www.apronus.com Open in urlscan Pro
198.143.149.154  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

• https://ads.aralego.com/cookiesync HTTP 301
• https://cdn.aralego.net/ucfad/sdk/us-east/cookiesync

Request Chain 92

• https://sync.aralego.com/idsync HTTP 302
• https://pr-bh.ybp.yahoo.com/sync/ucfunnel/bb1b43a8-7775-3356-9b1d-ba19449dcf24?gdpr=0&euconsent= HTTP 302
• https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-bJ40.gdE2oX5.egEsGEKiu6E8m5uakBj2OWeADc-~A&redirect= HTTP 302
• https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=bb1b43a8-7775-3356-9b1d-ba19449dcf24&gdpr=0&gdpr_consent= HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=ucfunnel&user_id=bb1b43a8-7775-3356-9b1d-ba19449dcf24&gdpr=0&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=ucfunnel&bsw_param=fe166592-fa01-4925-88c0-dbf69d880536&google_hm=ZmUxNjY1OTItZmEwMS00OTI1LTg4YzAtZGJmNjlkODgwNTM2 HTTP 302
• https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJoySOw-dbeTOlzLRPuyzSU&google_cver=1&ssp=ucfunnel&bsw_param=fe166592-fa01-4925-88c0-dbf69d880536 HTTP 302
• https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=fe166592-fa01-4925-88c0-dbf69d880536 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=YmIxYjQzYTgtNzc3NS0zMzU2LTliMWQtYmExOTQ0OWRjZjI0&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
• https://cdn.aralego.net/img/1x1.png

Request Chain 97

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIo-VSgVavUwfDmvMEv028Q&google_cver=1

Request Chain 98

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWXwklv1mXIiS-GUM5MtxQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXGfEGlplpCLZlB3jVPi1I&google_cver=1

Request Chain 99

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEL4RwVQmpZcezpGoJy2opZA&google_cver=1

Request Chain 100

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUxMzA0MTY3NDIyODQ5MzIzNQ%3D%3D

Request Chain 101

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIo-VSgVavUwfDmvMEv028Q&google_cver=1

Request Chain 102

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWXwklv1mXIiS-GUM5MtxQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXGfEGlplpCLZlB3jVPi1I&google_cver=1

Request Chain 103

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEL4RwVQmpZcezpGoJy2opZA&google_cver=1

Request Chain 104

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUxMzA0MTY3NDIyODQ5MzIzNQ%3D%3D

Request Chain 117

• https://dmg.digitaltarget.ru/1/7205/i/i?a=945&e=6c53b3f3-d0be-4a0c-87d0-f414da8b1a42&i=1634070674 HTTP 307
• https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=6c53b3f3-d0be-4a0c-87d0-f414da8b1a42&i=1634070674

Request Chain 118

• https://sync.search.spotxchange.com/partner?adv_id=273596&uid=6c53b3f3-d0be-4a0c-87d0-f414da8b1a42 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=273596&uid=6c53b3f3-d0be-4a0c-87d0-f414da8b1a42&__user_check__=1&sync_id=58b144a5-2b9b-11ec-b29d-1a3233820506

Request Chain 133

• https://c1.adform.net/serving/cookie/match?party=14&cid=DDC05B62-038D-4F46-9515-1B2605F0247D HTTP 302
• https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DDC05B62-038D-4F46-9515-1B2605F0247D

Request Chain 134

• https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
• https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3370765163728087878

Request Chain 137

• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3cBbYgONT0aVFRsmBfAkfQ%3D%3D HTTP 302
• https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 138

• https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
• https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e5d66165-f092-4c00-aa33-d0f0425fcf1f

Request Chain 139

• https://pixel.onaudience.com/?partner=214&mapped=DDC05B62-038D-4F46-9515-1B2605F0247D HTTP 302
• https://pixel.onaudience.com/?partner=236&icm&cver&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
• https://ps.eyeota.net/pixel?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=170a260c07fa8d9e HTTP 302
• https://ps.eyeota.net/pixel/bounce/?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=170a260c07fa8d9e HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjNJUUFxMGtaVjNSY241dUYxVEJKbE1BelFBSXZmanV4Q0dIYTN1YjBrZU0&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
• https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&referrer_pid=3b2cb90&google_gid=CAESEPtu0V1dbZUSuT6BvOmrLb0&google_cver=1 HTTP 302
• https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
• https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7853205594747228375&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
• https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 HTTP 302
• https://ps.eyeota.net/match?bid=7vi0rg0&uid=48906165-f092-4a00-a8c3-357cb9be73c3&dc_rc=3&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
• https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90&_test=YWXwkwAIlMaD5gAR HTTP 302
• https://ps.eyeota.net/match?uid=YWXwkwAIlMaD5gAR&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90&_test=YWXwkwAIlMaD5gAR HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
• https://ps.eyeota.net/match?uid=cecb464a-8209-42a1-9c20-b5ce3d72e3e1&bid=1e2n4ou

Request Chain 140

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RERDMDVCNjItMDM4RC00RjQ2LTk1MTUtMUIyNjA1RjAyNDdE&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 141

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ933L30aEX8US1_36ETG14&google_cver=1

Request Chain 143

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cecb464a-8209-42a1-9c20-b5ce3d72e3e1

Request Chain 144

• https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
• https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7684729538568214549

Request Chain 145

• https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:48906165-f092-4a00-a8c3-357cb9be73c3&gdpr=0&gdpr_consent=

Request Chain 146

• https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4513041674228493235&gdpr=0&gdpr_consent=

Request Chain 147

• https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MVdOs2FWQbUqVBy0NldVtT4ESuUqURq_M1LhEzBj

