ29D_O-gGGx5R_iUfLFv5t65VZ3G94iSMaMK1qWpORDWQ4klgsNZIm_sx58eTjpWsesNQDWFiokD88t6bByr8UeU4M5Q2hSIMLBGqxImbnmaNgw5NwUdcNRWajLm-BSOiEicx74gRVxcHlDjQyEGsbYjV_AjMHgJiIvhGST6MS4aT4uv0JDZC9dUP_Hw

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 59D1 0
20 B 148ms
148ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0TcDRtPkZMnAF5bAx_APo_2B2AUAAAAAOAHgBAI&bg=!GhmlGVbNAAZGPLJIZjw7ADQBe5WfOOeqnPGjZ9dQpXgKmoD0QJ8oIUgrnLEy00LLL_69DvOGDob4pRf6VEwx8yJO3lGVAgAAAjNSAAAABGgBB5kDQ0SNHjJhqLUPd2aHSVccBBGw5IVasAVgN6yk3f67-Or2ZYymOHclLiNM0WUY4nzswCcac8gnuNto3UAvyRT-_xCZGnNz03HgJfsvtXBD3Io4YcE2DPxAa57k1B_hhRnF0KwnbB0pSfbARSIxeUUAfc0a-ykDiExcfTvMedyUPclWTMfJF7xwn1xbqyrD-zdSBPTy3KHUTRUSWKT4qQ2_f6Fz32wwzFp6i49af1mzgVmGs6CmnXwuUB3nvV-JM1YSe8bWUnu2uZqLrK2njtITJmYDBvX9PWgicxf5LgFEmHvmUUM6ESpN0_ufx9HfpWinkapCMM2fbGiiOtzH3A_tY1gkSXQAfVPV7OZZdfjpsaWgiOWo6-2wjQXC0mba6QG_ILcNsIuSZyegr8JQwaEN0wgbazwRh6fv7O8bXrBrzapB2B1Ua2874h0igBjOKl-bVU0gVq2jvL97rSjzo6EwWp7HDl1Lr5qEuDsUq1vjYGWkwfWHHX8OM6gYkeUpuSSOyT1tsvhvpEYvlOLpJ0MBV5dmIxv0ZnSBI-_2DVcN_FP9WN7ESU5i4Zh3GKcpa-rQCJTzg19xkue_5PeSEX7WAu-E8gEO7uppPNCFkT3Ez-4ngxH_e69TpSERVPnPaDJ06RCduJ4jwV5yiuN6V56gsuhgmGWpGrmf6Iz46U8Gy92lCaW8ofD_KD9QTPK_aq6_UEG3SHrPBLAdN9-u_MbjS1LhAoLmK9RxiaCOrXS1xo0Fr6JM9yq-MH_mmsr18rfmEMT_nvpDVg60LvrvOksUQh41wk7UYi50_SXwnbwaqDPfKQ6PZ6fe_gQrIuktyeXOfJpRv49Iy32fAQ5I7y6ATor18ItuL0I5S3a4uZk1wMXE5o3wf1Vmlh_8xZZ8bhwUwxx6vdQtDo2riv90o1cex51vHeIwApil2ZQo02u-UJ7IrZpk6dUnQO1F7as15SUz3B-hjRSPPzMgwQcCglv5LNh3PKClSIpUQg5f23Cas9RhV-p6N1TGdWRWXcjM7D6zqFGSoYWncOxpSDosYziroof92Rc6zW4-NY6bHksRdofclAusTejyFX88NcXQVivwq31SRFkpg6yz27uX9YyZa3x0T5o

