urlscan.io logo urlscan.io
SecurityTrails logo

levitrares.com Open in urlscan Pro
34.132.134.162  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://levitrares.com/
Effective URL: https://levitrares.com/
Submission: On September 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 40 IPs in 7 countries across 32 domains to perform 194 HTTP transactions. The main IP is 34.132.134.162, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is levitrares.com.
TLS certificate: Issued by R3 on August 4th 2022. Valid for: 3 months.
This is the only time levitrares.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 34.132.134.162 396982 (GOOGLE-CL...)
19 2a00:1450:400... 15169 (GOOGLE)
16 2606:4700:303... 13335 (CLOUDFLAR...)
8 2a06:98c1:312... 13335 (CLOUDFLAR...)
20 2a00:1450:400... 15169 (GOOGLE)
1 142.250.180.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 46.105.201.240 16276 (OVH)
2 192.243.61.225 39572 (ADVANCEDH...)
1 2a00:1450:400... 15169 (GOOGLE)
3 198.27.80.143 16276 (OVH)
3 9 2a00:1450:400... 15169 (GOOGLE)
1 34.110.138.177 15169 (GOOGLE)
2 2606:50c0:800... 54113 (FASTLY)
2 2001:4860:480... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
23 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638:1::4 44788 (ASN-CRITE...)
2 142.250.186.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 15 142.250.180.194 15169 (GOOGLE)
2 4 104.18.18.126 13335 (CLOUDFLAR...)
2 3 185.89.211.12 29990 (ASN-APPNEX)
7 2a02:2638:1::3 44788 (ASN-CRITE...)
2 178.250.2.148 44788 (ASN-CRITE...)
1 2600:9000:223... 16509 (AMAZON-02)
6 178.250.0.139 44788 (ASN-CRITE...)
1 178.250.2.150 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
1 3 2620:116:800d... 16509 (AMAZON-02)
2 35.244.174.68 15169 (GOOGLE)
3 35.227.252.103 15169 (GOOGLE)
3 185.64.190.78 62713 (AS-PUBMATIC)
3 3 69.173.144.139 26667 (RUBICONPR...)
3 3 104.18.19.126 13335 (CLOUDFLAR...)
2 2 69.192.160.219 16625 (AKAMAI-AS)
1 34.98.67.61 15169 (GOOGLE)
194 40
13    34.132.134.162 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 162.134.132.34.bc.googleusercontent.com
levitrares.com
19    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
16    2606:4700:3036::6815:6ed (United States)

ASN13335 (CLOUDFLARENET, US)
hargadepo.com
8    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
nodejs-2e7.pages.dev
20    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    142.250.180.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:400d:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
2    192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
calumnylightlyspider.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    198.27.80.143 (Canada)

ASN16276 (OVH, FR)
PTR: ns558056.ip-198-27-80.net
s4.histats.com
9    2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    34.110.138.177 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 177.138.110.34.bc.googleusercontent.com
ads.maskoding.com
2    2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)
odong.eduzone.my.id
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700:3037::6815:2a37 (United States)