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
11 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request flashpiano.htm Show response www.apronus.com/music/	113 KB 27 KB	646ms 316ms	Document text/html	198.143.149.154 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Full URL https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.143.149.154 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS pcluster09.stablehost.com Software LiteSpeed / Resource Hash ebf6573231652f0f25a8cfcfb9dfb01c9301d0c109bfbcb82255627d88e9ebe5 Request headers :method GET :authority www.apronus.com :scheme https :path /music/flashpiano.htm pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-type text/html; charset=UTF-8 cache-control public, max-age=0 expires Tue, 12 Oct 2021 20:31:12 GMT content-encoding br vary Accept-Encoding date Tue, 12 Oct 2021 20:31:12 GMT server LiteSpeed alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	80ms 24ms	Script text/javascript	142.250.185.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f14.1e100.net Software Golfe2 / Resource Hash fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 28 Sep 2021 21:34:48 GMT server Golfe2 age 6256 date Tue, 12 Oct 2021 18:46:57 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19887 expires Tue, 12 Oct 2021 20:46:57 GMT
GET H2	200	load.js Show response amer.viadata.store/tag/	9 KB 6 KB	493ms 167ms	Script application/javascript	173.237.60.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://amer.viadata.store/tag/load.js?sid=104222 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.237.60.36 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash fa7899f5b5b9f49ca72dd1623439a264fbfcfbe34ff4be38fae278f281f3620b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:13 GMT content-encoding gzip x-content-type-options nosniff server nginx strict-transport-security max-age=31536000 content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 vary Accept-Encoding
GET H2	200	Eb3.mp3 Show response www.apronus.com/static/piano7sounds/	12 KB 12 KB	157ms 156ms	XHR audio/mpeg	198.143.149.154 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Full URL https://www.apronus.com/static/piano7sounds/Eb3.mp3 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.143.149.154 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS pcluster09.stablehost.com Software LiteSpeed / Resource Hash 609b460a752322be83329e3983173ef43e61c34b65ccae49f425831b5d7f8fa8 Request headers :path /static/piano7sounds/Eb3.mp3 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority www.apronus.com referer https://www.apronus.com/music/flashpiano.htm :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/music/flashpiano.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:12 GMT last-modified Thu, 02 Mar 2017 11:43:26 GMT server LiteSpeed etag "2f21-58b8055e-740ab07d706af70b;;;" content-type audio/mpeg cache-control public, max-age=2592000 accept-ranges bytes content-length 12065 expires Thu, 11 Nov 2021 20:31:12 GMT
GET H2	200	Bb3.mp3 Show response www.apronus.com/static/piano7sounds/	12 KB 12 KB	311ms 310ms	XHR audio/mpeg	198.143.149.154 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Full URL https://www.apronus.com/static/piano7sounds/Bb3.mp3 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.143.149.154 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS pcluster09.stablehost.com Software LiteSpeed / Resource Hash 53bb6bdbb6dc194860c9ce75777e4da9670c7667e64596dccb4f1e4adde8b7ad Request headers :path /static/piano7sounds/Bb3.mp3 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority www.apronus.com referer https://www.apronus.com/music/flashpiano.htm :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/music/flashpiano.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:12 GMT last-modified Thu, 02 Mar 2017 11:43:25 GMT server LiteSpeed etag "2f21-58b8055d-3b783fcd3df648f;;;" content-type audio/mpeg cache-control public, max-age=2592000 accept-ranges bytes content-length 12065 expires Thu, 11 Nov 2021 20:31:12 GMT
GET H2	200	F4.mp3 Show response www.apronus.com/static/piano7sounds/	12 KB 12 KB	312ms 311ms	XHR audio/mpeg	198.143.149.154 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Full URL https://www.apronus.com/static/piano7sounds/F4.mp3 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.143.149.154 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS pcluster09.stablehost.com Software LiteSpeed / Resource Hash 329087fc9494f9e6d84a0d881cbf6c820a2b3b205c44b54644ca5615dda01520 Request headers :path /static/piano7sounds/F4.mp3 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority www.apronus.com referer https://www.apronus.com/music/flashpiano.htm :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/music/flashpiano.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:12 GMT last-modified Thu, 02 Mar 2017 11:43:26 GMT server LiteSpeed etag "2f21-58b8055e-b191fd3299082445;;;" content-type audio/mpeg cache-control public, max-age=2592000 accept-ranges bytes content-length 12065 expires Thu, 11 Nov 2021 20:31:12 GMT
GET H2	200	C5.mp3 Show response www.apronus.com/static/piano7sounds/	12 KB 12 KB	312ms 311ms	XHR audio/mpeg	198.143.149.154 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Full URL https://www.apronus.com/static/piano7sounds/C5.mp3 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.143.149.154 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS pcluster09.stablehost.com Software LiteSpeed / Resource Hash f4e542755f38e052a5b9004a0de755c5ea121bf08c32e3e94e8d7c3f26c6cbc5 Request headers :path /static/piano7sounds/C5.mp3 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority www.apronus.com referer https://www.apronus.com/music/flashpiano.htm :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/music/flashpiano.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:12 GMT last-modified Thu, 02 Mar 2017 11:43:25 GMT server LiteSpeed etag "2f21-58b8055d-f6a29fe3ecc42ba6;;;" content-type audio/mpeg cache-control public, max-age=2592000 accept-ranges bytes content-length 12065 expires Thu, 11 Nov 2021 20:31:12 GMT
GET H2	200	G5.mp3 Show response www.apronus.com/static/piano7sounds/	12 KB 12 KB	312ms 312ms	XHR audio/mpeg	198.143.149.154 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Full URL https://www.apronus.com/static/piano7sounds/G5.mp3 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.143.149.154 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS pcluster09.stablehost.com Software LiteSpeed / Resource Hash 46e006eddb68e30ca2a85d13eb864fe5bdb984f7a4571455d3d87c58b30bab35 Request headers :path /static/piano7sounds/G5.mp3 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority www.apronus.com referer https://www.apronus.com/music/flashpiano.htm :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/music/flashpiano.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:12 GMT last-modified Thu, 02 Mar 2017 11:43:26 GMT server LiteSpeed etag "2f21-58b8055e-cd3459759a1996b7;;;" content-type audio/mpeg cache-control public, max-age=2592000 accept-ranges bytes content-length 12065 expires Thu, 11 Nov 2021 20:31:12 GMT
GET H2	200	Ab2.mp3 Show response www.apronus.com/static/piano7sounds/	12 KB 12 KB	434ms 432ms	XHR audio/mpeg	198.143.149.154 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Full URL https://www.apronus.com/static/piano7sounds/Ab2.mp3 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.143.149.154 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS pcluster09.stablehost.com Software LiteSpeed / Resource Hash e56194fe92b99718d1b3494844af4a7039e22fd19225e95adbced313e9926b70 Request headers :path /static/piano7sounds/Ab2.mp3 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority www.apronus.com referer https://www.apronus.com/music/flashpiano.htm :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/music/flashpiano.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:12 GMT last-modified Thu, 02 Mar 2017 11:43:24 GMT server LiteSpeed etag "2f21-58b8055c-9d8029802a86026b;;;" content-type audio/mpeg cache-control public, max-age=2592000 accept-ranges bytes content-length 12065 expires Thu, 11 Nov 2021 20:31:12 GMT
GET H2	200	Db2.mp3 Show response www.apronus.com/static/piano7sounds/	12 KB 12 KB	434ms 433ms	XHR audio/mpeg	198.143.149.154 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Full URL https://www.apronus.com/static/piano7sounds/Db2.mp3 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.143.149.154 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS pcluster09.stablehost.com Software LiteSpeed / Resource Hash 8cf7f132a04e4d02426234206f4deedfa9d44adffd841b38dccbcdd8e4c6c8c3 Request headers :path /static/piano7sounds/Db2.mp3 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority www.apronus.com referer https://www.apronus.com/music/flashpiano.htm :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/music/flashpiano.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:12 GMT last-modified Thu, 02 Mar 2017 11:43:25 GMT server LiteSpeed etag "2f21-58b8055d-5c86c4865bb075ff;;;" content-type audio/mpeg cache-control public, max-age=2592000 accept-ranges bytes content-length 12065 expires Thu, 11 Nov 2021 20:31:12 GMT
GET H2	200	D6.mp3 Show response www.apronus.com/static/piano7sounds/	12 KB 12 KB	434ms 433ms	XHR audio/mpeg	198.143.149.154 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Full URL https://www.apronus.com/static/piano7sounds/D6.mp3 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.143.149.154 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS pcluster09.stablehost.com Software LiteSpeed / Resource Hash 96d5804285a88e471ac55a33416994cab79e59df8b3fb68729474ab20476af45 Request headers :path /static/piano7sounds/D6.mp3 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority www.apronus.com referer https://www.apronus.com/music/flashpiano.htm :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/music/flashpiano.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:12 GMT last-modified Thu, 02 Mar 2017 11:43:25 GMT server LiteSpeed etag "2f21-58b8055d-e768129377c3032c;;;" content-type audio/mpeg cache-control public, max-age=2592000 accept-ranges bytes content-length 12065 expires Thu, 11 Nov 2021 20:31:12 GMT
GET H2	200	A6.mp3 Show response www.apronus.com/static/piano7sounds/	12 KB 12 KB	435ms 433ms	XHR audio/mpeg	198.143.149.154 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Full URL https://www.apronus.com/static/piano7sounds/A6.mp3 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.143.149.154 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS pcluster09.stablehost.com Software LiteSpeed / Resource Hash 359d5eb822e2470bd2f84a636433ae4accc14978694ef5b3b0e654f1c64163dd Request headers :path /static/piano7sounds/A6.mp3 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority www.apronus.com referer https://www.apronus.com/music/flashpiano.htm :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/music/flashpiano.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:12 GMT last-modified Thu, 02 Mar 2017 11:43:24 GMT server LiteSpeed etag "2f21-58b8055c-3072a911a470e1b4;;;" content-type audio/mpeg cache-control public, max-age=2592000 accept-ranges bytes content-length 12065 expires Thu, 11 Nov 2021 20:31:12 GMT
GET H2	200	Gb1.mp3 Show response www.apronus.com/static/piano7sounds/	12 KB 12 KB	435ms 434ms	XHR audio/mpeg	198.143.149.154 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Full URL https://www.apronus.com/static/piano7sounds/Gb1.mp3 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.143.149.154 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS pcluster09.stablehost.com Software LiteSpeed / Resource Hash 6c9ad41cf37f43d9eff7be9addb3fccec5c4e165875f5660f3230dab006c7de9 Request headers :path /static/piano7sounds/Gb1.mp3 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority www.apronus.com referer https://www.apronus.com/music/flashpiano.htm :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/music/flashpiano.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:12 GMT last-modified Thu, 02 Mar 2017 11:43:26 GMT server LiteSpeed etag "2f21-58b8055e-8babdc9355ccbc85;;;" content-type audio/mpeg cache-control public, max-age=2592000 accept-ranges bytes content-length 12065 expires Thu, 11 Nov 2021 20:31:12 GMT
GET H2	200	C1.mp3 Show response www.apronus.com/static/piano7sounds/	12 KB 12 KB	435ms 434ms	XHR audio/mpeg	198.143.149.154 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Full URL https://www.apronus.com/static/piano7sounds/C1.mp3 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.143.149.154 , United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS pcluster09.stablehost.com Software LiteSpeed / Resource Hash 042a97864f659c19112217999584c6631372af7381241a018891829149106254 Request headers :path /static/piano7sounds/C1.mp3 pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority www.apronus.com referer https://www.apronus.com/music/flashpiano.htm :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/music/flashpiano.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:12 GMT last-modified Thu, 02 Mar 2017 11:43:25 GMT server LiteSpeed etag "2f21-58b8055d-f820eefd3eb47911;;;" content-type audio/mpeg cache-control public, max-age=2592000 accept-ranges bytes content-length 12065 expires Thu, 11 Nov 2021 20:31:12 GMT
GET H2	200	aaw.apns.js Show response cdn.adapex.io/hb/	513 KB 140 KB	79ms 34ms	Script application/javascript	172.67.154.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.adapex.io/hb/aaw.apns.js Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.154.237 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad99a3f4dbe6cccdec19368fb677bdc403043f9ae21a08ec31085766a5ee6777 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:13 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 49164 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Tue, 12 Oct 2021 06:45:35 GMT server cloudflare etag W/"61652f0f-804d4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9f93xk7JSMJRznmExdFmCMErOK7SKV9ulNL6sy2U97Stp%2BLV%2BcQ16YQFQGXlnCCkhxBHeDDZK181uFs%2FvJdQU2v8hKnMN%2BRHbgzVynY1uenEDvXDCyhDySVIwAqr9SC3"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 cf-ray 69d3172cd83c402b-CDG expires Wed, 13 Oct 2021 06:46:37 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 207 B	31ms 31ms	XHR text/plain	142.250.185.142 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j94&aip=1&a=330764489&t=pageview&_s=1&dl=https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm&ul=en-us&de=UTF-8&dt=Virtual%20Piano%20Keyboard%20%7C%20Online%20Piano%20at%20Apronus.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=853578661&gjid=2112322232&cid=180617585.1634070673&tid=UA-90959-2&_gid=2111715205.1634070673&_r=1&_slc=1&z=1359951166 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f14.1e100.net Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:13 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.apronus.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	79 KB 27 KB	88ms 36ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software sffe / Resource Hash 79c928baf51d927bb162e00695b60b43e67ec77b792dafaa402089952a4fe1be Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:13 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1014 / 596 of 1000 / last-modified: 1634068217" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27027 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 12 Oct 2021 20:31:13 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	133 KB 36 KB	64ms 46ms	Script application/javascript	143.204.95.188 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.95.188 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-95-188.fra50.r.cloudfront.net Software Server / Resource Hash da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-amz-version-id zTpXqDhrs..xkKPVKkqB8HVtw0cnTzHi content-encoding gzip etag e2b905aea413c4d7479fb2bb9cbc6c65 age 366 x-cache Hit from cloudfront server Server x-amz-rid 0Y87M6MJGS8NKW7M587V date Tue, 12 Oct 2021 20:25:13 GMT vary Accept-Encoding content-type application/javascript via 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront) cache-control public, max-age=900 x-amz-cf-pop FRA50-C1 accept-ranges bytes timing-allow-origin * x-amz-cf-id kjijxr7MsNftXu5WF8ZufjJBfLlrM4pR69pNwGrYq-T2w3mfAqCt4A==
GET H2	200	config Show response c.amazon-adsystem.com/cdn/prod/	979 B 1 KB	14ms 13ms	XHR application/json	143.204.95.188 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.95.188 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-95-188.fra50.r.cloudfront.net Software Server / Resource Hash 40bfeddf51790efa2cbcbdb7562ab5d68dffbc272eb7393a63d42bd42d423cf5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:28:22 GMT via 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront) server Server age 7371 x-cache Hit from cloudfront content-type application/json;charset=UTF-8 access-control-allow-origin https://www.apronus.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-pop FRA50-C1 content-length 979 x-amz-cf-id TsbfwZOPtvetvuirJL1op0Jo5fy-opAK4av6HcN3zvgSi1yCzWLFuQ==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	25ms 9ms	XHR application/javascript	143.204.95.188 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.95.188 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-95-188.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-amz-version-id c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69 content-encoding gzip etag W/"a4d296427fc806b21335359e398c025c" age 66088 x-cache Hit from cloudfront access-control-max-age 3000 access-control-allow-origin * last-modified Thu, 07 Oct 2021 01:02:33 GMT server AmazonS3 date Tue, 12 Oct 2021 02:09:46 GMT vary Origin access-control-allow-methods GET content-type application/javascript via 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop FRA50-C1 x-amz-cf-id -Mwi8u5ky2CGBM0tg519Xzab1Wq1VIVrQK8U4d8bngWvC3BEOVlKfA==
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/	58 B 527 B	51ms 51ms	XHR text/javascript	143.204.95.188 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm&pid=c462MufAw9nsC&cb=0&ws=1600x1200&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%221024x250%22%2C%22970x250%22%2C%22970x90%22%2C%22728x250%22%2C%22728x90%22%2C%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F232881841%2FAPNS_728v_5%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22120x600%22%2C%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F232881841%2FAPNS_160v_2%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs467%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.95.188 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-95-188.fra50.r.cloudfront.net Software Server / Resource Hash a1467c6ed682df808cf830c429ebaec42c32c2033369aa48446fb9e7f592769d Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:13 GMT via 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA50-C1 x-amz-rid 725REBTFC47VYPG3S0Q1 vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://www.apronus.com access-control-allow-credentials true permissions-policy interest-cohort=() strict-transport-security max-age=47474747; includeSubDomains; preload timing-allow-origin * content-length 58 x-amz-cf-id k7wztCtP5Ob65MCzcx-d-gn6joHMxrpqyEO9QUo6Ul__8dZOBPtNBg==
POST H/1.1	200 OK	auction Show response prebid.adnxs.com/pbs/v1/openrtb2/	7 KB 5 KB	388ms 347ms	XHR application/json	37.252.161.190 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://prebid.adnxs.com/pbs/v1/openrtb2/auction Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.252.161.190 Islington, United Kingdom, ASN29990 (ASN-APPNEX, US), Reverse DNS prebid.ams1.adnexus.net Software nginx/1.19.0 / Resource Hash 15184e789d2f8211c17ecb96b77eeaba85aad9f16c5ab93649e233081d4e68a3 Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Tue, 12 Oct 2021 20:31:14 GMT Content-Encoding gzip Server nginx/1.19.0 Vary Accept-Encoding, Origin Content-Type application/json Access-Control-Allow-Origin https://www.apronus.com Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Transfer-Encoding chunked Expires 0
GET H2	200	arj Show response digikulture-d.openx.net/w/1.0/	173 B 559 B	73ms 31ms	XHR application/json	34.98.64.218 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://digikulture-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e2e7842c-3077-4ffa-afb5-b9107d896d23%2C2c3d10d3-7b44-4728-aa0f-6fc1ad2c002f&nocache=1634070673628&pubcid=ea731fde-9631-4338-8247-d3087cc378c6&schain=1.0%2C1!adapex.io%2Cs467%2C1%2C%2C%2C&aus=1024x250%2C970x250%2C970x90%2C728x250%2C728x90%2C336x280%2C300x250%7C300x600%2C160x600%2C120x600%2C300x250%2C336x280&divids=33390555-8f99-479e-b315-ff6e8b5e06b3%2Cbc0a767c-6b9c-4443-9d99-4f0076fb6ec5&aucs=%252F232881841%252FAPNS_728v_5%2C%252F232881841%252FAPNS_160v_2&auid=541199308%2C541199309&aumfs=10%2C10 Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/16.217.0 / Resource Hash 0f90f1b51490ff95079b4d06ea8e476d050c0f94be868dab434cc413aa9a81da Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:13 GMT content-encoding gzip server OXGW/16.217.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin https://www.apronus.com cache-control private, max-age=0, no-cache access-control-allow-credentials true content-type application/json alt-svc clear content-length 163 via 1.1 google expires Mon, 26 Jul 1997 05:00:00 GMT
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 116 B	62ms 25ms	XHR text/plain	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.apronus.com date Tue, 12 Oct 2021 20:31:13 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/	250 B 931 B	47ms 14ms	XHR application/json	185.33.221.89 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 5b0cbcacfe3d681aedf999d53003af15909f88a4c73d0628d5b0b6de3aa00445 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Tue, 12 Oct 2021 20:31:13 GMT X-Proxy-Origin 216.131.111.33; 216.131.111.33; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 91ea059a-c143-4a88-a214-fe529c75e81f Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.apronus.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 250 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	204	prebid Show response ads.yieldmo.com/exchange/	0 225 B	100ms 30ms	XHR text/plain	99.80.189.205 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.yieldmo.com/exchange/prebid?pbav=5.17.0&p=%5B%7B%22placement_id%22%3A%2233390555-8f99-479e-b315-ff6e8b5e06b3%22%2C%22callback_id%22%3A%2236b7a9dbcd0c7d4%22%2C%22sizes%22%3A%5B%5B1024%2C250%5D%2C%5B970%2C250%5D%2C%5B970%2C90%5D%2C%5B728%2C250%5D%2C%5B728%2C90%5D%2C%5B336%2C280%5D%2C%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222520456920075018860%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F232881841%2FAPNS_728v_5%22%7D%2C%7B%22placement_id%22%3A%22bc0a767c-6b9c-4443-9d99-4f0076fb6ec5%22%2C%22callback_id%22%3A%2237f9f88c1272a11%22%2C%22sizes%22%3A%5B%5B300%2C600%5D%2C%5B160%2C600%5D%2C%5B120%2C600%5D%2C%5B300%2C250%5D%2C%5B336%2C280%5D%5D%2C%22ym_placement_id%22%3A%222520456919965966955%22%2C%22bidFloor%22%3A0.01%2C%22gpid%22%3A%22%2F232881841%2FAPNS_160v_2%22%7D%5D&page_url=https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm&bust=1634070673635&pr=&scrd=1&dnt=false&description=Our%20virtual%20piano%20lets%20you%20play%20piano%20online%20with%20the%20computer%20keyboard%20using%20a%20real%20piano%20keys%20layout.%0AOur%20online%20piano%20lets%20you%20play%20chords%20and%20make%20recordings.&title=Virtual%20Piano%20Keyboard%20%7C%20Online%20Piano%20at%20Apronus.com&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=ea731fde-9631-4338-8247-d3087cc378c6&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s467%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ea731fde-9631-4338-8247-d3087cc378c6%22%2C%22atype%22%3A1%7D%5D%7D%5D Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.80.189.205 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-80-189-205.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.apronus.com pragma no-cache date Tue, 12 Oct 2021 20:31:13 GMT access-control-allow-credentials true x-robots-tag none,NOINDEX,NOFOLLOW access-control-allow-methods POST, GET, OPTIONS access-control-request-headers Cache-Control, Pragma