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 88C6 0
20 B 146ms
146ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_NWvRtPkZMCRF4Oxx_AP1vOg-AkAAAAAOAHgBAI&bg=!gIOlg8zNAAZGPLJIZjw7ADQBe5WfOFa0ibZxwy1-aOvmzDN8KzmYin9CxsHVOZAuulKvZdF4t-DQmliqgYDSr-WX2PpRAgAAAolSAAAABWgBBwoAMpVT7TbTqJLMXsZ_peGcyUDG8wOtueHo6vJEx1OJ2ErI6vZX4IulNpJSQ1jWW7dlVFeYmQMX28QNg3Ymx80BvrRWu33lPxL4hToFyP-eBsBJH09D-zd3n0gYk6AnHFDdLKqTfKUJ9gkRBWNHzDb20eWrhtqGKoXg45gN4HKNIAOyOnBBLzXoQJpRQC2MI5JwELfgnVPyQFqnOyiVfed2hUfO80PPv3BAkTSPK-ghBHARQNjx2qhl8yGfUQ0k04D6mMvER5vQ4R3fLwSVNNEUfneWSq9DIN4b53pYawxheIJu0-SzLgJyE6KqFisIuOoj3x9eSC0WqelSI_lFoWwVa0rbdBc5EwYuzi2pGpL65QEyvSOq05KAQEPiLU0R6cIM-Qpq_FmApoWAAqIWQZkbP33UkTl5IbiIi0GJbzhVZR6OW_uhI87Knh8lTlC4QS8sWzLiFPvnpt_shuwvWToNYFO1jq6qVcxAZpNMKp_4k0TM0Iq05xPvG4Ph2WM5oavoWltojXywBGnR2E2LntYre1zfuTyXyAcON1jGJlCeD9eLPNuBngkP05zrA0oJTa4LdxSngjvl73TBXsfbld3dAVu9nsF7y5PuXYupwpuA7qenlY7sBzW7QRFbx0jO5QESk65JafBnM0-wHSMPHA02YIIFpMpDvSJLfN0cA7J4RtMhkMU0rnpJhg7oAnF5GFkaD3JoeM7M52JR2NDaff0ty-uK-XcHhwObkSa62m1OBwQGBtat4ANazrBerR9qwmWHdHGTy5QRwJXixAjTFk_WbLyD8gJan5UXYWShhleqmiTTIbTJqwXR04JcsYFTWaWNIzVB-7sZXP0bjcUjAVHjqLiItITyVBZLs7G1EG_a_Amkjil9_pcxYxNJ9lmfM98sP6v8LBtQzPF2FXRWakbTTHwHudOoUfoM6zk8qOBztQtEtKo_EyR8qY1U7bMgyKdHsaDjfBnUwah9OKdtXWMkJy-GkLADRjacM0oiMqfTMJqTwLgooGYztx9iVRqzyQrZpwDHillEDNFbWcwEYan0e84n3Mg4tLYKfgHupQKHMEesyPQ1lvc0VSncSgPLdyNEFRylWxVAjpoMy2B79_rJBs-wCSLTyZ6EVZn-cwI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2F1E 42 B
64 B 128ms
128ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcPZEcYgrWRGZzdEbYorTQO6_OxiAA64VUz_wiyM073UGxBio73XYRqKehpio0LEGFCthTrIbvqKQQJm2njOdtmLnQr6FwlstLGnNsZOr5w4Svd0XjlDst8xwh7t7Blc16LA-dnb00mCzw&sai=AMfl-YT7OE0OfAFh0x94WA6wLLe1lxsdaEpRk-BRsjKSbwvNozarMG5Vf0GLpZ5ZnR_V6ukXrXy3PX3X_l-PzcYMw8QSF9ZUt6dOue-tOFzNU-1Mubk0ObwYnLwDpjbgaWyR6NC1GOonWjzSs2CUkg&sig=Cg0ArKJSzEz5wxBIvi1VEAE&cid=CAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ&id=lidar2&mcvt=1000&p=75,436,165,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230821&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=299942153&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692717893781&rpt=1401&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8C8F 42 B
64 B 128ms
128ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss88P3rn_mxwf1IWgjeKpJEUiq_WlUMw8UkZMjMm-5tk3Nocn_0gmWOFkDieeYK0N6J0tFBrKe4fZuNyjhN7_JEwh_VnN2FO0tM1b1418aIVU1vaWzVip2vgx_MABcoZsNVuMMG0F6Mpj2d&sai=AMfl-YT4WuhYhVeqhtM98LidOFeKPYicvto9gyKd7wZ-zkeFV9doUsdhySHw95BXm27OprRm2zqLXosfG89uHYMKiQoEj6wQ0eO0sb5bKc0AH9LoDILexswD86OsUQwpwWA9F9UDp72_vdMV-bFzlg&sig=Cg0ArKJSzMt9mutbXxgREAE&cid=CAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ&id=lidar2&mcvt=1001&p=539,278,789,578&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230821&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2763825005&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692717893790&rpt=1360&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK request.php Show response
hal900016.redintelligence.net/ Frame 215F 3 KB
2 KB 160ms
86ms Script
application/x-javascript 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=f2eefadb54&subid=&uid=7bc1a0e942fc5b47&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCo898RdPkZM6mC4XE7gO0gbnoBKblvaBphZWcp8kP8C4QASDeuKidAWCV8v2BlAfIAQmpApzIbW2TRLI-qAMByAObBKoE3gFP0NMzPOloBhKe9b4x_9ApfL6xQctHCAiF0mi9jHEo-pPCHnIjwCl_GqA-i2D9W8NOP5rIrWnnWgMGS8qLCNju1aUsKua7nVLH_nws48RtU0rvYk80J0kVY6RDB9lhdqNQi3IWZ7UaDhRvleF_vgWRcLYXvGk5RXH8fn7LtWh63FMp_HAPySuqNI2X1e1fX2FbXa-FzWUWxjyZx5D-pShkNiBTGsEwMDEvztdatk8AF7fGVLY_xyj_3AO-RJOUWpAUFTzUaVrgN4IDkr1eaLy2hr7S9dC2DkkHW17W943ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIjt3pxcnwgAMVBaJ7Ch20QA5NEAEYASAAEgLQmPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ%26sig%3DAOD64_3hcDvIOnsTP7cJ4OMt_WLvFBHDAw%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Ckw0EMYcAsSc1CnIoIfVSy9AkmlxdQSRmi6ewmNf-fa2n-aJV5irzekOGWZ5o_k1VJEx7YrP14T9vlMUsf7BVjz4jn1XjQIkUnwRRiIPUR0YlbZ1RRhmxKt136Y55vxWfEU1J0zWGwseiKhMacBgJ_caRPRZyMxwMfSg-mcK_QtGGBKAE%26cry%3D1%26dbm_d%3DAKAmf-AzMNjEpMA2Fz9GMUQt9RZTJAHgNznzRK5MeguD1_aFP5Ey-g8GxVnUPvNrmd2W1MbX9dV7RudGI3Qevj79b28Xo2rQLrg0GxqWwrkPNklpKRWZBNFMAQRudSRX4DDuOjyjGQ2ciZ7Ulht8PZglzjscz7BQIeUpcSsDIx6oQxkITaF0yOjXdCqzR1f6PhzoZ8bS4zfA7-54gLLdqJAziKSoJnLG6A0KwOPHQ1LqizCOx3R0ciHnD6XLsNWoD6g0lnwF4c8hGdf8k-SBCIf_QKJmH1CF8hUdtpi2WoJ8sQT56tVs7MvpaMNbEzhu6aMuqMMSWyEalDHpJ9aYIN2GaYUUggnzUiiAL1AOS8p-wdiRyX3IN1ri3_ovubNFmA_GfHrT41H1lUPLw8SOJZ3DIBPpuJ6AiNnpmErhGVYeva0KRqZdB8R-g7M22ALA1fjPwT4v8uDFlJoA5_zSbftVfMF_tsPUPNfrzaNUitsbv2UEXPBkjHz-YL9tdiLK6XD4fX6j56VXIFOVw31kBor7liX3a0_VndZUpC0Uyj6HyGukpLXyW3RT1M6wd6gG5y3Zsfl47k6wl-Ju8FCrpAAs-r9o73BJlEDqYKK9ix-fr5aHf0nq8p3vJeO46vm8b6dKHx6aUNV9%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=7223417197625&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1692717893185166&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCo898RdPkZM6mC4XE7gO0gbnoBKblvaBphZWcp8kP8C4QASDeuKidAWCV8v2BlAfIAQmpApzIbW2TRLI-qAMByAObBKoE3gFP0NMzPOloBhKe9b4x_9ApfL6xQctHCAiF0mi9jHEo-pPCHnIjwCl_GqA-i2D9W8NOP5rIrWnnWgMGS8qLCNju1aUsKua7nVLH_nws48RtU0rvYk80J0kVY6RDB9lhdqNQi3IWZ7UaDhRvleF_vgWRcLYXvGk5RXH8fn7LtWh63FMp_HAPySuqNI2X1e1fX2FbXa-FzWUWxjyZx5D-pShkNiBTGsEwMDEvztdatk8AF7fGVLY_xyj_3AO-RJOUWpAUFTzUaVrgN4IDkr1eaLy2hr7S9dC2DkkHW17W943ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIjt3pxcnwgAMVBaJ7Ch20QA5NEAEYASAAEgLQmPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ%26sig%3DAOD64_3hcDvIOnsTP7cJ4OMt_WLvFBHDAw%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Ckw0EMYcAsSc1CnIoIfVSy9AkmlxdQSRmi6ewmNf-fa2n-aJV5irzekOGWZ5o_k1VJEx7YrP14T9vlMUsf7BVjz4jn1XjQIkUnwRRiIPUR0YlbZ1RRhmxKt136Y55vxWfEU1J0zWGwseiKhMacBgJ_caRPRZyMxwMfSg-mcK_QtGGBKAE%26cry%3D1%26dbm_d%3DAKAmf-AzMNjEpMA2Fz9GMUQt9RZTJAHgNznzRK5MeguD1_aFP5Ey-g8GxVnUPvNrmd2W1MbX9dV7RudGI3Qevj79b28Xo2rQLrg0GxqWwrkPNklpKRWZBNFMAQRudSRX4DDuOjyjGQ2ciZ7Ulht8PZglzjscz7BQIeUpcSsDIx6oQxkITaF0yOjXdCqzR1f6PhzoZ8bS4zfA7-54gLLdqJAziKSoJnLG6A0KwOPHQ1LqizCOx3R0ciHnD6XLsNWoD6g0lnwF4c8hGdf8k-SBCIf_QKJmH1CF8hUdtpi2WoJ8sQT56tVs7MvpaMNbEzhu6aMuqMMSWyEalDHpJ9aYIN2GaYUUggnzUiiAL1AOS8p-wdiRyX3IN1ri3_ovubNFmA_GfHrT41H1lUPLw8SOJZ3DIBPpuJ6AiNnpmErhGVYeva0KRqZdB8R-g7M22ALA1fjPwT4v8uDFlJoA5_zSbftVfMF_tsPUPNfrzaNUitsbv2UEXPBkjHz-YL9tdiLK6XD4fX6j56VXIFOVw31kBor7liX3a0_VndZUpC0Uyj6HyGukpLXyW3RT1M6wd6gG5y3Zsfl47k6wl-Ju8FCrpAAs-r9o73BJlEDqYKK9ix-fr5aHf0nq8p3vJeO46vm8b6dKHx6aUNV9%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 5dc2fd2019f8c74af11210ed3635ec88eef1ca4f51ccc6db4e8aa2d897166da9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 15:24:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 96456800092786404444550012424016
Connection: close
Content-Length: 1042
Expires: Tue, 22 Aug 2023 16:24:56 +0200