GET H2	200	cygnus Show response htlb.casalemedia.com/	25 B 374 B	210ms 182ms	XHR application/json	184.31.84.150 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?s=592441&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2238cae83d09729b8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm%22%2C%22domain%22%3A%22apronus.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22apronus.com%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A2%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A2%2C%22ren%22%3Afalse%2C%22version%22%3A%225.17.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22392a141a3209652%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1024%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22592441%22%2C%22dfp_ad_unit_code%22%3A%22%2F232881841%2FAPNS_728v_5%22%2C%22sid%22%3A%221024x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22592441%22%2C%22dfp_ad_unit_code%22%3A%22%2F232881841%2FAPNS_728v_5%22%2C%22sid%22%3A%22970x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22592441%22%2C%22dfp_ad_unit_code%22%3A%22%2F232881841%2FAPNS_728v_5%22%2C%22sid%22%3A%22970x90%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22592441%22%2C%22dfp_ad_unit_code%22%3A%22%2F232881841%2FAPNS_728v_5%22%2C%22sid%22%3A%22728x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22592441%22%2C%22dfp_ad_unit_code%22%3A%22%2F232881841%2FAPNS_728v_5%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22592441%22%2C%22dfp_ad_unit_code%22%3A%22%2F232881841%2FAPNS_728v_5%22%2C%22sid%22%3A%22336x280%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22592441%22%2C%22dfp_ad_unit_code%22%3A%22%2F232881841%2FAPNS_728v_5%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%2246433623f57bd35%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22592442%22%2C%22dfp_ad_unit_code%22%3A%22%2F232881841%2FAPNS_160v_2%22%2C%22sid%22%3A%22300x600%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22592442%22%2C%22dfp_ad_unit_code%22%3A%22%2F232881841%2FAPNS_160v_2%22%2C%22sid%22%3A%22160x600%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22592442%22%2C%22dfp_ad_unit_code%22%3A%22%2F232881841%2FAPNS_160v_2%22%2C%22sid%22%3A%22120x600%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22592442%22%2C%22dfp_ad_unit_code%22%3A%22%2F232881841%2FAPNS_160v_2%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22592442%22%2C%22dfp_ad_unit_code%22%3A%22%2F232881841%2FAPNS_160v_2%22%2C%22sid%22%3A%22336x280%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s467%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-31-84-150.deploy.static.akamaitechnologies.com Software Apache / Resource Hash ed4b9aad7fad7e1590d7e39f17ee1aabcd4116ad5dab9531abc0a57ff4d6c8b4 Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:13 GMT content-encoding gzip x-ak-initial-geo CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.111.33], XFF:[] server Apache vary Is-Traffic-Invalid,Accept-Encoding content-type application/json access-control-allow-origin https://www.apronus.com x-cs-client-geo 12 cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 45 x-ak-client-geo 12 expires Tue, 12 Oct 2021 20:31:13 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	480 B 2 KB	129ms 102ms	XHR application/json	69.173.144.140 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=327008&zone_id=1734722&size_id=15&alt_size_ids=2%2C16%2C55%2C57&rp_schain=1.0,1!adapex.io,s467,1,,,&eid_pubcid.org=ea731fde-9631-4338-8247-d3087cc378c6%5E1&rf=https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm&tg_i.ref=https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm&tg_i.page=https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm&tg_i.domain=apronus.com&tg_i.dfp_ad_unit_code=232881841%2FAPNS_728v_5&tg_i.pbadslot=232881841%2FAPNS_728v_5&tk_flint=pbjs_lite_v5.17.0&x_source.tid=e2e7842c-3077-4ffa-afb5-b9107d896d23&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&slots=1&rand=0.2002132348689849 Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 328e205d915e6f8207c16e11efe56ba32b96ad4c736f090de5ba253afbf959b6 Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Tue, 12 Oct 2021 20:31:13 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.apronus.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 480 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	485 B 2 KB	153ms 122ms	XHR application/json	69.173.144.140 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=327008&zone_id=1734726&size_id=15&alt_size_ids=9%2C8%2C10%2C16&rp_schain=1.0,1!adapex.io,s467,1,,,&eid_pubcid.org=ea731fde-9631-4338-8247-d3087cc378c6%5E1&rf=https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm&tg_i.ref=https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm&tg_i.page=https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm&tg_i.domain=apronus.com&tg_i.dfp_ad_unit_code=232881841%2FAPNS_160v_2&tg_i.pbadslot=232881841%2FAPNS_160v_2&tk_flint=pbjs_lite_v5.17.0&x_source.tid=2c3d10d3-7b44-4728-aa0f-6fc1ad2c002f&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&slots=1&rand=0.06664718678661585 Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 9382d83411913995018a58bbec4e71c1f7d107c64c3780f85f8f4bbd9f6f3600 Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Tue, 12 Oct 2021 20:31:13 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.apronus.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 485 Expires Wed, 17 Sep 1975 21:32:10 GMT
POST H2	200	hb Show response ssc.33across.com/api/v1/	66 B 149 B	144ms 112ms	XHR application/json	34.149.20.76 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssc.33across.com/api/v1/hb?guid=bXm_xWV6ur6OkzaKlId8sQ Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 76.20.149.34.bc.googleusercontent.com Software / 33Across Resource Hash b2e2abb2880b58f11f3fa7ba7f939907504a123df35b7b47679550d307ff2006 Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers date Tue, 12 Oct 2021 20:31:13 GMT content-encoding gzip status 200 OK x-powered-by 33Across vary Accept-Encoding, Origin content-type application/json; charset=utf-8 access-control-allow-origin https://www.apronus.com access-control-allow-credentials true alt-svc clear via 1.1 google
POST H2	200	hb Show response ssc.33across.com/api/v1/	66 B 298 B	139ms 107ms	XHR application/json	34.149.20.76 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssc.33across.com/api/v1/hb?guid=bT1S2MV6ur6OkzaKlId8sQ Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 76.20.149.34.bc.googleusercontent.com Software / 33Across Resource Hash 323707ec9baacd0dded346730afd212a5d7b6ed31592cbc1c41dccbe6801fb27 Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers date Tue, 12 Oct 2021 20:31:13 GMT content-encoding gzip status 200 OK x-powered-by 33Across vary Accept-Encoding, Origin content-type application/json; charset=utf-8 access-control-allow-origin https://www.apronus.com access-control-allow-credentials true alt-svc clear via 1.1 google
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 475 B	37ms 16ms	XHR application/json	35.157.246.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96912a017676d23203d2e7a9d50022&pos=8a96912a017676d23203d3349cd90038&cmd=bid&secure=1 Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-246-167.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.138 / Resource Hash 0aa48b10da4dcd3ebe1b59a0089af240ca710a0639a25950446945c6a5e8ef2a Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers Date Tue, 12 Oct 2021 20:31:13 GMT Server ATS/7.1.2.138 Age 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://www.apronus.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 475 B	35ms 14ms	XHR application/json	35.157.246.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96912a017676d23203d2e7a9d50022&pos=8a96912a017676d23203d335e8600039&cmd=bid&secure=1 Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-246-167.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.138 / Resource Hash 01f307aadbf5775f645c4ea0c779f087a3506b6a240a0ab0fb9daad7b19ef3a1 Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers Date Tue, 12 Oct 2021 20:31:13 GMT Server ATS/7.1.2.138 Age 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://www.apronus.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 475 B	37ms 16ms	XHR application/json	35.157.246.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96912a017676d23203d2e7a9d50022&pos=8a96912a017676d23203d3369c89003a&cmd=bid&secure=1 Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-246-167.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.138 / Resource Hash cade98d11ddefd232cf32d9367e8dd2a602917bc3ebcbdbcbaae92157b1871df Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers Date Tue, 12 Oct 2021 20:31:13 GMT Server ATS/7.1.2.138 Age 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://www.apronus.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 475 B	34ms 13ms	XHR application/json	35.157.246.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96912a017676d23203d2e7a9d50022&pos=8a96912a017676d23203d338152d003b&cmd=bid&secure=1 Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-246-167.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.138 / Resource Hash 85f1835f7ad346025b61b33352a0e85ce535d5a293920f4c3a6cbf6db64c3812 Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers Date Tue, 12 Oct 2021 20:31:13 GMT Server ATS/7.1.2.138 Age 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://www.apronus.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 475 B	36ms 15ms	XHR application/json	35.157.246.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96912a017676d23203d2e7a9d50022&pos=8a96912a017676d23203d338e202003c&cmd=bid&secure=1 Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-246-167.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.138 / Resource Hash 306d32a373d1c803b50ad828c0d5115b267d677089fc7db573a0ae8379ce71cf Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers Date Tue, 12 Oct 2021 20:31:13 GMT Server ATS/7.1.2.138 Age 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://www.apronus.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 475 B	35ms 14ms	XHR application/json	35.157.246.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96912a017676d23203d2e7a9d50022&pos=8a969c51017676cd4726d339a28a0062&cmd=bid&secure=1 Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-246-167.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.138 / Resource Hash d1686dd9d808b1b92861dbb6eb529805e31af9d18a69e95a49976463d9c53b2e Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers Date Tue, 12 Oct 2021 20:31:13 GMT Server ATS/7.1.2.138 Age 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://www.apronus.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 475 B	52ms 14ms	XHR application/json	35.157.246.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96912a017676d23203d2e7a9d50022&pos=8a969c51017676cd4726d33a59580063&cmd=bid&secure=1 Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-246-167.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.138 / Resource Hash 7eaff643edb65bf7706409385725e90dbd30b4618b916b3f91bb9f1e77c3a261 Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers Date Tue, 12 Oct 2021 20:31:13 GMT Server ATS/7.1.2.138 Age 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://www.apronus.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 475 B	52ms 16ms	XHR application/json	35.157.246.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96912a017676d23203d2e7a9d50022&pos=8a969c51017676cd4726d33b53900064&cmd=bid&secure=1 Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-246-167.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.138 / Resource Hash b498c9a8434f6872d99d1f10069032b9efb8c362ab0fc61568a7d34fe39d3e5c Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers Date Tue, 12 Oct 2021 20:31:13 GMT Server ATS/7.1.2.138 Age 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://www.apronus.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
GET H/1.1	200 OK	bidRequest Show response c2shb.ssp.yahoo.com/	62 B 475 B	50ms 13ms	XHR application/json	35.157.246.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96912a017676d23203d2e7a9d50022&pos=8a969515017676cd4eb7d33c1f58003c&cmd=bid&secure=1 Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-246-167.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.138 / Resource Hash 7774867ee8dcc4019e48b3b191c9b21b0b17f0373bba9070f5a8ebf9bfae5bd9 Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers Date Tue, 12 Oct 2021 20:31:13 GMT Server ATS/7.1.2.138 Age 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://www.apronus.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
GET H2	200	id5-api.js Show response cdn.id5-sync.com/api/1.0/	35 KB 10 KB	51ms 9ms	Script text/javascript	46.105.202.126 OVH
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/id5-api.js Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.202.126 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash 7a4f2c17fbc234dcb43c95d11382c86a1903046a906ddad00d57d3e582fdcbca Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding br x-cacheable Matched cache x-cdn-pop-ip 137.74.120.0/27 date Tue, 12 Oct 2021 19:50:51 GMT content-type text/javascript;charset=utf-8 cache-control max-age=3600 x-cdn-pop sbg content-disposition attachment;filename="id5-api.js" accept-ranges bytes content-length 10051 x-request-id 683902451
GET H3	200	pubads_impl_2021100701.js Show response securepubads.g.doubleclick.net/gpt/	366 KB 124 KB	62ms 33ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software sffe / Resource Hash 74e0705ba9740aea8c7f1f7a8e582ae656c55e1c8d047b212683fadb5e623fa7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:13 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 126551 x-xss-protection 0 last-modified Thu, 07 Oct 2021 08:38:34 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 12 Oct 2021 20:31:13 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	166 B 137 B	63ms 32ms	XHR application/json	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.apronus.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 6c616960f1f108b71b1f1b9fca9883f48b93156df14a0260dad5f6affb31f828 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Oct 2021 20:31:13 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 0 expires Tue, 12 Oct 2021 20:31:13 GMT
POST H/1.1	200	579.json Show response id5-sync.com/g/v2/	213 B 533 B	35ms 8ms	XHR application/json	141.95.3.10 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/579.json Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 141.95.3.10 , France, ASN16276 (OVH, FR), Reverse DNS p31.id5-sync.com Software / Resource Hash f757158792f73217e0a55c27ef58beba9d11f65b6b7cf20f33932cd17e7829c3 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://www.apronus.com Date Tue, 12 Oct 2021 20:31:13 GMT Access-Control-Allow-Credentials true Vary Origin Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains; preload Content-Type application/json;charset=UTF-8
GET H2	200	hls.js Show response uscdn.viadata.store/static/js/	235 KB 84 KB	322ms 315ms	Script application/javascript	173.237.60.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://uscdn.viadata.store/static/js/hls.js Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.237.60.36 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash edb48f47d769a51a21230739ab84880f5d7b12367a72f636e33cb178b0b3d746 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:13 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 28 Dec 2020 14:11:16 GMT server nginx etag W/"5fe9e784-3ab3e" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * access-control-allow-credentials true strict-transport-security max-age=31536000 access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET H2	200	userSync.js Show response ads.pubmatic.com/AdServer/js/	7 KB 3 KB	24ms 7ms	Script text/javascript	23.218.208.200 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/userSync.js Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-218-208-200.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:13 GMT content-encoding gzip last-modified Tue, 15 Jun 2021 06:08:14 GMT server Apache/2.2.15 (CentOS) etag "1300709-1af3-5c4c7cca9e573" vary Accept-Encoding p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control public, max-age=100412 accept-ranges bytes content-type text/javascript content-length 2267 expires Thu, 14 Oct 2021 00:24:45 GMT
GET H2	200	cookiesync Show response cdn.aralego.net/ucfad/sdk/us-east/ Redirect Chain https://ads.aralego.com/cookiesync https://cdn.aralego.net/ucfad/sdk/us-east/cookiesync	4 KB 5 KB	81ms 25ms	Script application/octet-stream	172.67.71.254 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.aralego.net/ucfad/sdk/us-east/cookiesync Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b187ec7d1a3bc1872cccad8972e4c27894f91e73e971f6cbfa45ec0a140cd06b Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:14 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1751 content-length 4454 last-modified Tue, 12 Oct 2021 07:50:50 GMT server cloudflare etag "61653e5a-1166" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iF%2Bdpc4AQoVjecN1QtnWzgwXa3VLRvd2MjxGywjoxHfbzBdE0Jm34HlqDeFHMhkecm5cj7NwBXENvtAhIMVOj23NWcmHbxPXtPJVxEKze7qMPT78FwsGwHYYjRs7F1M4yw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 access-control-allow-credentials true accept-ranges bytes cf-ray 69d317325dbc402b-CDG Redirect headers location https://cdn.aralego.net/ucfad/sdk/us-east/cookiesync connection close content-length 0
GET H2	200	/ Show response onetag-sys.com/usync/ Frame 537A	2 KB 823 B	24ms 7ms	Document text/html	51.89.9.252 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?pubId=7516a748d25c406 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip252.ip-51-89-9.eu Software / Resource Hash 37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers :method GET :authority onetag-sys.com :scheme https :path /usync/?pubId=7516a748d25c406 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.apronus.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ Response headers content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 731 strict-transport-security max-age=15552000
GET H2	200	code.js Show response amer.viadata.store/tag/	30 KB 16 KB	160ms 159ms	Script application/javascript	173.237.60.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://amer.viadata.store/tag/code.js Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.237.60.36 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash e812bcfc22c0680ffe4ede7aba069b7f67cefc425b81636eabf962100abede6c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:13 GMT content-encoding gzip x-content-type-options nosniff server nginx strict-transport-security max-age=31536000 content-type application/javascript cache-control public vary Accept-Encoding expires Wed, 13 Oct 2021 20:31:13 GMT
GET H2	200	site logs.viadata.store/req/	43 B 297 B	196ms 59ms	Image image/gif	23.111.115.244 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://logs.viadata.store/req/site?sid=104222&cid=0&uid=6c53b3f3-d0be-4a0c-87d0-f414da8b1a42&event=playerLoaded&cb=1634070673837 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:14 GMT x-content-type-options nosniff last-modified Tue, 12 Oct 2021 20:31:14 GMT server nginx strict-transport-security max-age=31536000 content-type image/gif cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-length 43 expires Wed, 11 Nov 1998 11:11:11 GMT
GET H2	200	210830.js Show response uscdn.viadata.store/js/player/ Frame 6F1F	180 KB 84 KB	294ms 294ms	Script application/javascript	173.237.60.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://uscdn.viadata.store/js/player/210830.js Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.237.60.36 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash a8d9b7d4230d33c693d11ebca3f0a5caaa527ba7718cf6fc761dd14b595bb84c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:14 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 03 Sep 2021 13:15:02 GMT server nginx etag W/"61321fd6-2cf94" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript access-control-allow-origin * access-control-allow-credentials true strict-transport-security max-age=31536000 access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	54ms 14ms	Preflight application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.apronus.com%2F&domain=www.apronus.com&cw=1&lsw=1 Protocol H2 Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers content-type Origin https://www.apronus.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache content-type application/json; charset=utf-8 expires 0 strict-transport-security max-age=31536000 access-control-allow-origin https://www.apronus.com access-control-allow-headers content-type access-control-allow-credentials true access-control-allow-methods GET server-processing-duration-in-ticks 1321 date Tue, 12 Oct 2021 20:31:13 GMT content-encoding gzip vary Accept-Encoding
GET H2	200	json Show response gum.criteo.com/sid/	345 B 623 B	41ms 15ms	XHR application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.apronus.com%2F&domain=www.apronus.com&cw=1&lsw=1 Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software / Resource Hash 40dce04904d585632da66483ff0ddeb4e74e71f455de428d363d5d7aacd75cdf Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/json Response headers pragma no-cache strict-transport-security max-age=31536000 content-encoding gzip date Tue, 12 Oct 2021 20:31:13 GMT vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://www.apronus.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 3155 expires 0
POST H/1.1	200	579.json Show response id5-sync.com/g/v2/	213 B 533 B	10ms 9ms	XHR application/json	141.95.3.10 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/579.json Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 141.95.3.10 , France, ASN16276 (OVH, FR), Reverse DNS p31.id5-sync.com Software / Resource Hash 3a6d521c2861c18f082e8577cbce741917335c853edab58825034faeb0b63a1e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://www.apronus.com Date Tue, 12 Oct 2021 20:31:13 GMT Access-Control-Allow-Credentials true Vary Origin Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains; preload Content-Type application/json;charset=UTF-8
GET		envelope api.rlcdn.com/api/identity/	0 0
GET H/1.1	204 No Content	any Show response idx.liadm.com/idex/prebid/	0 436 B	398ms 97ms	XHR text/plain	3.95.140.237 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://idx.liadm.com/idex/prebid/any Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.95.140.237 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-95-140-237.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://www.apronus.com Date Tue, 12 Oct 2021 20:31:13 GMT Access-Control-Allow-Credentials true Connection keep-alive trace-id ebaa12cc8738ac1b Strict-Transport-Security max-age=31536000; includeSubDomains
GET H2	200	id Show response id.crwdcntrl.net/	77 B 826 B	104ms 40ms	XHR application/json	52.30.140.199 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://id.crwdcntrl.net/id Requested by Host: cdn.adapex.io URL: https://cdn.adapex.io/hb/aaw.apns.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-140-199.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 72b590884a040fe56e43e1c5df625f7614ebea930bdbcdb4519332cbc6c1a9ab Request headers Referer https://www.apronus.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:14 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://www.apronus.com cache-control no-cache x-server 10.45.3.47 access-control-allow-credentials true content-type application/json;charset=utf-8 content-length 77 expires 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 853 B	87ms 29ms	Script application/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.apronus.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Oct 2021 20:31:14 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 570 B	68ms 21ms	Script application/javascript	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.apronus.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Oct 2021 20:31:14 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	25 KB 11 KB	331ms 326ms	XHR text/plain	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2151597431906072&correlator=1139093035174096&output=ldjh&impl=fifs&eid=31062664&vrg=2021100701&ptt=17&sc=1&sfv=1-0-38&ecs=20211012&iu_parts=232881841%2CAPNS_728v_5%2CAPNS_160v_2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=1024x250%7C970x250%7C970x90%7C728x250%7C728x90%7C336x280%7C300x250%2C300x600%7C160x600%7C120x600%7C300x250%7C336x280&prev_scp=refresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dsoberberlin.com%26hb_format%3Dbanner%26hb_source%3Ds2s%26hb_adid%3D675e258ac178706%26hb_size%3D970x250%26hb_pb%3D0.12%26hb_cache_path%3D%252Fpbc%252Fv1%252Fcache%26hb_cache_host%3Dprebid.ams1.adnxs-simple.com%26hb_bidder%3Dappnexus%26anh%3Dtrue%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dsoberberlin.com%26hb_format%3Dbanner%26hb_source%3Ds2s%26hb_adid%3D68edccaa6e2daab%26hb_size%3D300x600%26hb_pb%3D0.12%26hb_cache_path%3D%252Fpbc%252Fv1%252Fcache%26hb_cache_host%3Dprebid.ams1.adnxs-simple.com%26hb_bidder%3Dappnexus%26anh%3Dtrue&cust_params=wvr%3D3%26wie%3Dtop%26wrc%3Dfr%26gpt_l%3D300%26wrap_l%3D900%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D0%26id5idtest%3Dna%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D100%26waae%3D400%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D0s&cookie_enabled=1&bc=31&abxe=1&lmt=1634070674&dt=1634070674095&dlt=1634070673294&idt=515&frm=20&biw=1600&bih=1200&oid=2&adxs=166%2C1257&adys=526%2C36&adks=3138569590%2C3261421473&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1234x34%7C336x34&msz=1024x18%7C336x0&ga_vid=180617585.1634070673&ga_sid=1634070674&ga_hid=330764489&ga_fc=false&fws=4%2C4&ohw=1234%2C336&btvi=0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 16ef77890725c0b7a649e21c3ab2016cb2aea261fb9762b388127355ef6ff56a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:14 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11463 x-xss-protection 0 google-lineitem-id -1,-1 pragma no-cache server cafe google-creative-id -1,-1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.apronus.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7B56	6 KB 4 KB	110ms 31ms	Document text/html	142.250.186.33 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.33 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f1.1e100.net Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.apronus.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Tue, 12 Oct 2021 20:31:14 GMT expires Wed, 12 Oct 2022 20:31:14 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	idRequest Show response sync.aralego.com/	46 B 493 B	416ms 119ms	XHR text/html	192.96.200.41 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Full URL https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20Verdana& Requested by Host: ads.aralego.com URL: https://ads.aralego.com/cookiesync Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash d7e59390c0d7ac5fe4b283d5777c53b0bea115707adf8b25ffed07fe39d54015 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 12 Oct 2021 20:31:14 GMT Vary Accept-Encoding Access-Control-Allow-Methods GET,POST,OPTIONS Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin https://www.apronus.com Access-Control-Allow-Credentials true Connection close Content-Length 46
GET H3	200	container.html Show response 63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F59E	6 KB 3 KB	65ms 34ms	Document text/html	142.250.186.33 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.33 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f1.1e100.net Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.apronus.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Tue, 12 Oct 2021 20:31:14 GMT expires Wed, 12 Oct 2022 20:31:14 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	container.html Show response 63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D2C2	6 KB 3 KB	53ms 33ms	Document text/html	142.250.186.33 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.33 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f1.1e100.net Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority 63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.apronus.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Tue, 12 Oct 2021 20:31:14 GMT expires Wed, 12 Oct 2022 20:31:14 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, immutable, max-age=31536000 age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 9 KB	104ms 38ms	XHR application/json	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021100701&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash c54413cc2b1ac5b7230eac6dbb2b7fc07b875ae1b1540a22c22ab683cf6f6de4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Oct 2021 20:31:14 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8556 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	101ms 47ms	Script text/javascript	142.250.184.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f1.1e100.net Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:14 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Tue, 12 Oct 2021 20:31:14 GMT
GET H2	200	5_education_eng.m3u8 Show response uscdn.viadata.store/media/	1 KB 2 KB	497ms 164ms	XHR application/vnd.apple.mpegurl	173.237.60.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://uscdn.viadata.store/media/5_education_eng.m3u8 Requested by Host: uscdn.viadata.store URL: https://uscdn.viadata.store/static/js/hls.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.237.60.36 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash ed173a7a538a5d0d19ef3c00e79d79840009cbe24244ab62c4c770af3b471b60 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:15 GMT x-content-type-options nosniff last-modified Fri, 26 Feb 2021 16:45:56 GMT server nginx etag "603925c4-520" strict-transport-security max-age=31536000 access-control-allow-methods GET, POST, OPTIONS content-type application/vnd.apple.mpegurl access-control-allow-origin * access-control-allow-credentials true accept-ranges bytes access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 1312
GET DATA	200 OK	truncated /	331 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	740 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	384 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	782 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	395 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	449 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	480 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	371 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3f32ab7d466ee99b7e292e7b830b4c2ae03c2f959a0555264a01ceb892a15392 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	211 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 756b9209561d2a2a4a54f2198bf8e6ebd9b8982452f3a7607026acc259211c81 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	viads-player-logo-50.png uscdn.viaqoo.tech/static/	10 KB 10 KB	661ms 325ms	Image image/png	173.237.60.36 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://uscdn.viaqoo.tech/static/viads-player-logo-50.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.237.60.36 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash c3f11ffbaaba9768b1b5b86613b1dfe237de5257be4ac0a8d477ec497e38a20c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:15 GMT x-content-type-options nosniff last-modified Wed, 26 Feb 2020 10:23:58 GMT server nginx etag "5e56473e-26d1" strict-transport-security max-age=31536000 access-control-allow-methods GET, POST, OPTIONS content-type image/png access-control-allow-origin * access-control-allow-credentials true accept-ranges bytes access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 9937
GET H2	200	/ Show response amerx.viadata.store/export/104222/ Frame 6F1F	3 KB 1 KB	168ms 161ms	XHR application/json	173.237.60.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://amerx.viadata.store/export/104222/?secured=1&language=en&page_url=https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm&pub_sid=104222&pub_sub=0&format=json&tgt=0&VIA_SUBID=&VIA_ABT=&pce=1&npx=1&VIA_DNT=0&page_domain=www.apronus.com&trackdomain=logs.viadata.store&VIA_DADPOS=3&avtoken=674621&VIA_WIDTH=432&VIA_HEIGHT=243&imp=false&rc=1&cb=1634070674708 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.237.60.36 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 875457d4dbefb69be8815037c1922bc52d6069e2ff87ff265d878286eb93f715 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers access-control-allow-origin https://www.apronus.com date Tue, 12 Oct 2021 20:31:14 GMT content-encoding gzip access-control-allow-credentials true server nginx vary Accept-Encoding content-type application/json; charset=utf-8
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame EE9A	624 B 557 B	89ms 36ms	Document text/html	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhiqoueuATAB&v=APEucNUvZ5WILlXjanhlQWMfBB2yQ2K7oumXmyhBcrWRyuZPyoiThsNTRR3Kb24nz65ezXQ-0Defi_iYWpcoVOWzzrvit4k7WrYLWtQCGyYTxqW68XkyHTzQL8fKLuF7wwOVRo5w_RvE8ThZJn0QoiMomso7aOK-rPrsdK-gyPJ3HHzABTRP2Tc Requested by Host: 63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com URL: https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CNj8mwIQq6iuAhiqoueuATAB&v=APEucNUvZ5WILlXjanhlQWMfBB2yQ2K7oumXmyhBcrWRyuZPyoiThsNTRR3Kb24nz65ezXQ-0Defi_iYWpcoVOWzzrvit4k7WrYLWtQCGyYTxqW68XkyHTzQL8fKLuF7wwOVRo5w_RvE8ThZJn0QoiMomso7aOK-rPrsdK-gyPJ3HHzABTRP2Tc pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Tue, 12 Oct 2021 20:31:14 GMT server cafe cache-control private content-length 276 x-xss-protection 0 set-cookie test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUmkM_jyig5hbnlY9iq_VfexDyLsl-vfprpeueMtzWliyzGwwm1g5Ba2bxt2; expires=Sun, 06-Nov-2022 20:31:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 12 Oct 2021 20:31:14 GMT
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame D2C2	70 KB 28 KB	140ms 89ms	Script text/javascript	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AygMxBCeYanQHeA1_32x7BxJXEtI_J80rL-FU1P4zAQo9C6jyFz5rHNTpYgEqQlByGf-j-z7vrbsu0lDuga6x_h0S8Tn__ruLf-es2VWLrAivHYQOocaqw_BNYYdFtnbkCpnilP7f1c2y4lWTpxFKksiMErw&dbm_d=AKAmf-AmoNeH2imfSJzKKmdOiMqfbxyqMugconyHHRaRFpaprQKcwR04BaQ1N3VCt3W0HpN19RtCzS0ckYzYxLLddB8VI9udF3036ciNN-fk7vwNBci5FkRKkAEwsouQbFLCRXklQpiD_e7zG4gOyAJsHO0t52kKG-usG2dqiQeiT8mp8N8GuGnJlYLkZTdVCm7xxlguXR1tMybPVd08QnS4On5Tvxtx5UvVwgVEwca84nzwsobtGeVJu4DAMMF5-H3ONYhSLvOjlSObMDghXFwai_kyqcZemXA02bPSARi8GQX3WbSYPDcq9I196BoGmtjbwAkHHIPZ-_mykO8F3YtDwGTzodfnNIIb5CFfQYOM2Zg8g81CLGSLNc-CX9xP2llWXa1DkYdzfhHuSMpa_0A68wAQQVmK9zh_pClzWOEe-Wz7RU6i7BlR50g8UISCedeUe3CAmfIOfNanMBCgTjrk4uWBZ1Q6UrYWAJLEkb_WppR8fs3WZwI8SIqkZxIz_HzLHbRS9NtHH_W9BSt9IyRiJZ0uQ1P5-zQc2DDvEfJIXpGOXZFHyMiC5Jqu-KnjgTbEzmag31LyIDXGCCDVl5fvl_Flojx38IQYUdzhucYWt7WAYKNjfqVZXNwcUd-uclAYTgim5T7e9p3jUqf1wYUzHEJmvhgl1E_fHjk4Uv3R_SsoJ_2H7ubdsVkKIq2wIk9bkrypZYbJvvmrixiQYS9RA7qaarrF99w2uZv3NSbHEJ8R-qpiuS4a0Mvnt-1u-IkVMrvxPYNxEmS-CxqR-XGuQE_Rdze93CSSS06hnjdzukpcDoQgWussXOJsgSImdd_gHvO38wM7pfAXW6BwzbUmPgym4GepfBezvLHksact4YJ4ncbBvvp9Tppn0gQQbMavdkJbI4CSZuCvY-eATcjj55hMQOU42oMMgMiFJVA_EALm0m0Lky4oBiqRURrzbjCQaBrmtroi3NRXIJuvSenbVIqpxXdG9YIGRGXyLKqQm_KaEsgWo4SiVAINNUHfNHXmAxeoAC0yVdJa4NvgfjJRIxJwAmbUVPR6R0G_hw8TsrGopQuMSXb8JlypP_9e5WKl-C6zUKfeniGijEwJIw5D5mF4hKMj_1uI0AjYK3q7B9oS2AxdCau0TMjvIVWvjDWmftJVnkU0JEP7lCDckuFRqBvKJkCpULodcXyyKWSVOLlm-n0Sw1MMNWqEsMu2cf_tiBgwwEwkJHig7ApchR7t-1iypBV8ARAE2ZzOSjudSPN1Ae4Irx1xAd63pFbYlxAX0HrMth74qWoVcotkGVZdlrLrOwY0P44FqzhkizS21Jrwvh-_bw6IwO6Yv-Lot6CueSX9c0eK7V8VxdzjiMpHivhyf6QL3dDkCMXF9wD2Yk9pbVNJY6NF_pPzEAOigQAvVQQa1U7fJuWd-jsskklp9aeWeMNPqvyNaAtK-ptpB7kQAEZvf7oqQiKRb6eiTsZF65Nigvn91gN7QcQwkrO9JfVRc-SdJuNEWY1Llz9JNzUxJnjyoedxN6-ekHcU8074II7FQsBKTUJdXPNEH-m5zo4V2pnSEaaY_DOIUsRPeEOxliog4bu30r_vsn7YyiF7RVbSY4oWCAjPyYMw-ByYMs5ypYuMjr4VKHOsd1Lr-RtBAEusZIOBvKTXoFkqRcQuFniod4LChAOfQStNgOztuDyVNbjoQ9NohyfeaXL0xR0UmUs9Abh5wlTgxcy8nLE4CjDq1LaPh91z-nXI_LJIPgC0Oibb5dG6qjgZdaynCjlBJ3S2R8K3i_Mleanuw5NKQTVdfpA6QvgvOLRS1JTJaa2Ox966D2wH16j_VV9kZAZ5Ph4_wDob9S7qTFdHmuHjafJV7ukoraMRc12AOc9XvOZuiy0Wuhg3xDGplS6m4chBdSAI3DJLREr78Vux-lkjKclLJcq27DX8GWilPuI0kbZuztLnKXOqpGen9Ycxc6E_UO1GLZlq0LNuT7Wrdd_jaMffdGoOOZK65Xa9nN0AnA372llThV5r97cIa4AO8FUyWOEJPU8ASxFt5gUfyeGDXpHFRvY614143fNnpNhQoO8lWkll0ZvOJV8smVSCUUIBqGGZgYQxtpZSo-h2ps3Ij9Wnl5efAJezD7MY13Zc0z-XvZRQDXYq6SrOm0DH4Sno3Vt2Qh418DeuOQu5bf7IfBP0NqXlD7wuCn_XZfRH5XWt2BMOz4J5bYv2iivNmnuwdlq_P22ooqC6c3EsFxkZwBSacb4IFbY4dOK2GhB4mW6H1ixLqGGpkIPA3Z_mDfJeGjaG_DCU_pICDUXW4CyEKakgY8JMwlpsX1_eoP1Ia0ScgI9IaebDq6lzYEN4t7Kd5QDlFXKQlntP7Ra3Ms1YaLLi2nRlUPGLyW4ViTT1RJc5uNA59BcByjnZiXMwRE9oNrBKRw_-jqiNlgQ5fD0zP_OjqB_d2gTCE_mD4nSRVZz3mXz4GbMYjXdYXKdewB5GCtrHBez9XpxjmZxHPw9y8PHzatSPfjOeUvvdEdUBBxypYr5HpwTRTBILkXNUee319VArWl7P6W7hUajdKyPZ1KzVk7xbdPtowj-aEjuvG7yGg3KJbhPGNnGiP8Y7hkm4FDAq84vZRuzJVrmkCwTgx77m9mkXmND_XJlo5wLNu6JtIU5AxJFlWvYOx4PqnDjDJenSLofypd-r_Lset-2cJwPl73UiTBuiuKTWAZ7ETDs6_ih7fSxScFXd0AqGVOCN7KgdvUuG8JIw6aa1L6ASaPEe6ar2Y3RXdF6OHt69z3DlRv3sz9SZOqegiWNu3jFhjyVf4wY0CjqpMd0hPfct7vThsRuISKlvnw8Px47t51ilKBs6kMBf4NM53q9347eqlJkhEUmOwgOA9s-YpI8EJYWjp-eawkEZcGWNUk4Pjtha2sekNv-Oy1L9Ouo3fd7A_46RCjaBMh82wK2q9ytU3DWYXFkOjrAuyOw5AI8enCBmGwpDkf-HbZX60p3zQ-Tc0V4BV1yRxgQkz3jcFUTfVhUWnt90icnzcE0Yk7q2Nc40yNSFdbTkE3W9HzjZ29p-LquJJOhNQ1aKHV60fnbYoficn-4YnfjtJXlULJPQ8v8LUKDEgix9Cp-9uUHlMAkVydooN8kGlUw6ecDDxCruQFrekqx6sEQhlAdugYVanska5epJu0ZKr4pVHNb6z4nZOaMfNy44M69XK67d5_neZdQgt9MnE1rnoVprKrA3Z7AeFVYJn-jaSo4jgnLg1AnWVwfiuQygpSxSjz4ghn9I9GVQvanewG9j4v9t9sR5e0jp9xM_vA&cid=CAASFeRoa3tzNTQp8324SvMKWsqddGO_uA&rfl=1%2Chttps%253A%252F%252Fwww.apronus.com%252F%240 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash c2704a941f5fa40febd194b49cfaff47eba15a93baabb29bf3739ab366d28a6d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:14 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28694 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame D2C2	42 B 63 B	81ms 53ms	Image image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DYvC5P2lUVGKOciduFR9lkCThHr91YySlklOLu-7TZVNFJJQBFOGqEeXQlC3tOJPb2_-7Dn8GTqcGODOhzxlhRCuPKolnPkuqYTPmyDhXvAMszVUg Requested by Host: 63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com URL: https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:14 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/ Frame D2C2	3 KB 1 KB	24ms 23ms	Script text/javascript	142.250.184.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/window_focus_fy2019.js Requested by Host: 63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com URL: https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f1.1e100.net Software cafe / Resource Hash 0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:06 GMT content-encoding gzip x-content-type-options nosniff age 8 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1426 x-xss-protection 0 server cafe etag 18061233391346882222 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Oct 2021 20:31:06 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame D2C2	123 KB 38 KB	93ms 43ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com URL: https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software sffe / Resource Hash 393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:14 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37935 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1633952256361887" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 12 Oct 2021 20:31:14 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/ Frame D2C2	14 KB 7 KB	21ms 20ms	Script text/javascript	142.250.184.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com URL: https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f1.1e100.net Software cafe / Resource Hash f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:30:51 GMT content-encoding gzip x-content-type-options nosniff age 23 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6281 x-xss-protection 0 server cafe etag 18349783599053866072 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Oct 2021 20:30:51 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame D2C2	0 0	84ms 31ms	Image text/html	142.250.186.36 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfiNVwbuI3GyeFmMfjx1ZQkVcKmFe80MHFdJKNpwwtnxorLmsJiQQTvBRLjqTwRAb1dPlesZ9jd9afBo9QllM6zWVzeg Requested by Host: 63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com URL: https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.36 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f4.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame AB6D	624 B 997 B	84ms 36ms	Document text/html	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiR7OioATAB&v=APEucNXETERt_qp3JAYzMGcb7x6hIb_zDe6-jlwVlLF3HOPxbc8VZXA4ztEUEheUzUqeCkaBpFCQGCKYMC__sVkefdERWYJWl7Jimt61XiKa3DIicrxWmuQwp_uWfqL11ZOqSpu4kSvM6PayqrQF5k2VAokuSQnBDxbIOsu--jrWByJKV-Rx0l8 Requested by Host: 63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com URL: https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /xbbe/pixel?d=CPvjgQEQ_aOOARiR7OioATAB&v=APEucNXETERt_qp3JAYzMGcb7x6hIb_zDe6-jlwVlLF3HOPxbc8VZXA4ztEUEheUzUqeCkaBpFCQGCKYMC__sVkefdERWYJWl7Jimt61XiKa3DIicrxWmuQwp_uWfqL11ZOqSpu4kSvM6PayqrQF5k2VAokuSQnBDxbIOsu--jrWByJKV-Rx0l8 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br cookie test_cookie=CheckForPermission Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding gzip date Tue, 12 Oct 2021 20:31:14 GMT server cafe cache-control private content-length 276 x-xss-protection 0 set-cookie test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUlEkIR7SPDSsLCLUKKPl-stLSTKpdUwt_8TzQhQSmdRD_bsZqOMZ-AmusbD; expires=Sun, 06-Nov-2022 20:31:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 12 Oct 2021 20:31:14 GMT
GET H2	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame F59E	77 KB 29 KB	112ms 65ms	Script text/javascript	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aqh_cLWEqxgyzp3Wva-2cZlkm_81f72bBK6c5Sbbj9E_t_LKXKHIkeArYk_o8Tyr9xzTg2f7jlsEkl_snEUPFS0kHQQCQgmFcLe8IsEwEyA2cULAImb7lT0aB-20zZ3DNseMejCN2o29D7WhNwnTwd6UzwAg&dbm_d=AKAmf-AHtsrtt1XQDRB3qzc-jkNtOa96Isy-DXENESe2yl6gx0d_6gaszLJEmVLubZovaW0_T7p85OU9rZi1y78mWAkJjtDOyRPHO5GmbqyeLxc39NKVEqPuWFTX77DXTgv7y2CXiSAkCkYefq1BDMMANAtFfwfpugSbzAtwb2U8Zsj-N4tnvESO-xenPGuTgwbJaF-24N0psIaebd_BL4fX68DZP2C8EU8VB2vGwzJNTfs8PqsxDpNi1xSfcijpe3IfgfvNkwqkNoDWTb3ET_HW0QCURptE3iGmiERuUDNMd-pB2ORy7WOJE4vDOs4wuy0JkhQwtnJZLQh4_i38VJcmRJyictE1ys51LDFxEm5iu_7Zqfakk7YWHYI1l-m9bIR7wS4Ebhz6Zk3fk-0vSzTnsboeUgWilsMgco60MZboR1yYRa_94Lfh2llcwIbvvl8RjXpG3w2Y5hNjD11gVFJ2p5QzThRKD-EwY_1NdgdBmtAtuvsXUZV8iJtIwAxJZsfUwVmN3hwTGc921MKeHWfZHjAIzxSvDC5uhmdnVv9pBHSLakMNp64lsh1zJHZ2dM_wMO2o2aSbHar0ZJRStLnn2cpgD0koiX96VekMlhP5hB3sBqKni_5bwmLaCrmr9mr5jH98zvbcU1NYKMFoYzC1GWB3pY1Rsi1YFtB0N-VvOHcoZRjSQDLI-eikrLFqlns8RfBfuFdadLgkB5m703aTF7aJEo8m6rsnukpbrgmNr5dhFnJXBYzgqhKmePsGOfj-qjXrlztrD-JrBDJSvijs2UwZcrJ9RWGbqXy_KCKcTZKihWCbTl5ULzBg1AOgydWn9wFJW-tvohA3TNZ0n-1h8U-IgzVQ3wYh6hP9qyhINQIAHwezVE0wLE9_oQu4hE_SrAl05DMt6ZV6HM9Qq9n0sOGz5SLcBr7G5EVJMcyWqDMeHwRkNZFIPee_Cs0YSjWOAUFlYQHcLqeUbpzKeqXg71-1hJ9HQwK3OamxCoSft1guDf75FGftfzg711l9E6BLaS1ZngNdI9_3jKWFW50TEbjdWouU_vi8-8STV6nOF8YpIwa42UQSaQV7pSG4onJqP6NfCwI4DP9dRkjP0edA17Z6Av37XkzvxDh2ZcqkvrjR9MLfN3tHYs_JW2s26Ztj1LZJqH4Dse3zltSD6Lz2nQXArQmujAY5snCStxASXl8Wco7Vn1JPoHVkEaxue43HS6re-sAHYrhRss_5DyC4sljdm-ZGJlpN54_qZmE6tTWI9HYjT_2r6_yVexdzoakSNysfQh3PS3a_mOubm4bzojJP1-aZ_1ON1uwpbFN_Jbb1R4F5vm8UZ_AqR229_3eEHRd3jJuRKGzpWmzLmZ8fjzByzvFSrBHBtacKkPaHFyM1e9ulxs6jgb5kI9-b09NXt9VIuvev4F3sGvl3w8HW1HNugKikSlaH_jOEgMo7AYb9BB-dYnOvR_S96BQE0lqahDot4txy1MAxItrRn8JI4miB5sIt_b1yY78SJxeKoMv6AfVJuhdorIX1fW44PNLRWYeT0wv3TKCVFx5hYPC5VhnF3GSGjDo6bHHCRzc3tzpaZxj9tULMGN8vLzrOouQQKUfJy7SHyOiIJKjE51q2DBYW6F1rPHRKBJOb7B6IFt4GzCk_NuGithteoRgBum7G6nZPL3cJivVZkk5dP1bo2U7I8Rcbdl_Wz1F-SVXCcXHsvjmNIBqP-j1JbSuXWZ3a0cQlOC3PmNQ5RnH7THapUjNlaX0j3CGqjrgwSZGNO2kegUhFMDXPAiKL3VKx9WyHkv3KRQcFOiH2P1Oq0NghKux_TkfS7DZd9TedF4G1MloSMqDXqce-HQ_nvg7oLqxNQM1kvVsP4H2H0jBjEH7omxfTR0jxNjE4Ooux_O1wZS1TanAb1covNSPEzDo-m0Uw1P4UIVh27PLoA3xdtLcyOODec-SK9YPte1r7-cbffJo9EmPeTE5Hzrn8uggTKuNmceXIXF4xnx6w6dYQQlf84brMZCVQr8gT7xXOEKSH-DajpEcgq9c9-B7vlsfrLjdAr3mJ5arSi9Veh_qUzWo54r3eTyfCuOwGreTah5ic_sQcJR6k0whsjJf3LDjJtCZD0OY3QJ8bwX_kuiDhRcc2Pf9NDybsMzg8ZWor4XhpbrEtd2TyHoNfBx3iiNiAQJGgV4qZilVmW2ls91M3z7R1HK1P0qpON_lsYJ6u8XxRqyV38J55cfD66MriYL4XUbd8Y73A0V-TTAjDXWMc0ZqSSsUmByCR2gUViisSFHZUdUgbti2cAInV926jNv4B88TEH9vbc-Bh3g1tiw2K7UkGdkeoB1k_u4P8ddrKNcsdgyuJ0dwgMPj1zW9kKrWC207DH3NSyLOuOux1dj3__9Z7WpVssJ3uqROo34ZGXHaaTJFk405rP58tiBgSM0OokYsI7-euGyMaPzd1g8uRcgaMk59BtAOfDlHJMq_PMTit9-_9F8tlFjtAzeQLxKdoUyYNzfEmGrf2t-NnAR5IKXIp6FT5eUtWF3aiWy3uyDSdUZIq5HYW_YEE-KkwklYTrSvc1NnkcW6qx-glCrIbOyefSIW6T1O6MvQEztmYdIZCPUB_5T5ihlNKvpOv3jY94Rf8yqM_uOMd_G3KI4EDO9VrvCSUQg-GzQSxb2iFQ1M4Mmuq1NCpgEJeMGP_f3GTTDgmymmyS_nHYYfWfOHWDZYsFT7Lb67LjlDk6xUeJdrWTqL-6r3PgYf_kT8H0W9XOFGqPQEsojFnxn-dBFOekSJE5zbeoqMoDFrsI96grHffLCZU9zDT3cK76CIh11kkc7FPgEcIeR6aO0rKjBaS5yupRotmalPnpctINe8w9c4ZMO6LMgdTFND1VLCpMPE5RZSAuux3UmNPmC7cTanrL5n7Xdx5hpeQGGzTdeoYQD65r1qL2xQx2nnWHltu9ud4RIt0XnRkxp5iu_3TxYRnk6-tjWK5wy-njUiKb8ubglaGvpbuZoL2n5IATEEnZdejHKP2RkhrBV8v_bsZAPoZADkDgFi1ZHQjUA3VxksdEeZ4bvD6_DG8zQMO8zfBB9eci_PpcX5RjyKwBa9CpM9EoT2Y8RRWxtLGaxPNRm4CDXo6d2OH84p6EL9U1E6ik5RYB71gqd8aWrQwlMp7TArELRlPDV5XnsXGewHyfM48lzxlfh9IpSENzH_JHPU_Ig76multu7dJhnBwAsXVkQXMrwLq-nERlxp8IDzivcj6zNNZp1ElEjbrgWE&cid=CAASFeRo-BoxcNRVeWAdVzmOYmvCuWjmgA&rfl=1%2Chttps%253A%252F%252Fwww.apronus.com%252F%240 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash ac068192791dfadbbb29c94a340ff7fc7be024403b089853be31f0547280bf98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:14 GMT content-encoding br x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29553 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame F59E	42 B 63 B	78ms 54ms	Image image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BrRviwrVNJ6hgY8xP75iUfbWq690Eqx5UVAyEAaCksiepmcf0mm-XD81aUMQBjdnpEsRsayOPoxg2SjaZi5gqI49gnarG7HkwuE0G2eDpJEvvTO8o Requested by Host: 63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com URL: https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:14 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/ Frame F59E	3 KB 1 KB	21ms 20ms	Script text/javascript	142.250.184.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/window_focus_fy2019.js Requested by Host: 63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com URL: https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f1.1e100.net Software cafe / Resource Hash 0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:06 GMT content-encoding gzip x-content-type-options nosniff age 8 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1426 x-xss-protection 0 server cafe etag 18061233391346882222 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Oct 2021 20:31:06 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame F59E	123 KB 37 KB	122ms 75ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com URL: https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software sffe / Resource Hash 393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:14 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37935 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1633952256361887" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 12 Oct 2021 20:31:14 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/ Frame F59E	14 KB 6 KB	22ms 21ms	Script text/javascript	142.250.184.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com URL: https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f1.1e100.net Software cafe / Resource Hash f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:30:51 GMT content-encoding gzip x-content-type-options nosniff age 23 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6281 x-xss-protection 0 server cafe etag 18349783599053866072 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Oct 2021 20:30:51 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame F59E	0 0	81ms 31ms	Image text/html	142.250.186.36 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXPR4BWQZJgvdCl73VF7vHGRA990Eti8G0p5zX4X28kwl5qx11APza8Lmkzk-BLtZkQcPOmArV6pZPukIaIe_-lsdZxQ Requested by Host: 63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com URL: https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.36 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f4.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers
GET H2	200	cht_cookieSyncIframe.html Show response cdn.aralego.net/ucfad/cookie/ Frame 96B5	807 B 628 B	23ms 23ms	Document text/html	172.67.71.254 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html Requested by Host: ads.aralego.com URL: https://ads.aralego.com/cookiesync Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678 Request headers :method GET :authority cdn.aralego.net :scheme https :path /ucfad/cookie/cht_cookieSyncIframe.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.apronus.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ Response headers date Tue, 12 Oct 2021 20:31:14 GMT content-type text/html last-modified Tue, 11 Aug 2020 08:15:02 GMT access-control-allow-credentials true cache-control max-age=14400 cf-cache-status HIT age 6867 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwZq6MD8ag%2F4gfeq1%2BkrK79Ee1xpZhc2HRLIi22G5cr0ouMQOWovL%2FmQSLMTKu%2BFfrj53f5MpYq38u2mUUE1oalrmfAC%2B4zMeJVHHxlINkYTDnpf6RcEeLLZPbLp6N6clQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding server cloudflare cf-ray 69d317352b8b402b-CDG content-encoding br