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7476 265 KB
88 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd2d1247f07ea39b38e3f409b1c1391691971f2a3ae1d93efd8436e898cb95ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90339
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 22 Aug 2023 15:24:56 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 3730 2 KB
2 KB 181ms
75ms Script
text/html 3.9.45.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=24815000087975004445008012424015&nw=1
Requested by: Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.45.49 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-45-49.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 1aadff867fe08d089d4a5e676ffa5ca948718b87139ac8dbbaa2455ac0def29b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:56 GMT
last-modified: Tue, 22 Aug 2023 15:24:56 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 22 Aug 2023 15:25:56 GMT

GET
H2

200

activityi;dc_pre=CJiGtsfJ8IADFZFMDQodbqYL-g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1700840983553.48 Show response
5994599.fls.doubleclick.net/ Frame 1691
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1700840983553.48?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJiGtsfJ8IADFZFMDQodbqYL-g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1700840983553.48?

390 B
326 B

144ms
143ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CJiGtsfJ8IADFZFMDQodbqYL-g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1700840983553.48?

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

0adaf08a52982bdef45ecfd851314cde6953a012d95de44c57c508fa2eee5d7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 15:24:56 GMT
expires: Tue, 22 Aug 2023 15:24:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 15:24:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJiGtsfJ8IADFZFMDQodbqYL-g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1700840983553.48?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900015.redintelligence.net/ Frame EFB7 8 KB
2 KB 90ms
33ms Document
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/request_content.php?s=24815000087975004445008012424015&a=e5864b12
Requested by: Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 60744915c2ac7eefd5fd661de72b26d9b70624be3d385ec4f27631eb0a817641

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2179
Content-Type: text/html; charset=utf-8
Date: Tue, 22 Aug 2023 15:24:56 GMT
Expires: Tue, 22 Aug 2023 16:24:56 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 3730 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 297da7187620065fd1329c304c4f8ff957cecc7d606447d6cc27cb94839759d1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 8BC3 5 KB
5 KB 27ms
27ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3012214761
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 15:24:56 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H2

200

activityi;dc_pre=CLTMtsfJ8IADFVwNaAgdkZAJoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6492611785743.125 Show response
5994599.fls.doubleclick.net/ Frame EC85
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6492611785743.125?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTMtsfJ8IADFVwNaAgdkZAJoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6492611785743.125?

391 B
287 B

142ms
142ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTMtsfJ8IADFVwNaAgdkZAJoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6492611785743.125?

Requested by

Host: a2zapk.io
URL: https://a2zapk.io/1130001-caixa-tem-1-47-1-547-arm64-v8a-armeabi-v7a-x86-x86-64-a2z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