GET H2	200	1x1.png cdn.aralego.net/img/ Redirect Chain https://sync.aralego.com/idsync? https://pr-bh.ybp.yahoo.com/sync/ucfunnel/bb1b43a8-7775-3356-9b1d-ba19449dcf24?gdpr=0&euconsent= https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-bJ40.gdE2oX5.egEsGEKiu6E8m5uakBj2OWeADc-~A&redirect= https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=bb1b43a8-7775-3356-9b1d-ba19449dcf24&gdpr=0&gdpr_consent= https://x.bidswitch.net/ul_cb/sync?ssp=ucfunnel&user_id=bb1b43a8-7775-3356-9b1d-ba19449dcf24&gdpr=0&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=ucfunnel&bsw_param=fe166592-fa01-4925-88c0-dbf69d880536&google_hm=ZmUxNjY1OTItZmEwMS00OTI1LTg4YzAtZGJmNjlkODgwNTM2 https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEJoySOw-dbeTOlzLRPuyzSU&google_cver=1&ssp=ucfunnel&bsw_param=fe166592-fa01-4925-88c0-dbf69d880536 https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=fe166592-fa01-4925-88c0-dbf69d880536 https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=YmIxYjQzYTgtNzc3NS0zMzU2LTliMWQtYmExOTQ0OWRjZjI0&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png https://cdn.aralego.net/img/1x1.png	68 B 412 B	22ms 22ms	Image image/png	172.67.71.254 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.aralego.net/img/1x1.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:16 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2652 content-length 68 last-modified Wed, 12 Jun 2019 06:09:43 GMT server cloudflare etag "5d009727-44" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xioq4DgvmlcNof3dhto7fPCLMq2WmAmyPqDQFQXpA4h2xVNJEi5tip2klhswemFFRr18VTpBO5mBuICgIpnoowDazR9tVjnKZrJ1hHGe8H%2BJrqdaOIZDHVFjL2Joy%2FXCXg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 access-control-allow-credentials true accept-ranges bytes cf-ray 69d3173d5cdc402b-CDG Redirect headers pragma no-cache date Tue, 12 Oct 2021 20:31:16 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://cdn.aralego.net/img/1x1.png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 232 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/ Frame 96B5	79 KB 26 KB	37ms 37ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: cdn.aralego.net URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software sffe / Resource Hash 79c928baf51d927bb162e00695b60b43e67ec77b792dafaa402089952a4fe1be Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:14 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1014 / 391 of 1000 / last-modified: 1634068217" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27027 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 12 Oct 2021 20:31:14 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame F2A8	12 KB 5 KB	52ms 20ms	Document text/html	142.250.184.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f1.1e100.net Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/224/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.apronus.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5029 date Tue, 12 Oct 2021 19:39:59 GMT expires Wed, 12 Oct 2022 19:39:59 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 3075 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame F26A	783 B 1003 B	32ms 32ms	Document text/html	142.250.186.36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.36 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f4.1e100.net Software GSE / Resource Hash 1753f89ba92067d9e8a465d92460472ecb69fee0145ef9e8e76ec2da4b47d07a Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-gxMY6wXxqNvXuFVArV/B8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.apronus.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Tue, 12 Oct 2021 20:31:14 GMT date Tue, 12 Oct 2021 20:31:14 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-gxMY6wXxqNvXuFVArV/B8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 514 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	pubads_impl_2021100701.js Show response securepubads.g.doubleclick.net/gpt/ Frame 96B5	366 KB 124 KB	35ms 34ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software sffe / Resource Hash 74e0705ba9740aea8c7f1f7a8e582ae656c55e1c8d047b212683fadb5e623fa7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:14 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 126551 x-xss-protection 0 last-modified Thu, 07 Oct 2021 08:38:34 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 12 Oct 2021 20:31:14 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame AB6D Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIo-VSgVavUwfDmvMEv028Q&google_cver=1	43 B 894 B	14ms 13ms	Image image/gif	23.218.208.246 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIo-VSgVavUwfDmvMEv028Q&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiR7OioATAB&v=APEucNXETERt_qp3JAYzMGcb7x6hIb_zDe6-jlwVlLF3HOPxbc8VZXA4ztEUEheUzUqeCkaBpFCQGCKYMC__sVkefdERWYJWl7Jimt61XiKa3DIicrxWmuQwp_uWfqL11ZOqSpu4kSvM6PayqrQF5k2VAokuSQnBDxbIOsu--jrWByJKV-Rx0l8 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-218-208-246.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 Oct 2021 20:31:14 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 12 Oct 2021 20:31:14 GMT Redirect headers pragma no-cache date Tue, 12 Oct 2021 20:31:14 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIo-VSgVavUwfDmvMEv028Q&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame AB6D Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWXwklv1mXIiS-GUM5MtxQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXGfEGlplpCLZlB3jVPi1I&google_cver=1	43 B 1014 B	17ms 16ms	Image image/gif	23.218.208.246 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXGfEGlplpCLZlB3jVPi1I&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiR7OioATAB&v=APEucNXETERt_qp3JAYzMGcb7x6hIb_zDe6-jlwVlLF3HOPxbc8VZXA4ztEUEheUzUqeCkaBpFCQGCKYMC__sVkefdERWYJWl7Jimt61XiKa3DIicrxWmuQwp_uWfqL11ZOqSpu4kSvM6PayqrQF5k2VAokuSQnBDxbIOsu--jrWByJKV-Rx0l8 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-218-208-246.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 Oct 2021 20:31:15 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 12 Oct 2021 20:31:15 GMT Redirect headers pragma no-cache date Tue, 12 Oct 2021 20:31:15 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXGfEGlplpCLZlB3jVPi1I&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame AB6D Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEL4RwVQmpZcezpGoJy2opZA&google_cver=1	0 578 B	19ms 15ms	Image text/html	185.33.221.89 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEL4RwVQmpZcezpGoJy2opZA&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiR7OioATAB&v=APEucNXETERt_qp3JAYzMGcb7x6hIb_zDe6-jlwVlLF3HOPxbc8VZXA4ztEUEheUzUqeCkaBpFCQGCKYMC__sVkefdERWYJWl7Jimt61XiKa3DIicrxWmuQwp_uWfqL11ZOqSpu4kSvM6PayqrQF5k2VAokuSQnBDxbIOsu--jrWByJKV-Rx0l8 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 Oct 2021 20:31:14 GMT X-Proxy-Origin 216.131.111.33; 216.131.111.33; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 8ee66dff-7fc9-4958-9afe-549980245c04 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 12 Oct 2021 20:31:14 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESEL4RwVQmpZcezpGoJy2opZA&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame AB6D Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUxMzA0MTY3NDIyODQ5MzIzNQ%3D%3D	170 B 188 B	58ms 30ms	Image image/png	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUxMzA0MTY3NDIyODQ5MzIzNQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiR7OioATAB&v=APEucNXETERt_qp3JAYzMGcb7x6hIb_zDe6-jlwVlLF3HOPxbc8VZXA4ztEUEheUzUqeCkaBpFCQGCKYMC__sVkefdERWYJWl7Jimt61XiKa3DIicrxWmuQwp_uWfqL11ZOqSpu4kSvM6PayqrQF5k2VAokuSQnBDxbIOsu--jrWByJKV-Rx0l8 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:15 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 12 Oct 2021 20:31:14 GMT X-Proxy-Origin 216.131.111.33; 216.131.111.33; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 16a81107-1322-4a0d-b6f0-67580924b062 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUxMzA0MTY3NDIyODQ5MzIzNQ%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame EE9A Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIo-VSgVavUwfDmvMEv028Q&google_cver=1	43 B 894 B	14ms 14ms	Image image/gif	23.218.208.246 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIo-VSgVavUwfDmvMEv028Q&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhiqoueuATAB&v=APEucNUvZ5WILlXjanhlQWMfBB2yQ2K7oumXmyhBcrWRyuZPyoiThsNTRR3Kb24nz65ezXQ-0Defi_iYWpcoVOWzzrvit4k7WrYLWtQCGyYTxqW68XkyHTzQL8fKLuF7wwOVRo5w_RvE8ThZJn0QoiMomso7aOK-rPrsdK-gyPJ3HHzABTRP2Tc Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-218-208-246.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 Oct 2021 20:31:14 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 12 Oct 2021 20:31:14 GMT Redirect headers pragma no-cache date Tue, 12 Oct 2021 20:31:14 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIo-VSgVavUwfDmvMEv028Q&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame EE9A Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWXwklv1mXIiS-GUM5MtxQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXGfEGlplpCLZlB3jVPi1I&google_cver=1	43 B 1014 B	15ms 14ms	Image image/gif	23.218.208.246 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXGfEGlplpCLZlB3jVPi1I&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhiqoueuATAB&v=APEucNUvZ5WILlXjanhlQWMfBB2yQ2K7oumXmyhBcrWRyuZPyoiThsNTRR3Kb24nz65ezXQ-0Defi_iYWpcoVOWzzrvit4k7WrYLWtQCGyYTxqW68XkyHTzQL8fKLuF7wwOVRo5w_RvE8ThZJn0QoiMomso7aOK-rPrsdK-gyPJ3HHzABTRP2Tc Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-218-208-246.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 Oct 2021 20:31:15 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 12 Oct 2021 20:31:15 GMT Redirect headers pragma no-cache date Tue, 12 Oct 2021 20:31:15 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBXGfEGlplpCLZlB3jVPi1I&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame EE9A Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEL4RwVQmpZcezpGoJy2opZA&google_cver=1	0 578 B	17ms 16ms	Image text/html	185.33.221.89 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEL4RwVQmpZcezpGoJy2opZA&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhiqoueuATAB&v=APEucNUvZ5WILlXjanhlQWMfBB2yQ2K7oumXmyhBcrWRyuZPyoiThsNTRR3Kb24nz65ezXQ-0Defi_iYWpcoVOWzzrvit4k7WrYLWtQCGyYTxqW68XkyHTzQL8fKLuF7wwOVRo5w_RvE8ThZJn0QoiMomso7aOK-rPrsdK-gyPJ3HHzABTRP2Tc Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 Oct 2021 20:31:14 GMT X-Proxy-Origin 216.131.111.33; 216.131.111.33; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 44a4753c-eba3-45ff-a260-f3f1790e59c8 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 12 Oct 2021 20:31:14 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESEL4RwVQmpZcezpGoJy2opZA&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame EE9A Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUxMzA0MTY3NDIyODQ5MzIzNQ%3D%3D	170 B 188 B	56ms 31ms	Image image/png	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUxMzA0MTY3NDIyODQ5MzIzNQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhiqoueuATAB&v=APEucNUvZ5WILlXjanhlQWMfBB2yQ2K7oumXmyhBcrWRyuZPyoiThsNTRR3Kb24nz65ezXQ-0Defi_iYWpcoVOWzzrvit4k7WrYLWtQCGyYTxqW68XkyHTzQL8fKLuF7wwOVRo5w_RvE8ThZJn0QoiMomso7aOK-rPrsdK-gyPJ3HHzABTRP2Tc Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:15 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 12 Oct 2021 20:31:14 GMT X-Proxy-Origin 216.131.111.33; 216.131.111.33; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 7d967005-41df-43f5-9605-7ebf1c3e3d4b Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUxMzA0MTY3NDIyODQ5MzIzNQ%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	html_inpage_rendering_lib_200_273.js Show response s0.2mdn.net/879366/ Frame F59E	169 KB 59 KB	140ms 54ms	Script text/javascript	142.250.185.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f6.1e100.net Software sffe / Resource Hash 2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ Origin https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 11:08:02 GMT content-encoding gzip x-content-type-options nosniff age 33792 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 59842 x-xss-protection 0 last-modified Wed, 30 Jun 2021 20:54:49 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 13 Oct 2021 11:08:02 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20211007/r20110914/elements/html/ Frame F59E	8 KB 3 KB	20ms 20ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211007/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aqh_cLWEqxgyzp3Wva-2cZlkm_81f72bBK6c5Sbbj9E_t_LKXKHIkeArYk_o8Tyr9xzTg2f7jlsEkl_snEUPFS0kHQQCQgmFcLe8IsEwEyA2cULAImb7lT0aB-20zZ3DNseMejCN2o29D7WhNwnTwd6UzwAg&dbm_d=AKAmf-AHtsrtt1XQDRB3qzc-jkNtOa96Isy-DXENESe2yl6gx0d_6gaszLJEmVLubZovaW0_T7p85OU9rZi1y78mWAkJjtDOyRPHO5GmbqyeLxc39NKVEqPuWFTX77DXTgv7y2CXiSAkCkYefq1BDMMANAtFfwfpugSbzAtwb2U8Zsj-N4tnvESO-xenPGuTgwbJaF-24N0psIaebd_BL4fX68DZP2C8EU8VB2vGwzJNTfs8PqsxDpNi1xSfcijpe3IfgfvNkwqkNoDWTb3ET_HW0QCURptE3iGmiERuUDNMd-pB2ORy7WOJE4vDOs4wuy0JkhQwtnJZLQh4_i38VJcmRJyictE1ys51LDFxEm5iu_7Zqfakk7YWHYI1l-m9bIR7wS4Ebhz6Zk3fk-0vSzTnsboeUgWilsMgco60MZboR1yYRa_94Lfh2llcwIbvvl8RjXpG3w2Y5hNjD11gVFJ2p5QzThRKD-EwY_1NdgdBmtAtuvsXUZV8iJtIwAxJZsfUwVmN3hwTGc921MKeHWfZHjAIzxSvDC5uhmdnVv9pBHSLakMNp64lsh1zJHZ2dM_wMO2o2aSbHar0ZJRStLnn2cpgD0koiX96VekMlhP5hB3sBqKni_5bwmLaCrmr9mr5jH98zvbcU1NYKMFoYzC1GWB3pY1Rsi1YFtB0N-VvOHcoZRjSQDLI-eikrLFqlns8RfBfuFdadLgkB5m703aTF7aJEo8m6rsnukpbrgmNr5dhFnJXBYzgqhKmePsGOfj-qjXrlztrD-JrBDJSvijs2UwZcrJ9RWGbqXy_KCKcTZKihWCbTl5ULzBg1AOgydWn9wFJW-tvohA3TNZ0n-1h8U-IgzVQ3wYh6hP9qyhINQIAHwezVE0wLE9_oQu4hE_SrAl05DMt6ZV6HM9Qq9n0sOGz5SLcBr7G5EVJMcyWqDMeHwRkNZFIPee_Cs0YSjWOAUFlYQHcLqeUbpzKeqXg71-1hJ9HQwK3OamxCoSft1guDf75FGftfzg711l9E6BLaS1ZngNdI9_3jKWFW50TEbjdWouU_vi8-8STV6nOF8YpIwa42UQSaQV7pSG4onJqP6NfCwI4DP9dRkjP0edA17Z6Av37XkzvxDh2ZcqkvrjR9MLfN3tHYs_JW2s26Ztj1LZJqH4Dse3zltSD6Lz2nQXArQmujAY5snCStxASXl8Wco7Vn1JPoHVkEaxue43HS6re-sAHYrhRss_5DyC4sljdm-ZGJlpN54_qZmE6tTWI9HYjT_2r6_yVexdzoakSNysfQh3PS3a_mOubm4bzojJP1-aZ_1ON1uwpbFN_Jbb1R4F5vm8UZ_AqR229_3eEHRd3jJuRKGzpWmzLmZ8fjzByzvFSrBHBtacKkPaHFyM1e9ulxs6jgb5kI9-b09NXt9VIuvev4F3sGvl3w8HW1HNugKikSlaH_jOEgMo7AYb9BB-dYnOvR_S96BQE0lqahDot4txy1MAxItrRn8JI4miB5sIt_b1yY78SJxeKoMv6AfVJuhdorIX1fW44PNLRWYeT0wv3TKCVFx5hYPC5VhnF3GSGjDo6bHHCRzc3tzpaZxj9tULMGN8vLzrOouQQKUfJy7SHyOiIJKjE51q2DBYW6F1rPHRKBJOb7B6IFt4GzCk_NuGithteoRgBum7G6nZPL3cJivVZkk5dP1bo2U7I8Rcbdl_Wz1F-SVXCcXHsvjmNIBqP-j1JbSuXWZ3a0cQlOC3PmNQ5RnH7THapUjNlaX0j3CGqjrgwSZGNO2kegUhFMDXPAiKL3VKx9WyHkv3KRQcFOiH2P1Oq0NghKux_TkfS7DZd9TedF4G1MloSMqDXqce-HQ_nvg7oLqxNQM1kvVsP4H2H0jBjEH7omxfTR0jxNjE4Ooux_O1wZS1TanAb1covNSPEzDo-m0Uw1P4UIVh27PLoA3xdtLcyOODec-SK9YPte1r7-cbffJo9EmPeTE5Hzrn8uggTKuNmceXIXF4xnx6w6dYQQlf84brMZCVQr8gT7xXOEKSH-DajpEcgq9c9-B7vlsfrLjdAr3mJ5arSi9Veh_qUzWo54r3eTyfCuOwGreTah5ic_sQcJR6k0whsjJf3LDjJtCZD0OY3QJ8bwX_kuiDhRcc2Pf9NDybsMzg8ZWor4XhpbrEtd2TyHoNfBx3iiNiAQJGgV4qZilVmW2ls91M3z7R1HK1P0qpON_lsYJ6u8XxRqyV38J55cfD66MriYL4XUbd8Y73A0V-TTAjDXWMc0ZqSSsUmByCR2gUViisSFHZUdUgbti2cAInV926jNv4B88TEH9vbc-Bh3g1tiw2K7UkGdkeoB1k_u4P8ddrKNcsdgyuJ0dwgMPj1zW9kKrWC207DH3NSyLOuOux1dj3__9Z7WpVssJ3uqROo34ZGXHaaTJFk405rP58tiBgSM0OokYsI7-euGyMaPzd1g8uRcgaMk59BtAOfDlHJMq_PMTit9-_9F8tlFjtAzeQLxKdoUyYNzfEmGrf2t-NnAR5IKXIp6FT5eUtWF3aiWy3uyDSdUZIq5HYW_YEE-KkwklYTrSvc1NnkcW6qx-glCrIbOyefSIW6T1O6MvQEztmYdIZCPUB_5T5ihlNKvpOv3jY94Rf8yqM_uOMd_G3KI4EDO9VrvCSUQg-GzQSxb2iFQ1M4Mmuq1NCpgEJeMGP_f3GTTDgmymmyS_nHYYfWfOHWDZYsFT7Lb67LjlDk6xUeJdrWTqL-6r3PgYf_kT8H0W9XOFGqPQEsojFnxn-dBFOekSJE5zbeoqMoDFrsI96grHffLCZU9zDT3cK76CIh11kkc7FPgEcIeR6aO0rKjBaS5yupRotmalPnpctINe8w9c4ZMO6LMgdTFND1VLCpMPE5RZSAuux3UmNPmC7cTanrL5n7Xdx5hpeQGGzTdeoYQD65r1qL2xQx2nnWHltu9ud4RIt0XnRkxp5iu_3TxYRnk6-tjWK5wy-njUiKb8ubglaGvpbuZoL2n5IATEEnZdejHKP2RkhrBV8v_bsZAPoZADkDgFi1ZHQjUA3VxksdEeZ4bvD6_DG8zQMO8zfBB9eci_PpcX5RjyKwBa9CpM9EoT2Y8RRWxtLGaxPNRm4CDXo6d2OH84p6EL9U1E6ik5RYB71gqd8aWrQwlMp7TArELRlPDV5XnsXGewHyfM48lzxlfh9IpSENzH_JHPU_Ig76multu7dJhnBwAsXVkQXMrwLq-nERlxp8IDzivcj6zNNZp1ElEjbrgWE&cid=CAASFeRo-BoxcNRVeWAdVzmOYmvCuWjmgA&rfl=1%2Chttps%253A%252F%252Fwww.apronus.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:29:07 GMT content-encoding gzip x-content-type-options nosniff age 127 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3128 x-xss-protection 0 server cafe etag 3658073882064373855 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Oct 2021 20:29:07 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20211007/r20110914/ Frame F59E	23 KB 9 KB	20ms 20ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211007/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Aqh_cLWEqxgyzp3Wva-2cZlkm_81f72bBK6c5Sbbj9E_t_LKXKHIkeArYk_o8Tyr9xzTg2f7jlsEkl_snEUPFS0kHQQCQgmFcLe8IsEwEyA2cULAImb7lT0aB-20zZ3DNseMejCN2o29D7WhNwnTwd6UzwAg&dbm_d=AKAmf-AHtsrtt1XQDRB3qzc-jkNtOa96Isy-DXENESe2yl6gx0d_6gaszLJEmVLubZovaW0_T7p85OU9rZi1y78mWAkJjtDOyRPHO5GmbqyeLxc39NKVEqPuWFTX77DXTgv7y2CXiSAkCkYefq1BDMMANAtFfwfpugSbzAtwb2U8Zsj-N4tnvESO-xenPGuTgwbJaF-24N0psIaebd_BL4fX68DZP2C8EU8VB2vGwzJNTfs8PqsxDpNi1xSfcijpe3IfgfvNkwqkNoDWTb3ET_HW0QCURptE3iGmiERuUDNMd-pB2ORy7WOJE4vDOs4wuy0JkhQwtnJZLQh4_i38VJcmRJyictE1ys51LDFxEm5iu_7Zqfakk7YWHYI1l-m9bIR7wS4Ebhz6Zk3fk-0vSzTnsboeUgWilsMgco60MZboR1yYRa_94Lfh2llcwIbvvl8RjXpG3w2Y5hNjD11gVFJ2p5QzThRKD-EwY_1NdgdBmtAtuvsXUZV8iJtIwAxJZsfUwVmN3hwTGc921MKeHWfZHjAIzxSvDC5uhmdnVv9pBHSLakMNp64lsh1zJHZ2dM_wMO2o2aSbHar0ZJRStLnn2cpgD0koiX96VekMlhP5hB3sBqKni_5bwmLaCrmr9mr5jH98zvbcU1NYKMFoYzC1GWB3pY1Rsi1YFtB0N-VvOHcoZRjSQDLI-eikrLFqlns8RfBfuFdadLgkB5m703aTF7aJEo8m6rsnukpbrgmNr5dhFnJXBYzgqhKmePsGOfj-qjXrlztrD-JrBDJSvijs2UwZcrJ9RWGbqXy_KCKcTZKihWCbTl5ULzBg1AOgydWn9wFJW-tvohA3TNZ0n-1h8U-IgzVQ3wYh6hP9qyhINQIAHwezVE0wLE9_oQu4hE_SrAl05DMt6ZV6HM9Qq9n0sOGz5SLcBr7G5EVJMcyWqDMeHwRkNZFIPee_Cs0YSjWOAUFlYQHcLqeUbpzKeqXg71-1hJ9HQwK3OamxCoSft1guDf75FGftfzg711l9E6BLaS1ZngNdI9_3jKWFW50TEbjdWouU_vi8-8STV6nOF8YpIwa42UQSaQV7pSG4onJqP6NfCwI4DP9dRkjP0edA17Z6Av37XkzvxDh2ZcqkvrjR9MLfN3tHYs_JW2s26Ztj1LZJqH4Dse3zltSD6Lz2nQXArQmujAY5snCStxASXl8Wco7Vn1JPoHVkEaxue43HS6re-sAHYrhRss_5DyC4sljdm-ZGJlpN54_qZmE6tTWI9HYjT_2r6_yVexdzoakSNysfQh3PS3a_mOubm4bzojJP1-aZ_1ON1uwpbFN_Jbb1R4F5vm8UZ_AqR229_3eEHRd3jJuRKGzpWmzLmZ8fjzByzvFSrBHBtacKkPaHFyM1e9ulxs6jgb5kI9-b09NXt9VIuvev4F3sGvl3w8HW1HNugKikSlaH_jOEgMo7AYb9BB-dYnOvR_S96BQE0lqahDot4txy1MAxItrRn8JI4miB5sIt_b1yY78SJxeKoMv6AfVJuhdorIX1fW44PNLRWYeT0wv3TKCVFx5hYPC5VhnF3GSGjDo6bHHCRzc3tzpaZxj9tULMGN8vLzrOouQQKUfJy7SHyOiIJKjE51q2DBYW6F1rPHRKBJOb7B6IFt4GzCk_NuGithteoRgBum7G6nZPL3cJivVZkk5dP1bo2U7I8Rcbdl_Wz1F-SVXCcXHsvjmNIBqP-j1JbSuXWZ3a0cQlOC3PmNQ5RnH7THapUjNlaX0j3CGqjrgwSZGNO2kegUhFMDXPAiKL3VKx9WyHkv3KRQcFOiH2P1Oq0NghKux_TkfS7DZd9TedF4G1MloSMqDXqce-HQ_nvg7oLqxNQM1kvVsP4H2H0jBjEH7omxfTR0jxNjE4Ooux_O1wZS1TanAb1covNSPEzDo-m0Uw1P4UIVh27PLoA3xdtLcyOODec-SK9YPte1r7-cbffJo9EmPeTE5Hzrn8uggTKuNmceXIXF4xnx6w6dYQQlf84brMZCVQr8gT7xXOEKSH-DajpEcgq9c9-B7vlsfrLjdAr3mJ5arSi9Veh_qUzWo54r3eTyfCuOwGreTah5ic_sQcJR6k0whsjJf3LDjJtCZD0OY3QJ8bwX_kuiDhRcc2Pf9NDybsMzg8ZWor4XhpbrEtd2TyHoNfBx3iiNiAQJGgV4qZilVmW2ls91M3z7R1HK1P0qpON_lsYJ6u8XxRqyV38J55cfD66MriYL4XUbd8Y73A0V-TTAjDXWMc0ZqSSsUmByCR2gUViisSFHZUdUgbti2cAInV926jNv4B88TEH9vbc-Bh3g1tiw2K7UkGdkeoB1k_u4P8ddrKNcsdgyuJ0dwgMPj1zW9kKrWC207DH3NSyLOuOux1dj3__9Z7WpVssJ3uqROo34ZGXHaaTJFk405rP58tiBgSM0OokYsI7-euGyMaPzd1g8uRcgaMk59BtAOfDlHJMq_PMTit9-_9F8tlFjtAzeQLxKdoUyYNzfEmGrf2t-NnAR5IKXIp6FT5eUtWF3aiWy3uyDSdUZIq5HYW_YEE-KkwklYTrSvc1NnkcW6qx-glCrIbOyefSIW6T1O6MvQEztmYdIZCPUB_5T5ihlNKvpOv3jY94Rf8yqM_uOMd_G3KI4EDO9VrvCSUQg-GzQSxb2iFQ1M4Mmuq1NCpgEJeMGP_f3GTTDgmymmyS_nHYYfWfOHWDZYsFT7Lb67LjlDk6xUeJdrWTqL-6r3PgYf_kT8H0W9XOFGqPQEsojFnxn-dBFOekSJE5zbeoqMoDFrsI96grHffLCZU9zDT3cK76CIh11kkc7FPgEcIeR6aO0rKjBaS5yupRotmalPnpctINe8w9c4ZMO6LMgdTFND1VLCpMPE5RZSAuux3UmNPmC7cTanrL5n7Xdx5hpeQGGzTdeoYQD65r1qL2xQx2nnWHltu9ud4RIt0XnRkxp5iu_3TxYRnk6-tjWK5wy-njUiKb8ubglaGvpbuZoL2n5IATEEnZdejHKP2RkhrBV8v_bsZAPoZADkDgFi1ZHQjUA3VxksdEeZ4bvD6_DG8zQMO8zfBB9eci_PpcX5RjyKwBa9CpM9EoT2Y8RRWxtLGaxPNRm4CDXo6d2OH84p6EL9U1E6ik5RYB71gqd8aWrQwlMp7TArELRlPDV5XnsXGewHyfM48lzxlfh9IpSENzH_JHPU_Ig76multu7dJhnBwAsXVkQXMrwLq-nERlxp8IDzivcj6zNNZp1ElEjbrgWE&cid=CAASFeRo-BoxcNRVeWAdVzmOYmvCuWjmgA&rfl=1%2Chttps%253A%252F%252Fwww.apronus.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:30:21 GMT content-encoding gzip x-content-type-options nosniff age 53 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9283 x-xss-protection 0 server cafe etag 1044373809082006429 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Oct 2021 20:30:21 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame F26A	0 0	57ms 57ms	Image text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021100701&jk=2151597431906072&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame 8C2C	14 KB 5 KB	8ms 8ms	Document text/html	23.218.208.200 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=860484&predirect=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/userSync.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-218-208-200.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba Request headers :method GET :authority ads.pubmatic.com :scheme https :path /AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=860484&predirect=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.apronus.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ Response headers last-modified Tue, 15 Jun 2021 06:08:03 GMT etag "1300708-3945-5c4c7cc02bd56" server Apache/2.2.15 (CentOS) accept-ranges bytes content-encoding gzip p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 5054 content-type text/html; charset=UTF-8 cache-control max-age=119321 expires Thu, 14 Oct 2021 05:39:55 GMT date Tue, 12 Oct 2021 20:31:14 GMT vary Accept-Encoding
GET H2	200	express_html_inpage_rendering_lib_200_273.js Show response s0.2mdn.net/879366/ Frame D2C2	114 KB 40 KB	82ms 21ms	Script text/javascript	142.250.185.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f6.1e100.net Software sffe / Resource Hash 2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ Origin https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 11:05:50 GMT content-encoding gzip x-content-type-options nosniff age 33924 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40185 x-xss-protection 0 last-modified Wed, 30 Jun 2021 20:54:50 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 13 Oct 2021 11:05:50 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20211007/r20110914/elements/html/ Frame D2C2	8 KB 3 KB	23ms 20ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211007/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AygMxBCeYanQHeA1_32x7BxJXEtI_J80rL-FU1P4zAQo9C6jyFz5rHNTpYgEqQlByGf-j-z7vrbsu0lDuga6x_h0S8Tn__ruLf-es2VWLrAivHYQOocaqw_BNYYdFtnbkCpnilP7f1c2y4lWTpxFKksiMErw&dbm_d=AKAmf-AmoNeH2imfSJzKKmdOiMqfbxyqMugconyHHRaRFpaprQKcwR04BaQ1N3VCt3W0HpN19RtCzS0ckYzYxLLddB8VI9udF3036ciNN-fk7vwNBci5FkRKkAEwsouQbFLCRXklQpiD_e7zG4gOyAJsHO0t52kKG-usG2dqiQeiT8mp8N8GuGnJlYLkZTdVCm7xxlguXR1tMybPVd08QnS4On5Tvxtx5UvVwgVEwca84nzwsobtGeVJu4DAMMF5-H3ONYhSLvOjlSObMDghXFwai_kyqcZemXA02bPSARi8GQX3WbSYPDcq9I196BoGmtjbwAkHHIPZ-_mykO8F3YtDwGTzodfnNIIb5CFfQYOM2Zg8g81CLGSLNc-CX9xP2llWXa1DkYdzfhHuSMpa_0A68wAQQVmK9zh_pClzWOEe-Wz7RU6i7BlR50g8UISCedeUe3CAmfIOfNanMBCgTjrk4uWBZ1Q6UrYWAJLEkb_WppR8fs3WZwI8SIqkZxIz_HzLHbRS9NtHH_W9BSt9IyRiJZ0uQ1P5-zQc2DDvEfJIXpGOXZFHyMiC5Jqu-KnjgTbEzmag31LyIDXGCCDVl5fvl_Flojx38IQYUdzhucYWt7WAYKNjfqVZXNwcUd-uclAYTgim5T7e9p3jUqf1wYUzHEJmvhgl1E_fHjk4Uv3R_SsoJ_2H7ubdsVkKIq2wIk9bkrypZYbJvvmrixiQYS9RA7qaarrF99w2uZv3NSbHEJ8R-qpiuS4a0Mvnt-1u-IkVMrvxPYNxEmS-CxqR-XGuQE_Rdze93CSSS06hnjdzukpcDoQgWussXOJsgSImdd_gHvO38wM7pfAXW6BwzbUmPgym4GepfBezvLHksact4YJ4ncbBvvp9Tppn0gQQbMavdkJbI4CSZuCvY-eATcjj55hMQOU42oMMgMiFJVA_EALm0m0Lky4oBiqRURrzbjCQaBrmtroi3NRXIJuvSenbVIqpxXdG9YIGRGXyLKqQm_KaEsgWo4SiVAINNUHfNHXmAxeoAC0yVdJa4NvgfjJRIxJwAmbUVPR6R0G_hw8TsrGopQuMSXb8JlypP_9e5WKl-C6zUKfeniGijEwJIw5D5mF4hKMj_1uI0AjYK3q7B9oS2AxdCau0TMjvIVWvjDWmftJVnkU0JEP7lCDckuFRqBvKJkCpULodcXyyKWSVOLlm-n0Sw1MMNWqEsMu2cf_tiBgwwEwkJHig7ApchR7t-1iypBV8ARAE2ZzOSjudSPN1Ae4Irx1xAd63pFbYlxAX0HrMth74qWoVcotkGVZdlrLrOwY0P44FqzhkizS21Jrwvh-_bw6IwO6Yv-Lot6CueSX9c0eK7V8VxdzjiMpHivhyf6QL3dDkCMXF9wD2Yk9pbVNJY6NF_pPzEAOigQAvVQQa1U7fJuWd-jsskklp9aeWeMNPqvyNaAtK-ptpB7kQAEZvf7oqQiKRb6eiTsZF65Nigvn91gN7QcQwkrO9JfVRc-SdJuNEWY1Llz9JNzUxJnjyoedxN6-ekHcU8074II7FQsBKTUJdXPNEH-m5zo4V2pnSEaaY_DOIUsRPeEOxliog4bu30r_vsn7YyiF7RVbSY4oWCAjPyYMw-ByYMs5ypYuMjr4VKHOsd1Lr-RtBAEusZIOBvKTXoFkqRcQuFniod4LChAOfQStNgOztuDyVNbjoQ9NohyfeaXL0xR0UmUs9Abh5wlTgxcy8nLE4CjDq1LaPh91z-nXI_LJIPgC0Oibb5dG6qjgZdaynCjlBJ3S2R8K3i_Mleanuw5NKQTVdfpA6QvgvOLRS1JTJaa2Ox966D2wH16j_VV9kZAZ5Ph4_wDob9S7qTFdHmuHjafJV7ukoraMRc12AOc9XvOZuiy0Wuhg3xDGplS6m4chBdSAI3DJLREr78Vux-lkjKclLJcq27DX8GWilPuI0kbZuztLnKXOqpGen9Ycxc6E_UO1GLZlq0LNuT7Wrdd_jaMffdGoOOZK65Xa9nN0AnA372llThV5r97cIa4AO8FUyWOEJPU8ASxFt5gUfyeGDXpHFRvY614143fNnpNhQoO8lWkll0ZvOJV8smVSCUUIBqGGZgYQxtpZSo-h2ps3Ij9Wnl5efAJezD7MY13Zc0z-XvZRQDXYq6SrOm0DH4Sno3Vt2Qh418DeuOQu5bf7IfBP0NqXlD7wuCn_XZfRH5XWt2BMOz4J5bYv2iivNmnuwdlq_P22ooqC6c3EsFxkZwBSacb4IFbY4dOK2GhB4mW6H1ixLqGGpkIPA3Z_mDfJeGjaG_DCU_pICDUXW4CyEKakgY8JMwlpsX1_eoP1Ia0ScgI9IaebDq6lzYEN4t7Kd5QDlFXKQlntP7Ra3Ms1YaLLi2nRlUPGLyW4ViTT1RJc5uNA59BcByjnZiXMwRE9oNrBKRw_-jqiNlgQ5fD0zP_OjqB_d2gTCE_mD4nSRVZz3mXz4GbMYjXdYXKdewB5GCtrHBez9XpxjmZxHPw9y8PHzatSPfjOeUvvdEdUBBxypYr5HpwTRTBILkXNUee319VArWl7P6W7hUajdKyPZ1KzVk7xbdPtowj-aEjuvG7yGg3KJbhPGNnGiP8Y7hkm4FDAq84vZRuzJVrmkCwTgx77m9mkXmND_XJlo5wLNu6JtIU5AxJFlWvYOx4PqnDjDJenSLofypd-r_Lset-2cJwPl73UiTBuiuKTWAZ7ETDs6_ih7fSxScFXd0AqGVOCN7KgdvUuG8JIw6aa1L6ASaPEe6ar2Y3RXdF6OHt69z3DlRv3sz9SZOqegiWNu3jFhjyVf4wY0CjqpMd0hPfct7vThsRuISKlvnw8Px47t51ilKBs6kMBf4NM53q9347eqlJkhEUmOwgOA9s-YpI8EJYWjp-eawkEZcGWNUk4Pjtha2sekNv-Oy1L9Ouo3fd7A_46RCjaBMh82wK2q9ytU3DWYXFkOjrAuyOw5AI8enCBmGwpDkf-HbZX60p3zQ-Tc0V4BV1yRxgQkz3jcFUTfVhUWnt90icnzcE0Yk7q2Nc40yNSFdbTkE3W9HzjZ29p-LquJJOhNQ1aKHV60fnbYoficn-4YnfjtJXlULJPQ8v8LUKDEgix9Cp-9uUHlMAkVydooN8kGlUw6ecDDxCruQFrekqx6sEQhlAdugYVanska5epJu0ZKr4pVHNb6z4nZOaMfNy44M69XK67d5_neZdQgt9MnE1rnoVprKrA3Z7AeFVYJn-jaSo4jgnLg1AnWVwfiuQygpSxSjz4ghn9I9GVQvanewG9j4v9t9sR5e0jp9xM_vA&cid=CAASFeRoa3tzNTQp8324SvMKWsqddGO_uA&rfl=1%2Chttps%253A%252F%252Fwww.apronus.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:29:07 GMT content-encoding gzip x-content-type-options nosniff age 127 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3128 x-xss-protection 0 server cafe etag 3658073882064373855 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Oct 2021 20:29:07 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20211007/r20110914/ Frame D2C2	23 KB 9 KB	26ms 26ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20211007/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AygMxBCeYanQHeA1_32x7BxJXEtI_J80rL-FU1P4zAQo9C6jyFz5rHNTpYgEqQlByGf-j-z7vrbsu0lDuga6x_h0S8Tn__ruLf-es2VWLrAivHYQOocaqw_BNYYdFtnbkCpnilP7f1c2y4lWTpxFKksiMErw&dbm_d=AKAmf-AmoNeH2imfSJzKKmdOiMqfbxyqMugconyHHRaRFpaprQKcwR04BaQ1N3VCt3W0HpN19RtCzS0ckYzYxLLddB8VI9udF3036ciNN-fk7vwNBci5FkRKkAEwsouQbFLCRXklQpiD_e7zG4gOyAJsHO0t52kKG-usG2dqiQeiT8mp8N8GuGnJlYLkZTdVCm7xxlguXR1tMybPVd08QnS4On5Tvxtx5UvVwgVEwca84nzwsobtGeVJu4DAMMF5-H3ONYhSLvOjlSObMDghXFwai_kyqcZemXA02bPSARi8GQX3WbSYPDcq9I196BoGmtjbwAkHHIPZ-_mykO8F3YtDwGTzodfnNIIb5CFfQYOM2Zg8g81CLGSLNc-CX9xP2llWXa1DkYdzfhHuSMpa_0A68wAQQVmK9zh_pClzWOEe-Wz7RU6i7BlR50g8UISCedeUe3CAmfIOfNanMBCgTjrk4uWBZ1Q6UrYWAJLEkb_WppR8fs3WZwI8SIqkZxIz_HzLHbRS9NtHH_W9BSt9IyRiJZ0uQ1P5-zQc2DDvEfJIXpGOXZFHyMiC5Jqu-KnjgTbEzmag31LyIDXGCCDVl5fvl_Flojx38IQYUdzhucYWt7WAYKNjfqVZXNwcUd-uclAYTgim5T7e9p3jUqf1wYUzHEJmvhgl1E_fHjk4Uv3R_SsoJ_2H7ubdsVkKIq2wIk9bkrypZYbJvvmrixiQYS9RA7qaarrF99w2uZv3NSbHEJ8R-qpiuS4a0Mvnt-1u-IkVMrvxPYNxEmS-CxqR-XGuQE_Rdze93CSSS06hnjdzukpcDoQgWussXOJsgSImdd_gHvO38wM7pfAXW6BwzbUmPgym4GepfBezvLHksact4YJ4ncbBvvp9Tppn0gQQbMavdkJbI4CSZuCvY-eATcjj55hMQOU42oMMgMiFJVA_EALm0m0Lky4oBiqRURrzbjCQaBrmtroi3NRXIJuvSenbVIqpxXdG9YIGRGXyLKqQm_KaEsgWo4SiVAINNUHfNHXmAxeoAC0yVdJa4NvgfjJRIxJwAmbUVPR6R0G_hw8TsrGopQuMSXb8JlypP_9e5WKl-C6zUKfeniGijEwJIw5D5mF4hKMj_1uI0AjYK3q7B9oS2AxdCau0TMjvIVWvjDWmftJVnkU0JEP7lCDckuFRqBvKJkCpULodcXyyKWSVOLlm-n0Sw1MMNWqEsMu2cf_tiBgwwEwkJHig7ApchR7t-1iypBV8ARAE2ZzOSjudSPN1Ae4Irx1xAd63pFbYlxAX0HrMth74qWoVcotkGVZdlrLrOwY0P44FqzhkizS21Jrwvh-_bw6IwO6Yv-Lot6CueSX9c0eK7V8VxdzjiMpHivhyf6QL3dDkCMXF9wD2Yk9pbVNJY6NF_pPzEAOigQAvVQQa1U7fJuWd-jsskklp9aeWeMNPqvyNaAtK-ptpB7kQAEZvf7oqQiKRb6eiTsZF65Nigvn91gN7QcQwkrO9JfVRc-SdJuNEWY1Llz9JNzUxJnjyoedxN6-ekHcU8074II7FQsBKTUJdXPNEH-m5zo4V2pnSEaaY_DOIUsRPeEOxliog4bu30r_vsn7YyiF7RVbSY4oWCAjPyYMw-ByYMs5ypYuMjr4VKHOsd1Lr-RtBAEusZIOBvKTXoFkqRcQuFniod4LChAOfQStNgOztuDyVNbjoQ9NohyfeaXL0xR0UmUs9Abh5wlTgxcy8nLE4CjDq1LaPh91z-nXI_LJIPgC0Oibb5dG6qjgZdaynCjlBJ3S2R8K3i_Mleanuw5NKQTVdfpA6QvgvOLRS1JTJaa2Ox966D2wH16j_VV9kZAZ5Ph4_wDob9S7qTFdHmuHjafJV7ukoraMRc12AOc9XvOZuiy0Wuhg3xDGplS6m4chBdSAI3DJLREr78Vux-lkjKclLJcq27DX8GWilPuI0kbZuztLnKXOqpGen9Ycxc6E_UO1GLZlq0LNuT7Wrdd_jaMffdGoOOZK65Xa9nN0AnA372llThV5r97cIa4AO8FUyWOEJPU8ASxFt5gUfyeGDXpHFRvY614143fNnpNhQoO8lWkll0ZvOJV8smVSCUUIBqGGZgYQxtpZSo-h2ps3Ij9Wnl5efAJezD7MY13Zc0z-XvZRQDXYq6SrOm0DH4Sno3Vt2Qh418DeuOQu5bf7IfBP0NqXlD7wuCn_XZfRH5XWt2BMOz4J5bYv2iivNmnuwdlq_P22ooqC6c3EsFxkZwBSacb4IFbY4dOK2GhB4mW6H1ixLqGGpkIPA3Z_mDfJeGjaG_DCU_pICDUXW4CyEKakgY8JMwlpsX1_eoP1Ia0ScgI9IaebDq6lzYEN4t7Kd5QDlFXKQlntP7Ra3Ms1YaLLi2nRlUPGLyW4ViTT1RJc5uNA59BcByjnZiXMwRE9oNrBKRw_-jqiNlgQ5fD0zP_OjqB_d2gTCE_mD4nSRVZz3mXz4GbMYjXdYXKdewB5GCtrHBez9XpxjmZxHPw9y8PHzatSPfjOeUvvdEdUBBxypYr5HpwTRTBILkXNUee319VArWl7P6W7hUajdKyPZ1KzVk7xbdPtowj-aEjuvG7yGg3KJbhPGNnGiP8Y7hkm4FDAq84vZRuzJVrmkCwTgx77m9mkXmND_XJlo5wLNu6JtIU5AxJFlWvYOx4PqnDjDJenSLofypd-r_Lset-2cJwPl73UiTBuiuKTWAZ7ETDs6_ih7fSxScFXd0AqGVOCN7KgdvUuG8JIw6aa1L6ASaPEe6ar2Y3RXdF6OHt69z3DlRv3sz9SZOqegiWNu3jFhjyVf4wY0CjqpMd0hPfct7vThsRuISKlvnw8Px47t51ilKBs6kMBf4NM53q9347eqlJkhEUmOwgOA9s-YpI8EJYWjp-eawkEZcGWNUk4Pjtha2sekNv-Oy1L9Ouo3fd7A_46RCjaBMh82wK2q9ytU3DWYXFkOjrAuyOw5AI8enCBmGwpDkf-HbZX60p3zQ-Tc0V4BV1yRxgQkz3jcFUTfVhUWnt90icnzcE0Yk7q2Nc40yNSFdbTkE3W9HzjZ29p-LquJJOhNQ1aKHV60fnbYoficn-4YnfjtJXlULJPQ8v8LUKDEgix9Cp-9uUHlMAkVydooN8kGlUw6ecDDxCruQFrekqx6sEQhlAdugYVanska5epJu0ZKr4pVHNb6z4nZOaMfNy44M69XK67d5_neZdQgt9MnE1rnoVprKrA3Z7AeFVYJn-jaSo4jgnLg1AnWVwfiuQygpSxSjz4ghn9I9GVQvanewG9j4v9t9sR5e0jp9xM_vA&cid=CAASFeRoa3tzNTQp8324SvMKWsqddGO_uA&rfl=1%2Chttps%253A%252F%252Fwww.apronus.com%252F%240 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:30:21 GMT content-encoding gzip x-content-type-options nosniff age 53 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9283 x-xss-protection 0 server cafe etag 1044373809082006429 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Oct 2021 20:30:21 GMT
GET H2	200	cs Show response rtb-msk-2.viadata.store/vast/ Frame 6F1F	71 B 422 B	394ms 278ms	XHR application/xml	23.111.115.236 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://rtb-msk-2.viadata.store/vast/cs?zone=104222&w=432&h=243&site=https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm&vp=2&cbb=4070674897 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.111.115.236 , Russian Federation, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:15 GMT content-encoding gzip x-content-type-options nosniff server nginx age 0 vary Accept-Encoding access-control-allow-methods GET, POST content-type application/xml; charset=utf-8 access-control-allow-origin https://www.apronus.com cache-control no-store access-control-allow-credentials true strict-transport-security max-age=31536000 access-control-allow-headers Content-Type, Accept
GET H2	200	/ Show response ads.viralize.tv/vast/ Frame 6F1F	67 B 302 B	69ms 27ms	XHR text/xml	35.186.238.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ads.viralize.tv/vast/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm&cbb=4070674899 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 232.238.186.35.bc.googleusercontent.com Software uvicorn, Unknown / Resource Hash 2c32c331c6e8de3b9aa3cfaec1cd5c295e848484d7925832a6aae6c2e0c3ea14 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:14 GMT content-encoding gzip server uvicorn, Unknown vary Accept-Encoding, Origin content-type text/xml; charset=UTF-8 access-control-allow-origin https://www.apronus.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc clear via 1.1 google expires 0
GET H/1.1	200 OK	bid.php Show response n.ap1.dyntrk.com/ Frame 6F1F	21 B 221 B	302ms 94ms	XHR text/xml	51.81.106.33 OVH
General Check archive.org Show headers Download Go to Full URL https://n.ap1.dyntrk.com/bid.php?bsrc=d5ad5bs9ht&cpu=https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm&uint=2&ist=1&cdid=DYN-OPM-0388&plw=432&plh=243&addu=60&pubid=104222&uifa=6c53b3f3-d0be-4a0c-87d0-f414da8b1a42&ad_ct=application%2Fjavascript%2Cvideo%2Fmp4&gdpr=0&gdpr_consent=&cbb=4070674899 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 51.81.106.33 New York, United States, ASN16276 (OVH, FR), Reverse DNS ns106714.ip-51-81-106.us Software proxy / Resource Hash e6e50b8065401e792b185209a6565a0edf4dd211a453501ac5d3d872066aff71 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers access-control-allow-origin https://www.apronus.com pragma no-cache access-control-allow-credentials true server proxy x-rc 81 content-length 21 content-type text/xml
GET H/1.1	204 No Content	ad_request Show response ads.aralego.com/ Frame 6F1F	0 571 B	372ms 192ms	XHR text/plain	162.210.196.208 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Full URL https://ads.aralego.com/ad_request?host=apronus.com&ver=UCX_WEB-20200113&adid=ad-D2349AB8AE32EBB4FB69232EAAA43E6&atype=2&u=https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm&gdpr=0&euconsent-v2=&w=432&h=243&je=1&cbb=4070674900 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:15 GMT x-width 1600 x-height 900 access-control-allow-methods GET,POST,OPTIONS access-control-allow-origin https://www.apronus.com access-control-expose-headers X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal access-control-allow-credentials true x-sspid bb1b43a8-7775-3356-9b1d-ba19449dcf24 connection close x-adtype vast
GET H/1.1	200 OK	i dmg.digitaltarget.ru/awg/custom/7205/i/ Frame 6F1F Redirect Chain https://dmg.digitaltarget.ru/1/7205/i/i?a=945&e=6c53b3f3-d0be-4a0c-87d0-f414da8b1a42&i=1634070674 https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=6c53b3f3-d0be-4a0c-87d0-f414da8b1a42&i=1634070674	49 B 603 B	3109ms 3109ms	Image image/gif	185.15.175.174 SAFEDATA Uplinks
General Check archive.org Show headers Download Go to Show image Full URL https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=6c53b3f3-d0be-4a0c-87d0-f414da8b1a42&i=1634070674 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.15.175.174 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU), Reverse DNS Software nginx / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 12 Oct 2021 20:31:18 GMT Content-Encoding gzip X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies master-only Request-Time 14 Connection keep-alive Vary Accept-Encoding Content-Length 64 X-XSS-Protection 1; mode=block Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx X-Frame-Options DENY Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Credentials true Redirect headers Date Tue, 12 Oct 2021 20:31:15 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin Server nginx X-Frame-Options DENY Access-Control-Allow-Methods GET, POST, OPTIONS Location https://dmg.digitaltarget.ru/awg/custom/7205/i/i?call_source=awg&a=945&e=6c53b3f3-d0be-4a0c-87d0-f414da8b1a42&i=1634070674 X-XSS-Protection 1; mode=block X-Permitted-Cross-Domain-Policies master-only Access-Control-Allow-Credentials true Access-Control-Max-Age 86400 Connection keep-alive Request-Time 0 Content-Length 0 X-Content-Type-Options nosniff
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame 6F1F Redirect Chain https://sync.search.spotxchange.com/partner?adv_id=273596&uid=6c53b3f3-d0be-4a0c-87d0-f414da8b1a42 https://sync.search.spotxchange.com/partner?adv_id=273596&uid=6c53b3f3-d0be-4a0c-87d0-f414da8b1a42&__user_check__=1&sync_id=58b144a5-2b9b-11ec-b29d-1a3233820506	43 B 548 B	19ms 19ms	Image image/gif	185.94.180.126 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=273596&uid=6c53b3f3-d0be-4a0c-87d0-f414da8b1a42&__user_check__=1&sync_id=58b144a5-2b9b-11ec-b29d-1a3233820506 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 12 Oct 2021 20:31:15 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 63 Connection keep-alive Content-Length 43 Redirect headers Date Tue, 12 Oct 2021 20:31:14 GMT Server nginx Location /partner?adv_id=273596&uid=6c53b3f3-d0be-4a0c-87d0-f414da8b1a42&__user_check__=1&sync_id=58b144a5-2b9b-11ec-b29d-1a3233820506 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 109 Connection keep-alive Content-Length 0
GET H2	200	dsp logs.viadata.store/event/ Frame 6F1F	43 B 296 B	60ms 59ms	Image image/gif	23.111.115.244 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://logs.viadata.store/event/dsp?sid=104222&event=rtb&event2=request&cb=1634070674900&tids=7154,7161,7162,7644 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:14 GMT x-content-type-options nosniff last-modified Tue, 12 Oct 2021 20:31:14 GMT server nginx strict-transport-security max-age=31536000 content-type image/gif cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-length 43 expires Wed, 11 Nov 1998 11:11:11 GMT
GET H3	200	164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js Show response pagead2.googlesyndication.com/bg/ Frame F2A8	35 KB 13 KB	23ms 22ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software sffe / Resource Hash d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 14:41:27 GMT content-encoding br x-content-type-options nosniff age 20987 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13308 x-xss-protection 0 last-modified Tue, 05 Oct 2021 11:38:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Wed, 12 Oct 2022 14:41:27 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame F59E	41 KB 15 KB	21ms 21ms	Script text/javascript	142.250.184.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com URL: https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f1.1e100.net Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 17:46:24 GMT content-encoding gzip x-content-type-options nosniff age 9890 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Wed, 12 Oct 2022 17:46:24 GMT
GET DATA	200 OK	truncated / Frame F59E	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2eff10e001f8cc7ed13e66fc550b929f2ae5540d6bc5b94be773af1004be4e16 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/png
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame 8C2C	2 KB 3 KB	41ms 12ms	Script text/html	185.64.189.115 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=48930070&p=160098&s=860484&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=860484&predirect=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash 8990c69274b29bd66481104316c66607eeaa84e9315f3131c0db9f70d020d2ca Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:14 GMT content-type text/html; charset=UTF-8 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H3	200	integrator.js Show response adservice.google.de/adsid/ Frame 96B5	107 B 122 B	62ms 33ms	Script application/javascript	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Oct 2021 20:31:15 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/ Frame 96B5	107 B 122 B	56ms 22ms	Script application/javascript	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Oct 2021 20:31:15 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/ Frame 96B5	330 B 159 B	76ms 75ms	XHR text/plain	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=397169330715997&correlator=2640178368656785&output=ldjh&impl=fifs&eid=31063083%2C31062220%2C44748552&vrg=2021100701&ptt=17&sc=1&sfv=1-0-38&ecs=20211012&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cdm=cdn.aralego.net&bc=31&abxe=1&lmt=1597133702&dt=1634070675034&dlt=1634070674760&idt=248&ea=0&frm=24&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=64515409&ucis=5on6hs7jsee7&ifi=1&ifk=923963767&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2Fcht_cookieSyncIframe.html&ref=https%3A%2F%2Fwww.apronus.com%2F&top=https%3A%2F%2Fwww.apronus.com%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=2067540820.1634070675&ga_sid=1634070675&ga_hid=856852303&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 26e770031451d1475efb7daad6a1053d1bce5e565e76e885ea942b668fba5d13 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:15 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 130 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://cdn.aralego.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response f22df4b32d9d471d38746f4838f97791.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4823	6 KB 3 KB	59ms 31ms	Document text/html	142.250.186.33 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://f22df4b32d9d471d38746f4838f97791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.33 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f1.1e100.net Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority f22df4b32d9d471d38746f4838f97791.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html?n=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://cdn.aralego.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://cdn.aralego.net/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Tue, 12 Oct 2021 20:31:15 GMT expires Wed, 12 Oct 2022 20:31:15 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame D2C2	41 KB 15 KB	21ms 20ms	Script text/javascript	142.250.184.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com URL: https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f1.1e100.net Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 17:46:24 GMT content-encoding gzip x-content-type-options nosniff age 9891 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Wed, 12 Oct 2022 17:46:24 GMT
GET DATA	200 OK	truncated / Frame D2C2	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2da3623c2d8b81771ca48b7d1566b9e573499f66e5acc1acbb00c00688350401 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Type image/png
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 3E07	22 KB 8 KB	22ms 20ms	Document text/html	142.250.184.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f1.1e100.net Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 date Tue, 12 Oct 2021 17:46:25 GMT expires Wed, 12 Oct 2022 17:46:25 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 9890 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/14735266241682150625/ Frame 5F6F	83 KB 18 KB	55ms 24ms	Document text/html	142.250.185.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/14735266241682150625/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f6.1e100.net Software sffe / Resource Hash 35192762fa623e317af4ae958d5b4ccad4bf6f396615542277dea76637c1a264 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /sadbundle/14735266241682150625/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} timing-allow-origin * date Tue, 12 Oct 2021 18:04:02 GMT expires Wed, 12 Oct 2022 18:04:02 GMT last-modified Wed, 30 Jun 2021 12:20:04 GMT x-content-type-options nosniff x-dns-prefetch-control off content-encoding gzip server sffe x-xss-protection 0 content-length 18638 age 8833 cache-control public, max-age=31536000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame D2C2	0 61 B	149ms 67ms	Ping image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvNP1K0_guhn-auXPnmyNizJYLpKqbOSBTc_XKKxiWcsBGPTDMfIZ6UFubVsFXX-5iUZb_Imo7S2XataKV4-sNAXlfFWLyFSdQ9bgEFbdUUj73pH_kDJm5o4ZnjA2hqYUprAkeK2x3y3Wkv4rjcYZqY1oWiWV4ga7CbDKd56a1YNm8n6NN0c9efFOzoeoTFtrmRhbGVo4R1HpoTm08uAdX3BYEH-J8BZrN9sRG8O89t8Iz0JS5ApvEY6Tk_eRs3RlKVBaHUBerSk5du8X_5qFAlf3-71RcjobEJ3VABDRoP0nuWe_b4mLYtU_VPtGzazQYFx7s7js85Fbtz1LILp5NcZhkffce_YH5iwNvVIV7vmGZkXOJEyIApo0Fv8yPJCO1Koj3MmGs3e6L-TgsPnpjHpMFaJMc6sREFVdDWmZ5KjKktf5W33kv06Ugh2Fd1Gba7YmNYR8xk0lUl1CkvVJjLVsFdS11GKx6JkXTsEhOCR0kB8VsxFnBFyoZ6yYAIMx3ltnJQQOmo9uElAU_qyTXF-khkb1mahKcpNLIhLlOBE-c78mv0sbEZRum1FrYQ-mQoplFdgk31U8uIPEusYuvVUcxxYSjlXPXF0NXyuEUNQKeSeb7prWbweKP4_LdzEQSVj4fiSC7C4JcGjBykC6fVrDqOCoSRjVFaN24xBQAgY9KskCw55LKUHWZiClMNlvU3GTCtuLKg_kO4LfKfurFF_1HM3l7Yg8VN8xEUszNgkM3A1KextX39h4xboptCn-_kEkdquxSnEPFFT2w_QflthE6Nt3ADipMaoXZWxgyvJTG9GBTwaJEMBUNanWGYsSl6WqGnnjUYuzxdm6D9p_D-_QVaajZ_aJfpTwxxziOHSg8YbLIr2IGhVp59BvJqWwSq5ybursutDylYigeuRiBQCA67ZaOkP1cMVvGudMHTOHHaIZeafh8bRVOsorI2FTqs_OjhpeG6bDh3SpJGUyGUOXIPZ82rz14CGhRmrrQER5vdbC19wVKAwO94UqZIWtghbfs4EI0jO92cPOC4SbZTzETEeJpYhVhD2ALAx5Ux_CusP4zX77iwJnin_F-Fk2m4VYLQIBEpBaPIySoTtB_l2DSRdXqbB0gKEaQBoifM6ALbSgN8KfgEWuQQht_pn-wSCK0TUSVXSHPQCh8lQRZ5qLn_5i-d1N9wfZ4VCCzxjGnHS5Vsi2xMRO7udFsIkbkTf1fYWoVPyZqyJQ&sai=AMfl-YRtfZ1ot5Vo_zjClBzdqSQ4z4A5abNFzeUhSTwcJ92kc0TSDkAVbkqFkDAEBCNmpSqz2h5VxryQyYqEDUzimagsXxowyYzeD1twoY63FdJCmijMlLYh4LWd711DEq1LUQP9SD7FDxticbMYkXCYOL7f-vHCcyDEKqHVWtY&sig=Cg0ArKJSzLERnIrhPHbqEAE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=232&cbvp=1&cstd=229&cisv=r20211007.09336&adurl= Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Tue, 12 Oct 2021 20:31:15 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	match Show response c1.adform.net/serving/cookie/ Frame CA31 Redirect Chain https://c1.adform.net/serving/cookie/match?party=14&cid=DDC05B62-038D-4F46-9515-1B2605F0247D https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DDC05B62-038D-4F46-9515-1B2605F0247D	35 B 467 B	18ms 18ms	Document image/gif	37.157.5.142 ADFORM
General Check archive.org Show headers Download Go to Full URL https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DDC05B62-038D-4F46-9515-1B2605F0247D Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=860484&predirect=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.5.142 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers :method GET :authority c1.adform.net :scheme https :path /serving/cookie/match?CC=1&party=14&cid=DDC05B62-038D-4F46-9515-1B2605F0247D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ads.pubmatic.com/ accept-encoding gzip, deflate, br cookie C=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ Response headers server nginx date Tue, 12 Oct 2021 20:31:15 GMT content-type image/gif cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache expires -1 set-cookie uid=7684729538568214549; expires=Sat, 11 Dec 2021 20:31:15 GMT; domain=adform.net; path=/; secure; samesite=none access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With access-control-allow-methods GET access-control-allow-origin * access-control-max-age 86400 strict-transport-security max-age=31536000; includeSubDomains Redirect headers server nginx date Tue, 12 Oct 2021 20:31:15 GMT content-length 0 location https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=DDC05B62-038D-4F46-9515-1B2605F0247D cache-control no-cache, no-store, must-revalidate, no-transform pragma no-cache expires -1 set-cookie C=1; expires=Fri, 12 Nov 2021 20:31:15 GMT; domain=adform.net; path=/; secure; samesite=none access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With access-control-allow-methods GET access-control-allow-origin * access-control-max-age 86400 strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	Pug Show response image2.pubmatic.com/AdServer/ Frame 0804 Redirect Chain https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3370765163728087878	42 B 210 B	13ms 12ms	Document image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3370765163728087878 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=860484&predirect=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002 Request headers :method GET :authority image2.pubmatic.com :scheme https :path /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3370765163728087878 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ads.pubmatic.com/ accept-encoding gzip, deflate, br cookie KADUSERCOOKIE=DDC05B62-038D-4F46-9515-1B2605F0247D; chkChromeAb67Sec=1; pi=160098:2; DPSync3=1635206400%3A201_197_219%7C1634083200%3A174; SyncRTB3=1635206400%3A21_7_3_8_220_13_54_161_56%7C1635292800%3A35; PUBMDCID=3; KRTBCOOKIE_153=19420-MVdOs2FWQbUqVBy0NldVtT4ESuUqURq_M1LhEzBj&KRTB&22979-MVdOs2FWQbUqVBy0NldVtT4ESuUqURq_M1LhEzBj; KRTBCOOKIE_80=22987-CAESEJ933L30aEX8US1_36ETG14&KRTB&16514-CAESEJ933L30aEX8US1_36ETG14&KRTB&23025-CAESEJ933L30aEX8US1_36ETG14; KRTBCOOKIE_57=22776-4513041674228493235; PugT=1634070674 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ Response headers server nginx date Tue, 12 Oct 2021 20:31:14 GMT content-type image/gif; charset=utf-8 content-length 42 set-cookie KRTBCOOKIE_336=5844-3370765163728087878; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 11-Nov-2021 20:31:14 GMT; path=/ PugT=1634070674; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 11-Nov-2021 20:31:14 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 10-Jan-2022 20:31:14 GMT; path=/ x-lat amspug016:0:370 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control no-store, no-cache, private Redirect headers location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3370765163728087878 content-length 0 p3p CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
GET H2	200	usersync.aspx Show response dis.criteo.com/dis/ Frame 903D	43 B 334 B	47ms 17ms	Document image/gif	178.250.2.151 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=860484&predirect=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers :method GET :authority dis.criteo.com :scheme https :path /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ads.pubmatic.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ Response headers date Tue, 12 Oct 2021 20:31:14 GMT content-type image/gif server Kestrel cache-control no-cache pragma no-cache expires Tue, 12 Oct 2021 00:00:00 GMT x-errorlevel 0 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 414730