38d281c223633a7c7587ee71534e951fe7698d434e39f8c94b305d55040c8cb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 15:24:56 GMT
expires: Tue, 22 Aug 2023 15:24:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 15:24:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTMtsfJ8IADFVwNaAgdkZAJoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6492611785743.125?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900016.redintelligence.net/ Frame 97E1 7 KB
2 KB 85ms
30ms Document
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/request_content.php?s=96456800092786404444550012424016&a=d3df5ed9
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=f2eefadb54&subid=&uid=7bc1a0e942fc5b47&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCo898RdPkZM6mC4XE7gO0gbnoBKblvaBphZWcp8kP8C4QASDeuKidAWCV8v2BlAfIAQmpApzIbW2TRLI-qAMByAObBKoE3gFP0NMzPOloBhKe9b4x_9ApfL6xQctHCAiF0mi9jHEo-pPCHnIjwCl_GqA-i2D9W8NOP5rIrWnnWgMGS8qLCNju1aUsKua7nVLH_nws48RtU0rvYk80J0kVY6RDB9lhdqNQi3IWZ7UaDhRvleF_vgWRcLYXvGk5RXH8fn7LtWh63FMp_HAPySuqNI2X1e1fX2FbXa-FzWUWxjyZx5D-pShkNiBTGsEwMDEvztdatk8AF7fGVLY_xyj_3AO-RJOUWpAUFTzUaVrgN4IDkr1eaLy2hr7S9dC2DkkHW17W943ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgOYCwHICwGADAGqDQJERcgNAbATzJzZEtATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26gclid%3DEAIaIQobChMIjt3pxcnwgAMVBaJ7Ch20QA5NEAEYASAAEgLQmPD_BwE%26num%3D1%26cid%3DCAQSTABpAlJWYglGBjQYoxQln0RdpC_fc0HCABVG6YKXYQMcKkatBTaXDuyJoL_s_uoBbaa3wrCFlQvhJmvnoSH_tUeT0divJtFdixkHkTAYAQ%26sig%3DAOD64_3hcDvIOnsTP7cJ4OMt_WLvFBHDAw%26client%3Dca-pub-4601633312332497%26dbm_c%3DAKAmf-Ckw0EMYcAsSc1CnIoIfVSy9AkmlxdQSRmi6ewmNf-fa2n-aJV5irzekOGWZ5o_k1VJEx7YrP14T9vlMUsf7BVjz4jn1XjQIkUnwRRiIPUR0YlbZ1RRhmxKt136Y55vxWfEU1J0zWGwseiKhMacBgJ_caRPRZyMxwMfSg-mcK_QtGGBKAE%26cry%3D1%26dbm_d%3DAKAmf-AzMNjEpMA2Fz9GMUQt9RZTJAHgNznzRK5MeguD1_aFP5Ey-g8GxVnUPvNrmd2W1MbX9dV7RudGI3Qevj79b28Xo2rQLrg0GxqWwrkPNklpKRWZBNFMAQRudSRX4DDuOjyjGQ2ciZ7Ulht8PZglzjscz7BQIeUpcSsDIx6oQxkITaF0yOjXdCqzR1f6PhzoZ8bS4zfA7-54gLLdqJAziKSoJnLG6A0KwOPHQ1LqizCOx3R0ciHnD6XLsNWoD6g0lnwF4c8hGdf8k-SBCIf_QKJmH1CF8hUdtpi2WoJ8sQT56tVs7MvpaMNbEzhu6aMuqMMSWyEalDHpJ9aYIN2GaYUUggnzUiiAL1AOS8p-wdiRyX3IN1ri3_ovubNFmA_GfHrT41H1lUPLw8SOJZ3DIBPpuJ6AiNnpmErhGVYeva0KRqZdB8R-g7M22ALA1fjPwT4v8uDFlJoA5_zSbftVfMF_tsPUPNfrzaNUitsbv2UEXPBkjHz-YL9tdiLK6XD4fX6j56VXIFOVw31kBor7liX3a0_VndZUpC0Uyj6HyGukpLXyW3RT1M6wd6gG5y3Zsfl47k6wl-Ju8FCrpAAs-r9o73BJlEDqYKK9ix-fr5aHf0nq8p3vJeO46vm8b6dKHx6aUNV9%26adurl%3D&documentReferer=https%3A%2F%2Fa2zapk.io%2F&ancestorOrigins=https%3A%2F%2Fa2zapk.io&random=7223417197625&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a08056113cbf9d831ca00389bf35cacfcb12ccde6b1a253002454d02b5f36fb6

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2044
Content-Type: text/html; charset=utf-8
Date: Tue, 22 Aug 2023 15:24:56 GMT
Expires: Tue, 22 Aug 2023 16:24:56 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 215F 43 B
704 B 182ms
92ms Image
image/gif 2.20.213.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=96456800092786404444550012424016&pv=1

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.20.213.154 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-20-213-154.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 15:24:56 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 215F 43 B
703 B 178ms
88ms Image
image/gif 2.20.213.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=96456800092786404444550012424016&pv=1

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.20.213.154 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-20-213-154.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 15:24:56 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 215F 43 B
703 B 221ms
118ms Image
image/gif 2.20.213.154
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=96456800092786404444550012424016&pv=1

Requested by

Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.20.213.154 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-20-213-154.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Aug 2023 15:24:56 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 css
fonts.googleapis.com/ Frame EFB7 5 KB
778 B 262ms
261ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=24815000087975004445008012424015&a=e5864b12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 22 Aug 2023 15:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 14:25:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Aug 2023 15:24:56 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame EFB7 17 KB
17 KB 31ms
31ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=24815000087975004445008012424015&a=e5864b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e03216b243eef625fa11267045934a1bf9bbd079ffb1b96c472ed76b6c07deb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 15:24:56 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16985
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame EFB7 16 KB
16 KB 88ms
32ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=24815000087975004445008012424015&a=e5864b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 202994bdfdfbbae656820fcda673b1c666e86dd9a8af5962729ea1767e175f58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 15:24:56 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16512
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame EFB7 13 KB
13 KB 88ms
32ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-1200x627.jpg
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=24815000087975004445008012424015&a=e5864b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 0eef32dae6862f7d62c6509d51c6589ebdc8fc2275fc2b72313986049da27b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 15:24:56 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 13287
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame EFB7 13 KB
13 KB 143ms
86ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=24815000087975004445008012424015&a=e5864b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 6faafc86cd15077c1f34174cf89dcb8218157643f3bea002b7dbc6becbbe3dbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 15:24:56 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12999
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 3730 51 KB
18 KB 479ms
82ms Script
text/javascript 52.222.139.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=24815000087975004445008012424015&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-14.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 16:40:54 GMT
content-encoding: gzip
via: 1.1 ac979e099d122e39d3a8fac95688a69a.cloudfront.net (CloudFront)
last-modified: Mon, 07 Aug 2023 14:11:27 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 81844
etag: W/"cb7accb6a6fc086cd831549a78a2fe42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: mAwLudfzz_72i5n3nCBAyT4kukNcALOjUfbMu3G8jngI5xzW_7Hm0Q==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame 3730 3 KB
3 KB 404ms
85ms Image
image/png 13.227.219.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1692718196&Signature=qHrdzbWwU1yEUA8fOPEFDjJDE1Er6iVSCME1egNDHh2r5Yk7GT6~N4Az4KWZltb~u9bTa5h6nte1aLTOg2nwuBjs6OfCPV~3XXwlnGEmXrxhPimZitsd2LBrf9j~FmR94ZXLw8PBpxJBJmT-NLFpiUFE-cYgE4cdATq~Z57WI7nodW7PozuA3XYpn4cGgAYSW1gd-zeqNfrCN-8Io7hkHITuiTIfYvHzHiYTg58mpXcq2783uyyGTnYqozaQlw7Ewy03A7w7fg80BrBGe7yKcMY6woBIzCVZ8VriFfTTolYsZfPftEOYZ1uc2CiU1KgT2AiFZtHc9-imUVlpmSWrLA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
URL: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-116.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 22 Aug 2023 03:33:54 GMT
via: 1.1 76fb21fcb70866221c67558e2f776540.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: AMS54-C1
age: 42663
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: BW1mF73BXxYQyb9VRuADpn9BuIn9QsUDwtQdZNoatXUXh9wK6QSt4A==