GET H2	200	sync Show response rtb-msk-2.viadata.store/tools/ Frame F55E	43 B 297 B	56ms 54ms	Document image/gif	23.111.115.236 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://rtb-msk-2.viadata.store/tools/sync?dsp=24&uid=DDC05B62-038D-4F46-9515-1B2605F0247D Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=860484&predirect=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.111.115.236 , Russian Federation, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers :method GET :authority rtb-msk-2.viadata.store :scheme https :path /tools/sync?dsp=24&uid=DDC05B62-038D-4F46-9515-1B2605F0247D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://ads.pubmatic.com/ accept-encoding gzip, deflate, br cookie viads_uid=6c53b3f3-d0be-4a0c-87d0-f414da8b1a42; viads_sc=%7B%22pubm%22%3A1634070673%2C%22ucf%22%3A1634070673%2C%22one%22%3A1634070673%2C%220%22%3A1634070674%2C%2227%22%3A1634070674%7D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ Response headers server nginx date Tue, 12 Oct 2021 20:31:15 GMT content-type image/gif content-length 43 last-modified Tue, 12 Oct 2021 20:31:15 GMT expires Wed, 11 Nov 1998 11:11:11 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache strict-transport-security max-age=31536000 x-content-type-options nosniff
GET H2	200	user_sync.html ads.pubmatic.com/AdServer/js/ Frame 8C2C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3cBbYgONT0aVFRsmBfAkfQ%3D%3D https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=	14 KB 14 KB	8ms 7ms	Image text/html	23.218.208.200 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=860484&predirect=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-218-208-200.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:15 GMT content-encoding gzip last-modified Tue, 15 Jun 2021 06:08:03 GMT server Apache/2.2.15 (CentOS) etag "1300708-3945-5c4c7cc02bd56" vary Accept-Encoding p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control max-age=119320 accept-ranges bytes content-type text/html; charset=UTF-8 content-length 5054 expires Thu, 14 Oct 2021 05:39:55 GMT Redirect headers pragma no-cache date Tue, 12 Oct 2021 20:31:15 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 272 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	SPug image4.pubmatic.com/AdServer/ Frame 8C2C Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e5d66165-f092-4c00-aa33-d0f0425fcf1f	0 260 B	41ms 14ms	Image text/plain	185.64.189.114 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e5d66165-f092-4c00-aa33-d0f0425fcf1f Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=860484&predirect=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:14 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Date Tue, 12 Oct 2021 20:31:15 GMT Server MT3 3984 0e3af3b master zrh-pixel-x11 config:1.0.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e5d66165-f092-4c00-aa33-d0f0425fcf1f Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Tue, 12 Oct 2021 20:31:14 GMT
GET H/1.1	200 OK	match ps.eyeota.net/ Frame 8C2C Redirect Chain https://pixel.onaudience.com/?partner=214&mapped=DDC05B62-038D-4F46-9515-1B2605F0247D https://pixel.onaudience.com/?partner=236&icm&cver&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m https://ps.eyeota.net/pixel?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=170a260c07fa8d9e https://ps.eyeota.net/pixel/bounce/?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=170a260c07fa8d9e https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MjNJUUFxMGtaVjNSY241dUYxVEJKbE1BelFBSXZmanV4Q0dIYTN1YjBrZU0&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&... https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&referrer_pid=3b2cb90&google_gid=CAESEPtu0V1dbZUSuT6BvOmrLb0&google_cver=1 https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7853205594747228375&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 https://ps.eyeota.net/match?bid=7vi0rg0&uid=48906165-f092-4a00-a8c3-357cb9be73c3&dc_rc=3&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%... https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_p... https://ps.eyeota.net/match?uid=YWXwkwAIlMaD5gAR&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90&_test=YWXwkwAIlMaD5gAR https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 https://ps.eyeota.net/match?uid=cecb464a-8209-42a1-9c20-b5ce3d72e3e1&bid=1e2n4ou	70 B 440 B	40ms 40ms	Image image/gif	3.127.178.105 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=cecb464a-8209-42a1-9c20-b5ce3d72e3e1&bid=1e2n4ou Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=860484&predirect=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-178-105.eu-central-1.compute.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 12 Oct 2021 20:31:15 GMT Content-Type image/gif Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers pragma no-cache date Tue, 12 Oct 2021 20:31:15 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://ps.eyeota.net/match?uid=cecb464a-8209-42a1-9c20-b5ce3d72e3e1&bid=1e2n4ou cache-control private,no-cache, must-revalidate content-type text/html content-length 191
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 8C2C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RERDMDVCNjItMDM4RC00RjQ2LTk1MTUtMUIyNjA1RjAyNDdE&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=	42 B 340 B	40ms 12ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=860484&predirect=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:14 GMT cache-control no-store, no-cache, private x-lat amspug009:0:413 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Tue, 12 Oct 2021 20:31:15 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 8C2C Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ933L30aEX8US1_36ETG14&google_cver=1	42 B 436 B	40ms 13ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ933L30aEX8US1_36ETG14&google_cver=1 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=860484&predirect=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:13 GMT cache-control no-store, no-cache, private x-lat amspug014:0:452 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Tue, 12 Oct 2021 20:31:15 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ933L30aEX8US1_36ETG14&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 379 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubmatic um.simpli.fi/ Frame 8C2C	43 B 612 B	51ms 14ms	Image image/gif	159.253.128.183 SOFTLAYER
General Check archive.org Show headers Download Go to Show image Full URL https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=860484&predirect=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US), Reverse DNS b7.80.fd9f.ip4.static.sl-reverse.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:15 GMT x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT strict-transport-security max-age=63072000; includeSubdomains; preload access-control-allow-methods GET, POST, OPTIONS content-type image/gif access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 43 expires Mon, 11 Oct 2021 20:31:15 GMT
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame 8C2C Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cecb464a-8209-42a1-9c20-b5ce3d72e3e1	42 B 290 B	19ms 19ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cecb464a-8209-42a1-9c20-b5ce3d72e3e1 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=860484&predirect=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:15 GMT cache-control no-store, no-cache, private x-lat lhrpug009:0:490 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Tue, 12 Oct 2021 20:31:15 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=cecb464a-8209-42a1-9c20-b5ce3d72e3e1 cache-control private,no-cache, must-revalidate content-type text/html content-length 313
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame 8C2C Redirect Chain https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO... https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7684729538568214549	42 B 544 B	46ms 19ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7684729538568214549 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=860484&predirect=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:15 GMT cache-control no-store, no-cache, private x-lat lhrpug003:0:477 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Tue, 12 Oct 2021 20:31:15 GMT server nginx location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7684729538568214549 access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame 8C2C Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:48906165-f092-4a00-a8c3-357cb9be73c3&gdpr=0&gdpr_consent=	42 B 341 B	61ms 22ms	Image image/gif	185.64.190.80 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:48906165-f092-4a00-a8c3-357cb9be73c3&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=860484&predirect=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:15 GMT cache-control no-store, no-cache, private x-lat lhrpug004:0:2948 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Date Tue, 12 Oct 2021 20:31:15 GMT Server MT3 3984 0e3af3b master zrh-pixel-x27 config:1.0.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:48906165-f092-4a00-a8c3-357cb9be73c3&gdpr=0&gdpr_consent= Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Tue, 12 Oct 2021 20:31:14 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 8C2C Redirect Chain https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4513041674228493235&gdpr=0&gdpr_consent=	42 B 288 B	42ms 13ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4513041674228493235&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=860484&predirect=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:14 GMT cache-control no-store, no-cache, private x-lat amspug001:0:876 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers Pragma no-cache Date Tue, 12 Oct 2021 20:31:15 GMT X-Proxy-Origin 216.131.111.33; 216.131.111.33; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 65d042b9-7a1e-4928-aeda-7c31e9a3b83c Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4513041674228493235&gdpr=0&gdpr_consent= Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 8C2C Redirect Chain https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MVdOs2FWQbUqVBy0NldVtT4ESuUqURq_M1LhEzBj	42 B 427 B	41ms 13ms	Image image/gif	185.64.189.110 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MVdOs2FWQbUqVBy0NldVtT4ESuUqURq_M1LhEzBj Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=860484&predirect=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:12 GMT cache-control no-store, no-cache, private x-lat amspug008:0:434 server nginx content-type image/gif; charset=utf-8 content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Tue, 12 Oct 2021 20:31:15 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" location https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=MVdOs2FWQbUqVBy0NldVtT4ESuUqURq_M1LhEzBj cache-control private, no-cache, no-store, proxy-revalidate content-length 0 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	300x250.html Show response s0.2mdn.net/ads/richmedia/studio/pv2/61693892/20210611044945934/ Frame DC42	45 KB 11 KB	31ms 31ms	Document text/html	142.250.185.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/richmedia/studio/pv2/61693892/20210611044945934/300x250.html?e=69&leftOffset=0&topOffset=0&c=OLlYtVBdXQ&t=1&renderingType=2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f6.1e100.net Software sffe / Resource Hash be60cf33dcc1be5e3ca10c05178e5b74877abf5ebdaeb37cc39e6e8474ccd9d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority s0.2mdn.net :scheme https :path /ads/richmedia/studio/pv2/61693892/20210611044945934/300x250.html?e=69&leftOffset=0&topOffset=0&c=OLlYtVBdXQ&t=1&renderingType=2 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html access-control-allow-origin * cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} timing-allow-origin * content-length 10744 date Tue, 12 Oct 2021 20:31:15 GMT expires Wed, 13 Oct 2021 20:31:15 GMT cache-control public, max-age=86400 last-modified Fri, 11 Jun 2021 11:49:46 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame F59E	0 592 B	91ms 66ms	Ping image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvjY-_935R9ai0JV9y2XGTBVedwB7SeuoCFFAKCnWg8Zwq4x9GWmx8Ng23eTu9gfiXESFCYWzzlVmEmokwYUmH8F8C4Lf6QreSFKgvvASAU5GCon0CUgga3BLuKmLsY159u7sO3J10HzWZ787tsZXmpG1GSfZIrsEKyXIGV6QGLLiTyUtCKbIfBHiWdNCw2vd-Tecb7gxqmwHrqN1qiQpVHtjiXpHXckv5cQEp11d9UbKxaHoUiDBOPLyeg2qeV1FrFV6jpYyHZG7BovEvEnvq-UUXkesc3b3BxwIp-n8InLXiLc4PPANJBb7i1XYcQRVJm4cRIXEFSgm048HOtkiNFE-LYYZeUQPnL-E6bQXYJ1RxqmWUrhMsNo8H93ryj1PailkeoRYWFbSy3ffDL42fBZ1PcruJDPnOOpis_h35hDuwS5G7toELAxazfNNTWTjKB1uFUG5ub6jJgff8UkjDVYms0XRF6lo-hW4KroJnW7QGajob-60BqLO4BKpqPg0a4knbTIXIp2swa0rPiXjvExMgv5h85BH9OiIXxYKamiJZ3SSavGsJOFI-vqR5cxX3cd7Bk3hmWDkcLDLkzLKARF1ek-m8oy2OypzBg78uWdhVur8I1a_ht0T3c-QAj9W_dzWbzVlhJp7w1czWzgZxNWVlwYcxMib_j8h5NZTDrstlZOX3A-ORtaLM0B_DHctauzwd2dka4xucX8cByjNZ5lIyLNnVT00PoCcmky6Vum43A6fVcRxAtgIWki6TLJDColo1K_yw99leE6cIny_I5jn8BEW3PqfnlTZusI36jR0MVsW6x2_Din9O85tZwJWkOkEIldj-XD5Tk_NQwdjsAA9BC4AANcWDUUKnTIC67mopUAU6YNEYtwAnHbhrirT8n7kwsicg7i7gKavtRk3FNtx_SENUzoC-WVLeV_UaMQjgIjD6s489o2EvkqLVngH8lkjL2Dd3lMAdsrbC2x2P7UfvxQZmW4UldtbEXhF9Vcls-SkI4GZrANO0F-rLwrdnVhvzut8E659XoaFeHZM088dOOc-kV64FJLIwmxqjECXYcfz5Btq_DUTspzvhLmTTd8Oc_xBuOvAXv41-DASJ9rRqiArM_HwEWgGy42XT-3uUlem4Qzc_OisOn3q0yMMgudT1FezAcasXGlpNrwLMsZZA5RlHk3nU7fDUQBrmqeVRPQvvh0cwgcipOIMwtmHH_32wuZ0VczOAwQ6A&sai=AMfl-YTGhAlPkD4IvtX0nu0AM2XYP0g8q8tYe7e_oGRF1haTFS89sUXCeLOtHkFOkiHMDeHXJH7x9ghfLx7hSXIdVTZ1C96fY37i_VDgNbyGzBO4rfvVoRfqYI9v0lLBlaFKMJpgIisIbrCGz2-BcVz9HefBBim-JJqaN_MESd8&sig=Cg0ArKJSzCLzIOoMpMiIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=316&cbvp=1&cstd=309&cisv=r20211007.74501&adurl= Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version date Tue, 12 Oct 2021 20:31:15 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 10E3	22 KB 8 KB	22ms 21ms	Document text/html	142.250.184.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f1.1e100.net Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/Enqz_20U.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} timing-allow-origin * content-length 8395 date Tue, 12 Oct 2021 17:46:25 GMT expires Wed, 12 Oct 2022 17:46:25 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 9890 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	5_education_eng000.ts Show response uscdn.viadata.store/media/	665 KB 666 KB	331ms 330ms	XHR video/mp2t	173.237.60.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://uscdn.viadata.store/media/5_education_eng000.ts Requested by Host: uscdn.viadata.store URL: https://uscdn.viadata.store/static/js/hls.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.237.60.36 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash e6cb6529d03ee94de5c8aeb347847ee9c997db1d233531a1d21d40990e72c4ea Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:15 GMT x-content-type-options nosniff last-modified Fri, 26 Feb 2021 16:43:38 GMT server nginx etag "6039253a-a64a4" strict-transport-security max-age=31536000 access-control-allow-methods GET, POST, OPTIONS content-type video/mp2t access-control-allow-origin * access-control-allow-credentials true accept-ranges bytes access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 681124
GET BLOB	200 OK	3167c767-868f-4668-a929-7444dfde5114 https://www.apronus.com/	61 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.apronus.com/3167c767-868f-4668-a929-7444dfde5114 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash d825cf02f25f38879ac6f09a7eccf1a2b7c6322b50b742d469c8f83976ba5f97 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Content-Length 62028 Content-Type text/javascript
GET H3	200	DcmEnabler_01_246.js Show response s0.2mdn.net/879366/ Frame 5F6F	28 KB 10 KB	24ms 24ms	Script text/javascript	142.250.185.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/DcmEnabler_01_246.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/14735266241682150625/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f6.1e100.net Software sffe / Resource Hash 44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/14735266241682150625/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 04:19:20 GMT content-encoding gzip x-content-type-options nosniff age 58315 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10121 x-xss-protection 0 last-modified Wed, 30 Jun 2021 20:54:50 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 13 Oct 2021 04:19:20 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 96B5	11 KB 8 KB	79ms 45ms	XHR application/json	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021100701&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 0393c9ace6e3e0e8cab2b3ef3b376ef5b012227f951c26f75afa07a6cb36432b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Oct 2021 20:31:15 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8558 x-xss-protection 0
GET H3	200	Enabler_01_245.js Show response s0.2mdn.net/879366/ Frame DC42	110 KB 38 KB	24ms 24ms	Script text/javascript	142.250.185.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_245.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61693892/20210611044945934/300x250.html?e=69&leftOffset=0&topOffset=0&c=OLlYtVBdXQ&t=1&renderingType=2 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f6.1e100.net Software sffe / Resource Hash 4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61693892/20210611044945934/300x250.html?e=69&leftOffset=0&topOffset=0&c=OLlYtVBdXQ&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 06:37:40 GMT content-encoding gzip x-content-type-options nosniff age 50015 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38568 x-xss-protection 0 last-modified Wed, 14 Oct 2020 19:32:54 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 13 Oct 2021 06:37:40 GMT
GET H3	200	gsap_3.5.1_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame DC42	60 KB 24 KB	44ms 43ms	Script text/javascript	142.250.185.166 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61693892/20210611044945934/300x250.html?e=69&leftOffset=0&topOffset=0&c=OLlYtVBdXQ&t=1&renderingType=2 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f6.1e100.net Software sffe / Resource Hash 341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61693892/20210611044945934/300x250.html?e=69&leftOffset=0&topOffset=0&c=OLlYtVBdXQ&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:15 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24155 x-xss-protection 0 last-modified Mon, 31 Aug 2020 21:23:17 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 12 Oct 2021 20:31:15 GMT
GET H3	200	164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js Show response pagead2.googlesyndication.com/bg/ Frame 3E07	35 KB 13 KB	21ms 21ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software sffe / Resource Hash d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 14:41:27 GMT content-encoding br x-content-type-options nosniff age 20988 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13308 x-xss-protection 0 last-modified Tue, 05 Oct 2021 11:38:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Wed, 12 Oct 2022 14:41:27 GMT
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame D2C2	0 23 B	85ms 57ms	Ping image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvNP1K0_guhn-auXPnmyNizJYLpKqbOSBTc_XKKxiWcsBGPTDMfIZ6UFubVsFXX-5iUZb_Imo7S2XataKV4-sNAXlfFWLyFSdQ9bgEFbdUUj73pH_kDJm5o4ZnjA2hqYUprAkeK2x3y3Wkv4rjcYZqY1oWiWV4ga7CbDKd56a1YNm8n6NN0c9efFOzoeoTFtrmRhbGVo4R1HpoTm08uAdX3BYEH-J8BZrN9sRG8O89t8Iz0JS5ApvEY6Tk_eRs3RlKVBaHUBerSk5du8X_5qFAlf3-71RcjobEJ3VABDRoP0nuWe_b4mLYtU_VPtGzazQYFx7s7js85Fbtz1LILp5NcZhkffce_YH5iwNvVIV7vmGZkXOJEyIApo0Fv8yPJCO1Koj3MmGs3e6L-TgsPnpjHpMFaJMc6sREFVdDWmZ5KjKktf5W33kv06Ugh2Fd1Gba7YmNYR8xk0lUl1CkvVJjLVsFdS11GKx6JkXTsEhOCR0kB8VsxFnBFyoZ6yYAIMx3ltnJQQOmo9uElAU_qyTXF-khkb1mahKcpNLIhLlOBE-c78mv0sbEZRum1FrYQ-mQoplFdgk31U8uIPEusYuvVUcxxYSjlXPXF0NXyuEUNQKeSeb7prWbweKP4_LdzEQSVj4fiSC7C4JcGjBykC6fVrDqOCoSRjVFaN24xBQAgY9KskCw55LKUHWZiClMNlvU3GTCtuLKg_kO4LfKfurFF_1HM3l7Yg8VN8xEUszNgkM3A1KextX39h4xboptCn-_kEkdquxSnEPFFT2w_QflthE6Nt3ADipMaoXZWxgyvJTG9GBTwaJEMBUNanWGYsSl6WqGnnjUYuzxdm6D9p_D-_QVaajZ_aJfpTwxxziOHSg8YbLIr2IGhVp59BvJqWwSq5ybursutDylYigeuRiBQCA67ZaOkP1cMVvGudMHTOHHaIZeafh8bRVOsorI2FTqs_OjhpeG6bDh3SpJGUyGUOXIPZ82rz14CGhRmrrQER5vdbC19wVKAwO94UqZIWtghbfs4EI0jO92cPOC4SbZTzETEeJpYhVhD2ALAx5Ux_CusP4zX77iwJnin_F-Fk2m4VYLQIBEpBaPIySoTtB_l2DSRdXqbB0gKEaQBoifM6ALbSgN8KfgEWuQQht_pn-wSCK0TUSVXSHPQCh8lQRZ5qLn_5i-d1N9wfZ4VCCzxjGnHS5Vsi2xMRO7udFsIkbkTf1fYWoVPyZqyJQ&sai=AMfl-YRtfZ1ot5Vo_zjClBzdqSQ4z4A5abNFzeUhSTwcJ92kc0TSDkAVbkqFkDAEBCNmpSqz2h5VxryQyYqEDUzimagsXxowyYzeD1twoY63FdJCmijMlLYh4LWd711DEq1LUQP9SD7FDxticbMYkXCYOL7f-vHCcyDEKqHVWtY&sig=Cg0ArKJSzLERnIrhPHbqEAE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=466&vt=11&dtpt=234&dett=3&cstd=229&cisv=r20211007.09336&adurl= Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Tue, 12 Oct 2021 20:31:15 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js Show response pagead2.googlesyndication.com/bg/ Frame 10E3	35 KB 13 KB	21ms 20ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software sffe / Resource Hash d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 14:41:27 GMT content-encoding br x-content-type-options nosniff age 20988 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13308 x-xss-protection 0 last-modified Tue, 05 Oct 2021 11:38:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Wed, 12 Oct 2022 14:41:27 GMT
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame F59E	0 23 B	57ms 57ms	Ping image/gif	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvjY-_935R9ai0JV9y2XGTBVedwB7SeuoCFFAKCnWg8Zwq4x9GWmx8Ng23eTu9gfiXESFCYWzzlVmEmokwYUmH8F8C4Lf6QreSFKgvvASAU5GCon0CUgga3BLuKmLsY159u7sO3J10HzWZ787tsZXmpG1GSfZIrsEKyXIGV6QGLLiTyUtCKbIfBHiWdNCw2vd-Tecb7gxqmwHrqN1qiQpVHtjiXpHXckv5cQEp11d9UbKxaHoUiDBOPLyeg2qeV1FrFV6jpYyHZG7BovEvEnvq-UUXkesc3b3BxwIp-n8InLXiLc4PPANJBb7i1XYcQRVJm4cRIXEFSgm048HOtkiNFE-LYYZeUQPnL-E6bQXYJ1RxqmWUrhMsNo8H93ryj1PailkeoRYWFbSy3ffDL42fBZ1PcruJDPnOOpis_h35hDuwS5G7toELAxazfNNTWTjKB1uFUG5ub6jJgff8UkjDVYms0XRF6lo-hW4KroJnW7QGajob-60BqLO4BKpqPg0a4knbTIXIp2swa0rPiXjvExMgv5h85BH9OiIXxYKamiJZ3SSavGsJOFI-vqR5cxX3cd7Bk3hmWDkcLDLkzLKARF1ek-m8oy2OypzBg78uWdhVur8I1a_ht0T3c-QAj9W_dzWbzVlhJp7w1czWzgZxNWVlwYcxMib_j8h5NZTDrstlZOX3A-ORtaLM0B_DHctauzwd2dka4xucX8cByjNZ5lIyLNnVT00PoCcmky6Vum43A6fVcRxAtgIWki6TLJDColo1K_yw99leE6cIny_I5jn8BEW3PqfnlTZusI36jR0MVsW6x2_Din9O85tZwJWkOkEIldj-XD5Tk_NQwdjsAA9BC4AANcWDUUKnTIC67mopUAU6YNEYtwAnHbhrirT8n7kwsicg7i7gKavtRk3FNtx_SENUzoC-WVLeV_UaMQjgIjD6s489o2EvkqLVngH8lkjL2Dd3lMAdsrbC2x2P7UfvxQZmW4UldtbEXhF9Vcls-SkI4GZrANO0F-rLwrdnVhvzut8E659XoaFeHZM088dOOc-kV64FJLIwmxqjECXYcfz5Btq_DUTspzvhLmTTd8Oc_xBuOvAXv41-DASJ9rRqiArM_HwEWgGy42XT-3uUlem4Qzc_OisOn3q0yMMgudT1FezAcasXGlpNrwLMsZZA5RlHk3nU7fDUQBrmqeVRPQvvh0cwgcipOIMwtmHH_32wuZ0VczOAwQ6A&sai=AMfl-YTGhAlPkD4IvtX0nu0AM2XYP0g8q8tYe7e_oGRF1haTFS89sUXCeLOtHkFOkiHMDeHXJH7x9ghfLx7hSXIdVTZ1C96fY37i_VDgNbyGzBO4rfvVoRfqYI9v0lLBlaFKMJpgIisIbrCGz2-BcVz9HefBBim-JJqaN_MESd8&sig=Cg0ArKJSzCLzIOoMpMiIEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=531&vt=11&dtpt=215&dett=3&cstd=309&cisv=r20211007.74501&adurl= Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers timing-allow-origin * date Tue, 12 Oct 2021 20:31:15 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	geld.png s0.2mdn.net/sadbundle/14735266241682150625/ Frame 5F6F	5 KB 5 KB	24ms 24ms	Image image/png	142.250.185.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/14735266241682150625/geld.png Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f6.1e100.net Software sffe / Resource Hash 6bfbd69a1d047d98bedbc48cad25793a5d7c054dabc0418573a59083be00f7b4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/14735266241682150625/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 04:14:43 GMT x-content-type-options nosniff age 58592 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5572 x-xss-protection 0 last-modified Wed, 30 Jun 2021 12:20:04 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 12 Oct 2022 04:14:43 GMT
GET H3	200	cta3.png s0.2mdn.net/sadbundle/14735266241682150625/ Frame 5F6F	2 KB 2 KB	26ms 25ms	Image image/png	142.250.185.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/14735266241682150625/cta3.png Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f6.1e100.net Software sffe / Resource Hash 79bae354099f2a59ad59d3cd079994ac27dfb9cc445c901745cefb753a8bdb42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/14735266241682150625/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 13:30:59 GMT x-content-type-options nosniff age 543616 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1872 x-xss-protection 0 last-modified Wed, 30 Jun 2021 12:20:04 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 06 Oct 2022 13:30:59 GMT
GET H3	200	smily.png s0.2mdn.net/sadbundle/14735266241682150625/ Frame 5F6F	3 KB 3 KB	26ms 25ms	Image image/png	142.250.185.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/14735266241682150625/smily.png Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f6.1e100.net Software sffe / Resource Hash 546cddbcaae7b24edd1ecbaeb399c1eaafb39e1b1ef2047427926f2451806a7f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/14735266241682150625/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 17:44:12 GMT x-content-type-options nosniff age 528423 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3411 x-xss-protection 0 last-modified Wed, 30 Jun 2021 12:20:04 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 06 Oct 2022 17:44:12 GMT
GET H3	200	02.png s0.2mdn.net/sadbundle/14735266241682150625/ Frame 5F6F	49 KB 49 KB	28ms 27ms	Image image/png	142.250.185.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/14735266241682150625/02.png Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f6.1e100.net Software sffe / Resource Hash 277efaf77277e9c32321838ef9480109ca75db052dfb0dd7558821f36b671dfe Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/14735266241682150625/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 14:07:05 GMT x-content-type-options nosniff age 109450 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 50149 x-xss-protection 0 last-modified Wed, 30 Jun 2021 12:20:04 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 11 Oct 2022 14:07:05 GMT
GET H3	200	biltz.png s0.2mdn.net/sadbundle/14735266241682150625/ Frame 5F6F	3 KB 3 KB	26ms 25ms	Image image/png	142.250.185.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/14735266241682150625/biltz.png Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f6.1e100.net Software sffe / Resource Hash f79352743bcb9548df3493418e1b70a26ac1585c6de173820d0f7057ed10f966 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/14735266241682150625/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sun, 10 Oct 2021 07:05:28 GMT x-content-type-options nosniff age 221147 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2771 x-xss-protection 0 last-modified Wed, 30 Jun 2021 12:20:04 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 10 Oct 2022 07:05:28 GMT
GET H3	200	01.png s0.2mdn.net/sadbundle/14735266241682150625/ Frame 5F6F	59 KB 59 KB	31ms 30ms	Image image/png	142.250.185.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/14735266241682150625/01.png Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f6.1e100.net Software sffe / Resource Hash 6f37e1576660d99680e6d7680fe3b9d971a06b7cbec45c97f8d62acc95985f02 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/14735266241682150625/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 04:35:25 GMT x-content-type-options nosniff age 143750 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 60336 x-xss-protection 0 last-modified Wed, 30 Jun 2021 12:20:04 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 11 Oct 2022 04:35:25 GMT
GET H3	200	hintergrund.png s0.2mdn.net/sadbundle/14735266241682150625/ Frame 5F6F	5 KB 5 KB	27ms 26ms	Image image/png	142.250.185.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/14735266241682150625/hintergrund.png Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f6.1e100.net Software sffe / Resource Hash fb8b68bec1476f00142126c374d93b39ae7bed02a43fdc08534529900f8cb61c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/14735266241682150625/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 04:05:42 GMT x-content-type-options nosniff age 59133 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4852 x-xss-protection 0 last-modified Wed, 30 Jun 2021 12:20:04 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 12 Oct 2022 04:05:42 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 96B5	17 KB 6 KB	29ms 29ms	Script text/javascript	142.250.184.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f1.1e100.net Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:15 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Tue, 12 Oct 2021 20:31:15 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame DC42	6 KB 4 KB	37ms 37ms	XHR application/json	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_245.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash e81865fe5344632466ee39533bf6c62011a89f0f5886e4c0243978dfcf44ef85 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Oct 2021 20:31:15 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4383 x-xss-protection 0
GET H3	200	60005582_20210429075452751_300x250_LOOK-01.png s0.2mdn.net/ads/richmedia/studio/60005582/ Frame DC42	35 KB 35 KB	24ms 24ms	Image image/png	142.250.185.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210429075452751_300x250_LOOK-01.png Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f6.1e100.net Software sffe / Resource Hash a73e4ac5b50db1e127c7a81aa889faff8098bc281c89b630e5eb0c8636b68c9a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61693892/20210611044945934/300x250.html?e=69&leftOffset=0&topOffset=0&c=OLlYtVBdXQ&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 17:59:01 GMT x-content-type-options nosniff age 9134 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35599 x-xss-protection 0 last-modified Thu, 29 Apr 2021 14:54:52 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 13 Oct 2021 17:59:01 GMT
GET H3	200	60005582_20210429075455829_300x250_LOOK-02.png s0.2mdn.net/ads/richmedia/studio/60005582/ Frame DC42	35 KB 35 KB	25ms 25ms	Image image/png	142.250.185.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210429075455829_300x250_LOOK-02.png Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f6.1e100.net Software sffe / Resource Hash bdb920d09721b6572baf8667a39458131991814615456d991f2f3cf783e7d768 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ads/richmedia/studio/pv2/61693892/20210611044945934/300x250.html?e=69&leftOffset=0&topOffset=0&c=OLlYtVBdXQ&t=1&renderingType=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 07:03:54 GMT x-content-type-options nosniff last-modified Thu, 29 Apr 2021 14:54:55 GMT server sffe age 48441 content-type image/png access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35939 x-xss-protection 0 expires Wed, 13 Oct 2021 07:03:54 GMT
GET H/1.1	200 OK	postview.gif portal.o2online.de/nws/img/ Frame DC42	43 B 609 B	31ms 9ms	Image image/gif	82.113.101.132 TDDE-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=25667676_4307561_303197261_146032384_-0&ref=25667676_4307561_303197261_146032384_-0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE), Reverse DNS portal.o2online.de Software Apache / Resource Hash e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 12 Oct 2021 20:31:15 GMT Last-Modified Wed, 26 Aug 2020 10:11:24 GMT Server Apache ETag "2b-5adc50abeeb00" P3P policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Connection close Accept-Ranges bytes Content-Type image/gif Content-Length 43
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0002	12 KB 5 KB	20ms 20ms	Document text/html	142.250.184.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f1.1e100.net Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/224/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://cdn.aralego.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://cdn.aralego.net/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5029 date Tue, 12 Oct 2021 19:39:59 GMT expires Wed, 12 Oct 2022 19:39:59 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 3076 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 452F	783 B 534 B	85ms 35ms	Document text/html	142.250.186.36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.36 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f4.1e100.net Software GSE / Resource Hash 0fb9a8de56ad8dd67b20f571ca024b6c519f8f079ea3362a2967daabde69f645 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Tgu1GqAi2FmnuvXN6wORfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://cdn.aralego.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://cdn.aralego.net/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Tue, 12 Oct 2021 20:31:15 GMT date Tue, 12 Oct 2021 20:31:15 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-Tgu1GqAi2FmnuvXN6wORfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 512 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame DC42	17 KB 6 KB	32ms 31ms	Script text/javascript	142.250.184.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_245.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f1.1e100.net Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:15 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Tue, 12 Oct 2021 20:31:15 GMT
GET H3	200	164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js Show response pagead2.googlesyndication.com/bg/ Frame 0272	35 KB 13 KB	20ms 20ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software sffe / Resource Hash d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 14:41:27 GMT content-encoding br x-content-type-options nosniff age 20988 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13308 x-xss-protection 0 last-modified Tue, 05 Oct 2021 11:38:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Wed, 12 Oct 2022 14:41:27 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	56ms 56ms	Image image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021100701&jk=2151597431906072&bg=!f3ylfDjNAAbGFvHlxhY7ACkAdvg8WpQmYv6-pftm0Rq5tUFrTozc7M_mGFmQoVUKMQvQ7G7N26cXMQIAAAHhUgAAACdoAQcKAGLlsOz7uNm9tNyEzLaKp6nV_MCjzr7wc4ltPxoiupXHt-5_RFKP-PTqzLg26L9zu5pd6m0S8RlMByp73eSAw3jHDJ6CjZ6Om0skUUBK63GyymvpycnjNXFgTX5iyLEGyYaLDJkCuEQ4eiOFyx3IWil4ksJWoLwmoav4aIN8oryb4ogrsvsGnyGzGZeHc_YClE-ZWI50pfuINt2TlHfFwaAqZx4GJeiocbhkrApUCltxfkRNJ6f7IaTjTtOcPa7ZiL1j_Zn4lZ5pu_-tc8n2cp-ekBsufjLyo_f0uRweiOviOKg22u1rw0h0j0bmRKDyTGc9GIVyBz7Bu25eBfiSV-xI7YjxpQpeI4meVLAjzJ0rR1YU2veE4H8eLR02nzhUf2OTHkf9Xs1q-_r-_V3xnWPJCEWCipHtSk1PqB-1RPTQnWqqPqxHkv7chMEiHQIhPaMKTEZB3XoFXLLD9GPd90gTla4VsUQcL36pw-Ldtznabo8B0JQUyMJOKlayR3NACSto9lmQp59eQld3R9eOJ6ipWf6KsRRitjctR3dgUoeN5e079UUqiYWwQf2jlmePwmVBgVPKaCrlCKCP7d2z3dZ6DDplAk6giXqC_igh1niMFQ-JuNIu2RjhPcB7VTAhzplXMXJB5OBCmitnL5KbozS3zzfiuqkAENZPaj4igsBNJCcDtIHZUGxLOLhLSfTkfiMLk7ThoQ__gbxknZLUxYrAuZJrxazz2ljcL2swOnHfN2DoOf5q87iIngG15-FpRqtL5XEgTPtSJcAfoto0hBGFbRa2rrDHv1yTZ0cG182L0JAMMSyRwde-buvj3GKZt-V4nJbFZYXsae_NY8HlI7xwp1BYtYO3b0uUt2gI79CPkrjjKbOqFPUm5WEPCnloIfFrndiySN9_hbrMhnZmtstk0FuAskzfK4LaeE2tHX8Z5zixSWVNVHfsLMvExYuwb2QNGg_1_Af2g3SknPc1GyUneehSsWV_lu8KnKFhEH9pa985_ytGSwDfhzXVMy0Xwcot5xTa5BRBQAumNDUwJ-s5FiRYiKaP0EWuPGtHwA Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:15 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js Show response pagead2.googlesyndication.com/bg/ Frame 0002	35 KB 13 KB	21ms 21ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software sffe / Resource Hash d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 14:41:27 GMT content-encoding br x-content-type-options nosniff age 20988 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13308 x-xss-protection 0 last-modified Tue, 05 Oct 2021 11:38:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Wed, 12 Oct 2022 14:41:27 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 452F	0 0	69ms 69ms	Image text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021100701&jk=397169330715997&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 3E07	0 20 B	57ms 57ms	Image image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPisxkvBlYaCMMKiN7_UP7Na5GAAAAAA4AeAEAg&bg=!OzilOHzNAAbGFvHlxhY7ACkAdvg8WnMPbtwQ7myqwKk-lOvECHg2Pu3mBCOVptH8q6dlrDdSIKBvhgIAAAGRUgAAAC1oAQeZAySiKyzCe0gWECpKU7k2YNjdX_lnJsPhIZu--2XbtWEWhu1yC5wZB_OW-c3poENMJaYkekv_K-INEaqcJ3Pk50bzgUHo7fqa1DS7B0jS9esupShEZftdmxRePWNrb5OsNYa7cIA8AtwQsRk3WgsqvLXTZfGGaesuf7J4Gm9XEGRPRQFxKoP27msLkABUz9CTKoNeA0wFGqgVeJoan1Z4Ysp3toc-c5jbFV21FtKuuIUcDw42FmKnL5MRKBtT8_kwp4nPxAiVwRFtmipEahwMAr3mwG9Sed1Toi5qzyrutrrV1DGqFtuzwNYlF30I4tcXHYWNpjqeOr0GBcSNU1jQP-uZakYGqZSOTVnHViCruZ5K5YH6HAb8ipDzAzNzb5hPW6QyR5QCavvtwxUb0BDAFo7xAQ8td2wIkCYEbSLD8uy8FzNqEqKHw9L-_HaApl_mTSq0NA7Prexq5erOjfNQ_BqYxGQizBQqpO0XL0RkOzUkTiG7yqSAPIJ5iEA-Enr5RmLBpMcgz7mFcWes-g4cVo7TUT-SxScPl3c2B8s7lhheI5eMVSr2J-8rxRZ-PnjYk5F9iFhgGjRkJcDRjRb6-hCOiZr3BMYClirxpocFk1c5J7uTsiihwn7uOKG_tCx5ijR2HFzxYZl24ku0jC2j4uywtbKK7LqVW7vfArU6h5RFI7iKXWjyQ8aEWCmvJ88218lmyEO4OOnBr1MZ2bOXfcPXxF7WmestKSr9LuHLq_VvOvCKZv2sj6BZBXHDHOxvBgTUC7RmOhrFnGTxM6ooXLK6acyTjZSTfzgpNvdqkR12U2OLf7PKdQFDeFxWHtXKjYdLUTfdRAx2mJCy_IcqsBLtTjRMYptoE4_yoasKs_R6Mq3Pp0tImEiqz_hCqX2ZZGrWElfsbFQn78QYI68qgsU52T1G4h17229zdoo6go3ODFpab94OOZ-yC-BxyC-qJK_J3E7t2ecMXgIl3sBpRZuXWCUC5tkACmbgvsmVl-_57Lmv4Rub6Nu8o-20jX6LBypkYmCRLZsIkmO0FyeDDnlc7nJDzvXE3_rNubahxQ2G6kaFTHY Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:15 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 10E3	0 20 B	57ms 56ms	Image image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bg6ZBkvBlYceYMPDX7_UP5ZCbQAAAAAA4AeAEAg&bg=!HB-lH1vNAAbGFvHlxhY7ACkAdvg8WlM961ni1Uz8pSWE5K1XWlql9D28cm6IXjKvjIni7vk-M52EHgIAAAGUUgAAAB9oAQeZAxYSbRgT75NZTB0vcmT6wiNN-Cry4l8axejq6M5F59B3qvoDUTV8apRdZasz5tILSUJvRksi3j4mUkaTB524xJe1EKo4SmUwBrWWrlrWn7bvrXd-2DhaLx-UEzMp2tFYxsD6aJz-wSPKaWKloR-qgbRMKvvcMkxmFKwT-yf4UeBrhWErpMbgjclPLt445hzVB7ovohcrswaWIzmzl7D88_B-aXMpv3lENctHtXQpTxsR-Pb7WIXl9M8HNhD3rlvDwXvNIeos9GLqgPwK7rxVO1cNDC2vcyrv5p7okrLKFq4DX3yUZBE8C8XwG7i4Ugr40o945OvT_yFUkA-YaZVU7EZPVlwCgACpTD0icdkJk3WA4Gc0zquYl6eDAcnonUdvU1sjNKizBsrC7gxARJOKFXgdlV7L8aIvN_VGjn2bdbQ4mzsxGVCAsFXtQeU2V71DINLEmAN20sYT_AtcUb-3LONlHyDw1h4FrHGepegiwUcgSKNfMsOByrgcx90hflJWFXSYZYbKPrboEU1ZoAAxHv2J7Sr3AtLYWeP9wAKqu_xFrONtQUwCNSOU1R__UNCaIqHk0xC9QdY7m5BZsQb1slEl5zTmmMefItfaKqUMBdazLvbhCQC4HCHphQOMrY7_T4RnQsygQqR3Ij8SHy54ax0VAM9vGvMRX508Jimpcmv60ULRfQJXEowSsz7gcUaCasUnbmHWYV0FW_HzceTxAj7QoiKq6IueECiDI4bJwzQP6iwx3mplUipZmp28z1tHpvgI_7G7eTyY8U6vtB6OaJnYPPX6kq-cuJn91MBDf7VpxynvZfKB9qEIGNI0pbuCSFrxlj00WehYGN2SCYJB_OKlrhz5eMFWPtiH8csaZEpYOToz9zFTqIwWZyJL8kbLIzxqSXflVs8p0-kUOrcseCt5AJMfRn_ju-AK7XAuqYoXUcvZ8d34mM5NEQCJ5LHa6_XiIXvoJobBc6viCLRws-DUP7pfXQzMuwdd9vGDvFaHoYaIFOgE91PVV4uvj0Evb4-6KpSSxqBKQyv4C_Omu1DWuZP-Bsow Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:15 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame F59E	42 B 64 B	61ms 61ms	Fetch image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYdQFKxf3dDZynr3HicnB8LfLz_XsLyL4JejIQgSUX2HHg3wgBwBtRJBoHf6XA-ChQxN-3uxfCVM4I5SQIm-2lcDiQMR-0jH-rZQiMm7q-1LsmNY7jBQ&sai=AMfl-YSstlEfNikUBArstUPzdtVeLIau_UPjISxjq1_IMkavWu_mvW_xpnlNYhm40gxa-iP87q3ttPPy2tbYVzosDtDJpso4cqeQ3tkDAJZyD7UbC4wTTIwIwteINlW7ErU&sig=Cg0ArKJSzNXNO6snlTUZEAE&cid=CAASFeRo-BoxcNRVeWAdVzmOYmvCuWjmgA&id=lidar2&mcvt=1011&p=0,0,250,300&asp=512,528,762,828&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20211011&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3138569590&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634070674468&rpt=506&isd=0&lsd=0&met=ce&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:16 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 96B5	0 20 B	57ms 56ms	Image image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021100701&jk=397169330715997&bg=!_v2l_bnNAAbGFvHlxhY7ACkAdvg8WhudfBOP8CJkOBS4VmCxH-xtUVS8uYxDfmyt0YPqRArxAbZfYQIAAADvUgAAAA5oAQcKAGQtMl0pavRxW_fNKrhhus3HxGuImyweChr3TenVGo8OWozC0yCgbwooqJBZyJqwjTxgO4B2uN01zxdHVVegsxNvau7kbafXsffCTjvOB1NMDBgaZArM0owrLwE21tLspqSFug0amQLNV370TDvwAc6j4TS1rmATPJIuMQLH6JfJrj1OTjxkWOEvSXwn8nou-1MOIxwe9wlwRKvA0MHVYphJyuYEkqOgw4OV9fVNqGLEbU1P0wem007BIG_WRMlym8is02SsHt4sL10UUy3bGwXdwpeQihrUproY_bE122D3YKKiJ88m0NBdMNwdCjXJHCRutb-xUjrXETkPGO5XVvqAsxshh0-_9HfFIZd28QjY5-hzQGD_GWuq84InOE_DRNat00-cD1S9fF36TwNGuTWIE9Sdd-_tp_Yklxn-aNJNnDvQYL_GfasBNKwLrw7fXd27pRZxAJ9wKes375xlMk6-a5iO032Ulq0pQif9Pjf1CjeySSxwKpm8gJV1NnLa64KPKjPjuVIg4njlK6BHI0HRVy5vQSIlbJ_L7pb6xrPDWcOkY7K_RQxcL5Aep0WqolFtfYWcdJbUEetzaHEYasp7nLIeapqjh7u10dpL0Mb3VvFdB410PZZA-xVKhwrIeSC_xf7346MwqYcdGBzs1tk43bMVKwN5TeOiZp87QQOdOHnPtRKd9YuiAnHKdXcFuVw1jgyELp0HxPHnGhhhueEHzqf1Lx5PJgOjRoXJ4KZpdh3Ds97f-N7GRa5p3gXRZrWdtw4jbVprWaV2HE6ECVMr5ChxoN02klQR-2QdPxfBNIDzRinwroHn_rPod6jai767Qvo7fhiMC3_Ob2yHBsA7X3Cpvl2d9PAQBqf0MI7YukLr1khF01FxLQish_zQeAhErxhds0I25ZracRUMAOd6ugt_jef3eGmG7EIlLvM8U8c8Ft1gtHuTyemQCl1h9FgpleLs-42XWOy6Ow9eO8CQTIkdc-PYcgI2J8RZhuI7OjtEt7EdabUVFfQ2IEqDqehTPZ_J9IUe9rNdLTuSyamMYlByZvblb0NWiJwRti5NGq7e3m_mjpF0P-SKMuepNTrtyvjh Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn.aralego.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:16 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame D2C2	42 B 64 B	61ms 61ms	Fetch image/gif	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqNAGa91WCU-cP3O1J7RB1KDjo9iG1ye9gcb7L2YRjdVvFHAkPq9Wy_HMkrgGJIG5x_HXPn-xVRButCjS-vjXB16lSbivhC4AHW_sg8fl48wrOlw6w_g&sai=AMfl-YRkflg_BVrKW1orIA92oIj9SFbZJVuk3-s4YcIU85NU4W68VMTDnsDa3fedyvazZbsLaaH9rMUdnn8RnAI877QVzLmoAbU3UU_iq40q7JJmC8gUWlD562f_5hCKJzg&sig=Cg0ArKJSzGfS7dYKR81cEAE&cid=CAASFeRoa3tzNTQp8324SvMKWsqddGO_uA&id=lidar2&mcvt=1001&p=0,259,40,300&asp=36,1516,76,1557&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211011&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3261421473&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634070674479&rpt=588&isd=0&lsd=0&met=ie&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://63bc539353abde51b52221b79dff92ed.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:16 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	5_education_eng001.ts Show response uscdn.viadata.store/media/	258 KB 259 KB	165ms 165ms	XHR video/mp2t	173.237.60.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://uscdn.viadata.store/media/5_education_eng001.ts Requested by Host: uscdn.viadata.store URL: https://uscdn.viadata.store/static/js/hls.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.237.60.36 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 2ae1de5d6decc8c445d2437374b5a288e389b49c9b4db4750e5e6d1cd30007bd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:16 GMT x-content-type-options nosniff last-modified Fri, 26 Feb 2021 16:43:42 GMT server nginx etag "6039253e-40888" strict-transport-security max-age=31536000 access-control-allow-methods GET, POST, OPTIONS content-type video/mp2t access-control-allow-origin * access-control-allow-credentials true accept-ranges bytes access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 264328
GET H2	200	SPug Show response simage4.pubmatic.com/AdServer/ Frame 8C2C	0 128 B	14ms 13ms	Script text/plain	185.64.189.114 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://simage4.pubmatic.com/AdServer/SPug?partnerID=160098&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160098&s=860484&predirect=https%3A%2F%2Frtb-msk-2.viadata.store%2Ftools%2Fsync%3Fdsp%3D24%26uid%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:16 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	/ Show response amerx.viadata.store/export/104222/ Frame 6F1F	3 KB 1 KB	162ms 162ms	XHR application/json	173.237.60.36 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://amerx.viadata.store/export/104222/?secured=1&language=en&page_url=https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm&pub_sid=104222&pub_sub=0&format=json&tgt=0&VIA_SUBID=&VIA_ABT=&pce=1&npx=1&VIA_DNT=0&page_domain=www.apronus.com&trackdomain=logs.viadata.store&VIA_DADPOS=3&avtoken=674621&VIA_WIDTH=432&VIA_HEIGHT=243&imp=false&rc=2&cb=1634070679896 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 173.237.60.36 , United States, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 30f021ed6ef3a52dcd3d0acb92a049778b632fd660649c1c98a0bbc6f2b0c57b Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers access-control-allow-origin https://www.apronus.com date Tue, 12 Oct 2021 20:31:19 GMT content-encoding gzip access-control-allow-credentials true server nginx vary Accept-Encoding content-type application/json; charset=utf-8
GET H2	200	cs Show response rtb-msk-2.viadata.store/vast/ Frame 6F1F	71 B 422 B	210ms 210ms	XHR application/xml	23.111.115.236 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://rtb-msk-2.viadata.store/vast/cs?zone=104222&w=432&h=243&site=https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm&vp=2&cbb=4070680064 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.111.115.236 , Russian Federation, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash ea8c11136a7433434705f93ac9b944267b1e5b18cb713fe9817c7ca09c730cf7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:20 GMT content-encoding gzip x-content-type-options nosniff server nginx age 0 vary Accept-Encoding access-control-allow-methods GET, POST content-type application/xml; charset=utf-8 access-control-allow-origin https://www.apronus.com cache-control no-store access-control-allow-credentials true strict-transport-security max-age=31536000 access-control-allow-headers Content-Type, Accept
GET H2	200	/ Show response ads.viralize.tv/vast/ Frame 6F1F	67 B 140 B	43ms 42ms	XHR text/xml	35.186.238.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ads.viralize.tv/vast/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm&cbb=4070680064 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 232.238.186.35.bc.googleusercontent.com Software uvicorn, Unknown / Resource Hash 2c32c331c6e8de3b9aa3cfaec1cd5c295e848484d7925832a6aae6c2e0c3ea14 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:20 GMT content-encoding gzip server uvicorn, Unknown vary Accept-Encoding, Origin content-type text/xml; charset=UTF-8 access-control-allow-origin https://www.apronus.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc clear via 1.1 google expires 0
GET H/1.1	200 OK	bid.php Show response n.ap1.dyntrk.com/ Frame 6F1F	21 B 221 B	95ms 94ms	XHR text/xml	51.81.106.33 OVH
General Check archive.org Show headers Download Go to Full URL https://n.ap1.dyntrk.com/bid.php?bsrc=d5ad5bs9ht&cpu=https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm&uint=2&ist=1&cdid=DYN-OPM-0388&plw=432&plh=243&addu=60&pubid=104222&uifa=6c53b3f3-d0be-4a0c-87d0-f414da8b1a42&ad_ct=application%2Fjavascript%2Cvideo%2Fmp4&gdpr=0&gdpr_consent=&cbb=4070680064 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 51.81.106.33 New York, United States, ASN16276 (OVH, FR), Reverse DNS ns106714.ip-51-81-106.us Software proxy / Resource Hash e6e50b8065401e792b185209a6565a0edf4dd211a453501ac5d3d872066aff71 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers access-control-allow-origin https://www.apronus.com pragma no-cache x-rc 81 server proxy access-control-allow-credentials true content-length 21 content-type text/xml
GET H/1.1	204 No Content	ad_request Show response ads.aralego.com/ Frame 6F1F	0 571 B	392ms 212ms	XHR text/plain	162.210.196.208 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Full URL https://ads.aralego.com/ad_request?host=apronus.com&ver=UCX_WEB-20200113&adid=ad-D2349AB8AE32EBB4FB69232EAAA43E6&atype=2&u=https%3A%2F%2Fwww.apronus.com%2Fmusic%2Fflashpiano.htm&gdpr=0&euconsent-v2=&w=432&h=243&je=1&cbb=4070680065 Requested by Host: www.apronus.com URL: https://www.apronus.com/music/flashpiano.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 12 Oct 2021 20:31:20 GMT x-width 1600 x-height 900 access-control-allow-methods GET,POST,OPTIONS access-control-allow-origin https://www.apronus.com access-control-expose-headers X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal access-control-allow-credentials true x-sspid bb1b43a8-7775-3356-9b1d-ba19449dcf24 connection close x-adtype vast
GET H2	200	dsp logs.viadata.store/event/ Frame 6F1F	43 B 296 B	60ms 59ms	Image image/gif	23.111.115.244 SERVERS-COM
General Check archive.org Show headers Download Go to Show image Full URL https://logs.viadata.store/event/dsp?sid=104222&event=rtb&event2=request&cb=1634070680065&tids=7154,7161,7162,7644 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.111.115.244 , Russian Federation, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.apronus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 20:31:20 GMT x-content-type-options nosniff last-modified Tue, 12 Oct 2021 20:31:20 GMT server nginx strict-transport-security max-age=31536000 content-type image/gif cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-length 43 expires Wed, 11 Nov 1998 11:11:11 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

api.rlcdn.com

URL

https://api.rlcdn.com/api/identity/envelope?pid=1323