GET
H3 200 css
fonts.googleapis.com/ Frame 97E1 2 KB
434 B 38ms
37ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=96456800092786404444550012424016&a=d3df5ed9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 22 Aug 2023 15:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 14:26:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Aug 2023 15:24:56 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 97E1 10 KB
10 KB 192ms
121ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/627x627-1.jpg
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=96456800092786404444550012424016&a=d3df5ed9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 8e80a956746138fb3d21530abe97f5c31151f7f9c18a890dbdfe72bd894bc179

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 15:24:56 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9726
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 97E1 7 KB
7 KB 97ms
33ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native4.png
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=96456800092786404444550012424016&a=d3df5ed9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: d2199f97f4c2cce9e6babc81cccfd0952580f6418f6829458264e1e7a85668d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 15:24:56 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 7116
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 97E1 10 KB
10 KB 164ms
99ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_627x627.jpg
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=96456800092786404444550012424016&a=d3df5ed9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 73ee58c9a9e6fece7d5bf948d1e7037a906f965ddf0c7b3ad81e06824fe46c91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 15:24:56 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10389
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal900016.redintelligence.net/ Frame 97E1 0
150 B 85ms
25ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900016.redintelligence.net/viewability?s=96456800092786404444550012424016&a=fe4bd6f2&vb=m
Requested by: Host: hal900016.redintelligence.net
URL: https://hal900016.redintelligence.net/request_content.php?s=96456800092786404444550012424016&a=d3df5ed9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900016.redintelligence.net/request_content.php?s=96456800092786404444550012424016&a=d3df5ed9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 15:24:56 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 dc_pre=CJiGtsfJ8IADFZFMDQodbqYL-g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1700840983553.48
adservice.google.com/ddm/fls/z/ Frame 1691 42 B
401 B 219ms
125ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJiGtsfJ8IADFZFMDQodbqYL-g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1700840983553.48

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJiGtsfJ8IADFZFMDQodbqYL-g;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1700840983553.48?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900015.redintelligence.net/ Frame EFB7 0
150 B 97ms
38ms Script
text/html 138.201.135.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900015.redintelligence.net/viewability?s=24815000087975004445008012424015&a=c5a3e21c&vb=m
Requested by: Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=24815000087975004445008012424015&a=e5864b12
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.135.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900015.redintelligence.net/request_content.php?s=24815000087975004445008012424015&a=e5864b12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Tue, 22 Aug 2023 15:24:56 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 dc_pre=CLTMtsfJ8IADFVwNaAgdkZAJoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6492611785743.125
adservice.google.com/ddm/fls/z/ Frame EC85 42 B
107 B 214ms
127ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLTMtsfJ8IADFVwNaAgdkZAJoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6492611785743.125

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLTMtsfJ8IADFVwNaAgdkZAJoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6492611785743.125?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame EFB7 14 KB
15 KB 123ms
61ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900015.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 21:33:46 GMT
x-content-type-options: nosniff
age: 409870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Aug 2024 21:33:46 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame EFB7 15 KB
15 KB 90ms
28ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900015.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 09:02:57 GMT
x-content-type-options: nosniff
age: 368519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 09:02:57 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4689 0
20 B 123ms
123ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7368415509740&version=m202307240101&ct=76&x=1&cor=8236941930622017000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/2962663798543763056/ Frame 1AE9 60 KB
13 KB 27ms
27ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2962663798543763056/index.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2962663798543763056/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ca5d9e3fdf8cb86198a17a581e3f4539c36bdef2215e1c6e36e56803bdaacd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2962663798543763056/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 03:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 301928
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12882
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 09:31:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 03:32:48 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3293 0
20 B 125ms
125ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1016107701019&version=m202307240101&ct=76&x=1&cor=17056391933747937000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/2962663798543763056/images/ Frame 1AE9 125 KB
125 KB 26ms
25ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2962663798543763056/images/index_atlas_NP_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c66d67de5b3c418a30617f0f380766b2da35dede5026a8db52dccb964108ced

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2962663798543763056/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:57:26 GMT
x-content-type-options: nosniff
age: 293250
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128155
x-xss-protection: 0
last-modified: Wed, 26 Jul 2023 09:31:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 05:57:26 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C8F 0
20 B 121ms
120ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1731561290809&version=m202307240101&ct=76&x=1&cor=16630688949248827000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F1E 0
20 B 123ms
123ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6901629876719&version=m202307240101&ct=76&x=1&cor=1874735323545788200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5584 0
20 B 121ms
121ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8033173165402&version=m202307240101&ct=76&x=1&cor=2410934449464698000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 3730 16 B
209 B 84ms
84ms Fetch
application/json 18.135.31.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.135.31.191 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-135-31-191.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 22 Aug 2023 15:24:58 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 155ms
39ms Preflight 18.135.31.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.31.191 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-31-191.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Tue, 22 Aug 2023 15:24:57 GMT
server: nginx

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 215F 0
20 B 120ms
120ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7078254643030&version=m202307240101&ct=77&x=1&cor=13029214530049864000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3730 0
20 B 121ms
121ms Ping
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3974469828004&version=m202307240101&ct=77&x=1&cor=18022030269136744000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Aug 2023 15:24:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.a2zapk.io/	1970-01-20 23:47:57	Name: _ga_SS5VJ1BTPE Value: GS1.1.1692717892.1.0.1692717892.0.0.0
.a2zapk.io/	1970-01-20 23:47:57	Name: _ga Value: GA1.1.927921021.1692717893
.a2zapk.io/	1970-01-20 22:57:33	Name: cf_clearance Value: kM524ZAdjjBJA6z2zsQ7J8LsPHbgNcNQbiF.c0nZ0f4-1692717892-0-1-cb448e17.823c8e49.9c45d1f7-0.2.1692717892
.a2zapk.io/	1970-01-20 23:33:33	Name: __gads Value: ID=ba13980875973704:T=1692717893:RT=1692717893:S=ALNI_MYZ8sD6EKpa2G0VjdyiMFHp12v4iQ
.a2zapk.io/	1970-01-20 23:33:33	Name: __gpi Value: UID=00000c65f7da34b6:T=1692717893:RT=1692717893:S=ALNI_MbaYX0lVtuHmPFQJksAIYj5IjIV8A
.doubleclick.net/	1970-01-20 23:33:33	Name: IDE Value: AHWqTUkBEff0g2B0uO5tNOoN88Jgt8NPTFY_s9k1E8RSZsXAyMwwkwhXBO9eDIB6
.casalemedia.com/	1970-01-20 22:57:33	Name: CMID Value: ZOTTRqtQl6QNtpyq.4kOxQAA
.casalemedia.com/	1970-01-20 16:21:33	Name: CMPS Value: 5266
.casalemedia.com/	1970-01-20 16:21:33	Name: CMPRO Value: 5266
.doubleclick.net/	1970-01-20 18:31:09	Name: APC Value: AfxxVi53lNEtltc1ZDz7CwiUO3mQAbKcX30Bv2DnBLLz9SZPU6ZfXQ
.adnxs.com/	1970-01-20 16:21:33	Name: uuid2 Value: 249318548199741914
.adnxs.com/	1970-01-20 16:21:33	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaOK4jpx!A#FI(<j<dINiYhTyXnfi8FW/aa)t(4@i/LC1Z)h17I@nhrC]h35YY'_L>?G/X%W#.wL4W1Qw19eB..0
.redintelligence.net/	1970-01-20 16:21:33	Name: 8lcfmzhxc8d6_uid Value: 89f63b7a5ec4d5eb
m.exactag.com/	1970-01-20 16:21:33	Name: exactag_new_gk Value: 68733057ac7c4a309ad526db7602aa50%7C21.10.2023%2015%3A24%3A55
m.exactag.com/	1970-01-20 18:31:09	Name: exactag_new_uk Value: cb58e05cec9643909ffd331cb60877de%7C
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 1e25cdbaefda4f7ebf1ed75e
.retailads.net/	1970-01-20 14:55:09	Name: ppb2172 Value: 3012214761
.office-partner.de/	1970-01-20 23:47:57	Name: source Value: {"webgains_webgains":{"timestamp":1692717896324,"clickCookie":false}}
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: e0l3dvv1im3qvkm4ho3xp0w3
pb.media01.eu/	1970-01-20 23:47:57	Name: DTU Value: BD1615CFF6804673183982DDB36875B3
.futalis.de/	1970-01-20 15:38:21	Name: raSIDb Value: 3012214761
.awin1.com/	1970-01-20 14:22:02	Name: awpv11601 Value: 113440\|1692717896\|0cd78380-4100-11ee-b5a9-2261897cac57
.awin1.com/	1970-01-20 14:14:50	Name: awpv11830 Value: 296283\|1692717896\|0cd7aa90-4100-11ee-8c55-226543793aa5
.awin1.com/	1970-01-20 14:22:02	Name: awpv14098 Value: 296283\|1692717896\|0cd894f0-4100-11ee-9f65-22389f6b057d
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 429086:2519595

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://srtb.msn.com/auction Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
a2zapk.com
a2zapk.disqus.com
a2zapk.io
adservice.google.com
adv.office-partner.de
af10054a7a2fec14a8f4ed739d6b7b6a.safeframe.googlesyndication.com
analytics.webgains.io
api.webgains.io
cdn.retailads.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900015.redintelligence.net
hal900016.redintelligence.net
ib.adnxs.com
m.exactag.com
pagead2.googlesyndication.com
pb.media01.eu
play-lh.googleusercontent.com
pv.medialead.de
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
srtb.msn.com
static.cloudflareinsights.com
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
13.227.219.116
138.201.135.164
138.201.220.30
142.250.185.70
142.250.185.98
142.250.186.130
145.239.193.130
18.135.31.191
185.80.39.216
185.89.210.101
199.232.192.134
2.20.213.154
2001:4860:4802:34::36
204.79.197.203
2606:4700:20::ac43:4b79
2606:4700:3035::6815:929
2606:4700::6810:3865
2606:4700::6811:180e
2a00:1450:4001:80b::2006
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2001
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:830::200a
2a00:1450:4001:830::2016
2a01:4f8:d0a:2321::2
2a0b:4d07:101::1
3.9.45.49
49.12.22.42
52.222.139.14
85.14.248.91
88.198.250.30
88.99.219.174
00067a13f6ac6be3ee460d799be2e268e0973d1f49e6a2737868e3231fb2698a
03c3cdc21d2bff5ce75dcf0a2eff01acefe9a72463d18631dbd8e92adfb194a6
03ed6e30bee0904aa1c18913cf4ea46865b9f13c339ef3f0ec6a76feff369c39
047739620d70265708f54a40f0d7c3ae34af1cdc206f2504686f5dd613dab6ce
061dd6591dde25591931dc9470fd0bc3b63f4bf0ed8696af047f5a020c50c542
07c96b17ccb4485444bb5ae76ef2eae38bc9d5982cca636ba2410d47962e58e4
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0adaf08a52982bdef45ecfd851314cde6953a012d95de44c57c508fa2eee5d7a
0b7c1f9b0cd43d700389d777d0d7e54ac741860e29caa6ad833ca4d3eb27585d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eef32dae6862f7d62c6509d51c6589ebdc8fc2275fc2b72313986049da27b28
0fb6826010e7c2cd49aaa4d145b99763f6c5aca921a7ebbcd45b350f6ea0fa10
11a2277567d5437c81c78749b482998a499bcb01ae665f3ad8e2267772d7bf4a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12e99e6da8349480c5038849faf6e0bc4f7294979f545c23893de5bf1bb2dc4f
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1a3090c306d4cff07a923e3524f0f9ea8d7439a9eff8cb8da0233137415f0e7b
1aadff867fe08d089d4a5e676ffa5ca948718b87139ac8dbbaa2455ac0def29b
1b582acaf161db1ef436343a487e95a35a5ee579d35893ad726dce7fa4b85b4c
1d8a10f707df99a7e5d84aeb947777a8daf1be07007780b0c0bf8d0d88707ae9
1fb0b9b2a8a5010d882296aa6c3ba890fadc5343b83a52b780d145944558b2db
1fd93de5dab28bfc6583e39bdaac6a7a4b610e0c5c9560984a4ec04f84099f99
202994bdfdfbbae656820fcda673b1c666e86dd9a8af5962729ea1767e175f58
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
23f1437cd33df500ccadb5cacf49ba212539c95a7a25567c45b99caa9f26ed5a
25a09c44ecdf00f1c9e110084125735ce49e1e3ee9e631a9af960756d8a85a94
26ef1399edc15fddc1cf7e2fedcd2f5be0103c4c23e1c81c72d332407cefe1cb
272f2244814e649578b0ea90e4cc0ba8c97752f5ee3d6dbbb32082a1dce382fc
27686f826ed1dfe39698b13eba4ac46241a32852e3fac100dd519dde58425fd4
27b829bc85a90bf3495216530c225dd7a4e4130722583ab8f3fb5df1d3893daa
2925735552eb35109c7d23a42579810b5f46bad2bc1b602fd0a1aff0d215eda9
297da7187620065fd1329c304c4f8ff957cecc7d606447d6cc27cb94839759d1
2987f8ce761dbdafa880a50e06360cb287d2db365d490eb5ef0ddfdf9d8cab45
29932df8708f3e15ece0c65e81318246162e6fae0fd2cd808b7b37671f151589
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
2ae11b8d7458ea7d87d6889e190ad6b5701aaf6072f54df327f745c997c3a0d0
2bae9fc3e57c860103d1e03360ba3246e3b6c5bcaa6f3183ce8066cc69843a5d
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3258456cdea81e84c39cbe44f19c21d793a707db3b91400c6276c00d5f067ebc
33fe920339ace668d568c7af16f2da53f7c73ecff8e22690286eb57bf6bcef75
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
34b6fe92215687cbed1be732be428ee1b0e4b4a6af5ddb106b8857aadf6bbbab
35c1f40d79b8e6da1e3c437ee203f794257d2d44eb0ee0f5246544c41964da3e
36ceb001033fe060659ce765e33d58552fb5725eda888725ba47e802624b2225
381d10f7def0c662364045380356828615ac87bfe1e1318bcd5f034ef28a2e37
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38d281c223633a7c7587ee71534e951fe7698d434e39f8c94b305d55040c8cb0
39e9dba0ea34eff36b3c72af09b11c27b9a34eb305c1f9511b7ed11eb7421280
3caf825c4b9b5bbad5a83bc6dd590794185712f7d459f16f7d0dad79a96fe743
40973a3e0be1b19f1d4a5c766421814dc51eaa807a8568e95619bebe2903473d
43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
45ad9050425f1e2649efc249481420c57e0bc056aa6f0a2821246d77138dbed5
45fbd96af253805dac2c58d386ad9388438986bddcee28f7a9334f554d4ce1e7
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
473922d81a67d36d47e37ecd58944bb25d8955ebb5407a9b6712a7cabf5b6640
47b6d024b1134a069c6fa15dc801959fdf714799db894d6bfe8fbc360191faa5
4965785a1b1ac9a9aa14ba0b102acc350032529a5dbbe79fabe0a742d6c27fe8
49e7f6d3bc4e956a9e9606c86cbd7c3c558ee412d27a64f57eabeb160b7ce161
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b2ee5bf0628946267ddcaf4be02035e2f89ec2d050157614a6e99e0375e94d
57bb12e0be7d9f8b609ca29da52321717febd067a55c9533d248b29ae9007a7d
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
5cca87c9e0a74be43a6aec384185b284b076af568ab3a32a1ab5d09b15a1e127
5dc2fd2019f8c74af11210ed3635ec88eef1ca4f51ccc6db4e8aa2d897166da9
6032ace0de4c42162f71431b2ab16aa63aa8c8bbed88d49eaf6e6fb7baf9448c
60744915c2ac7eefd5fd661de72b26d9b70624be3d385ec4f27631eb0a817641
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6adac6428edb51a484c2c40855013df405dd2e310931b863963b7f63810316c0
6c78de03d62d435f83aed780f66367bf49e48d696cc0bd7fb9c85983e77884d6
6faafc86cd15077c1f34174cf89dcb8218157643f3bea002b7dbc6becbbe3dbe
731c6d54aeb00ca8f4fb178937c2007d74e0a352f3336f01f687761678945a63
73ee58c9a9e6fece7d5bf948d1e7037a906f965ddf0c7b3ad81e06824fe46c91
7560081f09d7c7cc914628f0d6f9bd2f91a1c33ccd0403e130c441c607d06f33
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
78ee5a5b37a1565a279ca4eb5fca67b8433c71d2977e5f0588dc6f8778629092
7b11c6a309d810d472cb0ad5ec4a7d4d2c03e411a794a1c262e89c83f37de81c
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7c66d67de5b3c418a30617f0f380766b2da35dede5026a8db52dccb964108ced
7d331fb82724f45c59327c435134c753bc5a07be33b7c94b621d5401d2156fab
7fb07880fe0e8c6a59441a5eb71aed95f6542a8c4bc1ed859984d2e8efe054e0
7ff50a60d167f90caf90345162489e4427beb21d5ef393f7703425211f2363d9
80351098c2478918bb80008d7836499305bf6f4d4b2abf742b8823255bbb0d8e
80752a6725c62468e79fec444b115bcbaca5c8d9c84b8328dd297193a89cb23b
82a714eed18ecef4daa162cd9dbde8dc79a9679ad93d1bb1cdce7ff35a468a95
8365cea3e277750cd7203e673596d77ce0cca27d97a30365408e440fdf673424
83deb3635d61dd68b123e5f1f2de9ef814d7cbdcd7cd66c27f65bde46cc67b14
85546fc1dc5bd86a9db3f5d39e5cbc0dd92106c5e67c147d78eddf19b3f13a2b
8555fd4d9b084d0196daff5bcd75bff3931dec40f27ba33b5ab400ac9d90ceb7
856b7627332054da5d97c14110a9d32817707ce60898c83d97004a7268858d60
8af0f28e8f1cd2fda8d4772a6498c611b1e5aacf9f3b96e899ec84835ee1c318
8b4e40ffeea4f88fa78707ac8a7aa1beefb4f707d7bba71eb8b0e40ce20fbc94
8e80a956746138fb3d21530abe97f5c31151f7f9c18a890dbdfe72bd894bc179
996993bfeb7cd9c381255c28e21b63f2c391ef090fe0266f016991eb8e3efdd8
9bc0b41d96faf37f1a7392d804ad6cb2b980be26596753761024b7d3d9bb79de
9ca5d9e3fdf8cb86198a17a581e3f4539c36bdef2215e1c6e36e56803bdaacd0
9ed4919d8289e7eef10aa9eac027a166480a0dec03cadd53a9500ddb4d1df101
9f0ba14d68720662af89710c734d891e366f76d112cde586acff801dd1478102
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a08056113cbf9d831ca00389bf35cacfcb12ccde6b1a253002454d02b5f36fb6
a231c8c9b85655bd11127d15c1fe0692cf75405dfb436a2614a581caf175453b
a41620a90c460d71993a408748ecc6be5bd243708f42d7289fbb45a2860dc153
a6a1ed316cff00c589d70f9097c34efb0dceb6771bd544a9461ad0f61bde0443
aa300a570cc50f33f0dbe6fa43169017bb99a2518e002f72b5a445ae07f7edc7
acfe7f0e44d91d11d308eaa498d205aec0eb9a113bee8d799981536b626734ce
aeda35e84e3a21c879e8720c4ff98ddb3f0034a316ad2bae6f65fb43d9088ebe
af603036bcd8aface2e4c4ae1e6e8700e4b655fc2492f167cf34f5d397ff7d3d
afcb75952f910e74a87f9c7154e98bd1d3321452a2ff7ddf63eb22dd5f652c7b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b257d5d9d3e857f54d63ff3c6139e086e5c8ca31ab501a7da4b21edd22bdf78a
b260c616a6d660b3ae76f05922d6608e49cfc3ab869e7ca1f603f0f72cea7930
b2c6e114d26c42d9a678f0a81a15c8c876fde4b711e852ce7e9735f90bdef370
b6514f1a7a8a2e6357f713fe366123e6ac746b99a68463a34a324531ca3d1c81
b7c9d306bb08ff848ecf8ecf5a043a8d566be5b87d0fc07503917db9ad38bcbc
b9f24416dc04e9b661270520183a4080ef0bc4862be4043278716f6debe2d0ec
ba038dd5fa8b74a78473b3889998b2e0b25c5cf740e4d2d899ab0e7e728ab70c
bc042e9d04bdf6921dabdc0d445afab738642de484bea10cfad9b7bff4565f84
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c438c413fbad7c509b936b0866b354ca6efc56e64bac35fa2127ea1339210a4e
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cddb1662fd924babf178dd0a7ffdce4f368726d1b20ed93bb18a29f81951ce0a
d21803ddac2c626338f5740a636fe951da54ff17a683b3333dcfeb8addc46edd
d2199f97f4c2cce9e6babc81cccfd0952580f6418f6829458264e1e7a85668d3
d525ce755c835bdf1d5fac23b33db7157028ae7a5013404a92d252eefe551e45
dc60e6f6e60e1cc56e2ebfc8d51811b55fc04a29e0a383dfceba765c2e870ba6
dd6d8c66459f7e8833acec381118440961ddd6c8f1aa8ca79a39aab3408bd3d3
de16fd70e645265335ce7453f787726ee7c95d9d379d9759eea0a48d99d28913
de22b749dfb9461f4308fddfbc79f0b636f78f4add1e26a481fdd23be02cb3c7
e03216b243eef625fa11267045934a1bf9bbd079ffb1b96c472ed76b6c07deb1
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb41b019613aa88688529bdb45c6496a238f4496d51e9077e2b69ba01102006a
eba7a7a39459c37cc784afeb2ef1613d0b046b4e1988984fd2f801b568cb7a08
ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb
ed9f95fa0e7551e2ed988e3e31066ccc1d169b992ba04a76f1fc00d8e219654d
ee0cc967bc3c04a443424ba76e45144612dc6c1d79697d242f2b05838af5c475
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d0cfc322eef2504a71973cdccf2a6b0d2ed6cadf8c2ee812b0f57cfc91f49a
f213670540bb1242ae99af82415cf82d8fcc4fb8d4efd2de8cfc99aeb2f0d7e3
f2a07539fc73368c642559b37f67f0a60d6e759419e4ca880eea809b0882fe6a
f332312fa73edcbedb64d5fffd35d8254d9347d5f5e721fc50ae2c30cd762643
f5b2b6f1e352f3575c381f47f2bb0aba701b7cf5b36f5cc9e689e607d375c370
f6135796cbdc91d896457d04e673761aaf6e3b54f51b8dc2162c30a523a81b64
f82981d361d0f65315c7326b33ffa0428635479dd48dd1df4785c19126f37556
f999b666b45cd6b584b91655f22e7198716c2add9dca93d80e0161bfeffb5b40
fc1f5610c96200875fb98043688653e3edeb19c69d4037823918a573eca2c9ed
fd2d1247f07ea39b38e3f409b1c1391691971f2a3ae1d93efd8436e898cb95ba
ffe96b98423bb7a4e0ca465361afca090f1896831face3abdbd51365e6675c1a
fff7144fa7e0efc47824ffc51e4c5dbaffaacfd04b89193aaebdb226ca1e3494

a2zapk.io Open in urlscan Pro 2606:4700:20::ac43:4b79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

352 Requests

91 %HTTPS

49 %IPv6

29 Domains

39 Subdomains

37 IPs

6 Countries

3309 kBTransfer

7555 kBSize

25 Cookies

13 Outgoing links

Page URL History

Redirected requests

352 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

a2zapk.io Open in urlscan Pro
2606:4700:20::ac43:4b79 Public Scan

Screenshot
Live screenshot

Full Image

352
Requests

91 %
HTTPS

49 %
IPv6

29
Domains

39
Subdomains

37
IPs

6
Countries

3309 kB
Transfer

7555 kB
Size

25
Cookies

352 HTTP transactions
5 data transactions