ASN13335 (CLOUDFLARENET, US)
new.eduzone.my.id
23    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
15    142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net
cm.g.doubleclick.net
4    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
7    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
1    2600:9000:223c:9c00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
6    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
1    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
5    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
3    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
2    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
Apex Domain
Subdomains		 Transfer
42 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
537 KB
36 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
170 KB
16 hargadepo.com
hargadepo.com
307 KB
14 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
pix.eu.criteo.net — Cisco Umbrella Rank: 8383
csm.eu.criteo.net — Cisco Umbrella Rank: 8385
33 KB
13 levitrares.com
levitrares.com
132 KB
11 google.com
adservice.google.com — Cisco Umbrella Rank: 75
www.google.com — Cisco Umbrella Rank: 2
1 KB
8 pages.dev
nodejs-2e7.pages.dev
7 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438
6 KB
7 gstatic.com
fonts.gstatic.com
189 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40
5 KB
5 criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14670
ads.eu.criteo.com — Cisco Umbrella Rank: 8147
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10454
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12695
53 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
218 KB
5 histats.com
s10.histats.com — Cisco Umbrella Rank: 17784
s4.histats.com — Cisco Umbrella Rank: 15390
11 KB
3 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
1 KB
3 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 648
248 B
3 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1505
549 B
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1020
1003 B
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
3 KB
3 eduzone.my.id
odong.eduzone.my.id
new.eduzone.my.id
54 KB
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1728
1 KB
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 561
107 B
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2989
363 B
2 calumnylightlyspider.com
calumnylightlyspider.com
2 google.de
adservice.google.de — Cisco Umbrella Rank: 9081
914 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 947
356 B
1 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1495
753 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
50 KB
1 maskoding.com
ads.maskoding.com
254 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
73 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 857
647 B
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
0 Failed
function sub() { [native code] }. Failed
194 32
Domain Requested by
23 tpc.googlesyndication.com googleads.g.doubleclick.net
levitrares.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
19 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
levitrares.com
19 pagead2.googlesyndication.com levitrares.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
16 hargadepo.com levitrares.com
hargadepo.com
15 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
levitrares.com
13 levitrares.com 1 redirects levitrares.com
9 www.google.com 3 redirects levitrares.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
8 nodejs-2e7.pages.dev levitrares.com
nodejs-2e7.pages.dev
7 static.criteo.net ads.eu.criteo.com
7 fonts.gstatic.com levitrares.com
fonts.googleapis.com
6 pix.eu.criteo.net ads.eu.criteo.com
googleads.g.doubleclick.net
5 fonts.googleapis.com googleads.g.doubleclick.net
5 www.googletagservices.com googleads.g.doubleclick.net
levitrares.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
3 ssum-sec.casalemedia.com 3 redirects
3 pixel.rubiconproject.com 3 redirects
3 image6.pubmatic.com googleads.g.doubleclick.net
3 rtb.openx.net googleads.g.doubleclick.net
3 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 s4.histats.com s10.histats.com
2 e.dlx.addthis.com 2 redirects
2 id.rlcdn.com googleads.g.doubleclick.net
2 cat.nl.eu.criteo.com ads.eu.criteo.com
googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net levitrares.com
2 region1.google-analytics.com www.googletagmanager.com
2 odong.eduzone.my.id nodejs-2e7.pages.dev
2 calumnylightlyspider.com levitrares.com
2 s10.histats.com levitrares.com
s10.histats.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
1 odr.mookie1.com googleads.g.doubleclick.net
1 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
1 csm.eu.criteo.net ads.eu.criteo.com
1 secure-gl.imrworldwide.com ads.eu.criteo.com
1 s0.2mdn.net googleads.g.doubleclick.net
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
1 new.eduzone.my.id levitrares.com
1 ads.maskoding.com nodejs-2e7.pages.dev
1 www.googletagmanager.com levitrares.com
1 partner.googleadservices.com pagead2.googlesyndication.com
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
0 nodejs-2e7.pages.devback-button.js Failed nodejs-2e7.pages.dev
194 44

This site contains links to these domains. Also see Links.

Domain
www.histats.com
t.co
Subject Issuer Validity Valid
levitrares.com
R3		 2022-08-04 -
2022-11-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-04 -
2023-06-03		 a year crt.sh
*.nodejs-2e7.pages.dev
E1		 2022-09-15 -
2022-12-14		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
histats.com
R3		 2022-07-11 -
2022-10-09		 3 months crt.sh
calumnylightlyspider.com
R3		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
ads.maskoding.com
R3		 2022-09-08 -
2022-12-07		 3 months crt.sh
odong.eduzone.my.id
R3		 2022-08-03 -
2022-11-01		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-07-22 -
2022-10-19		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-03 -
2022-11-05		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-02 -
2022-11-01		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-21 -
2022-11-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh

This page contains 22 frames:

Primary Page: https://levitrares.com/
Frame ID: 2820DA198D842E5737CF7118AD64D410
Requests: 72 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20190131/zrt_lookup.html
Frame ID: 36B0379EE8828F0D35EBD1AA0771ADFB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&adk=1812271804&adf=3025194257&lmt=1663848266&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Flevitrares.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848266586&bpp=6&bdt=289&idt=249&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2920670956423&frm=20&pv=2&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=271
Frame ID: ECBC9B2E0A0F30CA977EC39D6B4CB716
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=280&adk=4188038881&adf=3136344130&pi=t.aa~a.2970055601~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663848266&rafmt=1&to=qs&pwprc=7179978295&psa=0&format=1200x280&url=https%3A%2F%2Flevitrares.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848266592&bpp=2&bdt=295&idt=270&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uqAmZ6bnUi&p=https%3A//levitrares.com&dtd=272
Frame ID: C67C3393A5F8EC4D22AC6DD3F8ED0C57
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Frame ID: CB6B57ED21702A01B665B2A76886263A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Frame ID: F7CA91A2A0E6EE3BF71AD58012124243
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Frame ID: 818E75DC60EBF4A12DF6BECC4428D05F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Frame ID: B3A8254A5C8FA2E225F431D915E565BE
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyxPSwAAgqAKwSOGAAmAWrdYRw_484eD0nynDw&u=%7Cb%2FrdAxAKvbd%2FESX0tnmNiGMkTdxTs7sugQQs%2Bi0fI7U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6_1IiGqHu-aiqZ-Vaovf0lfT7o0m8rEHgDiO7Vqy4XEsZThqtTvzxwWGs9K4Qjv7K0KPZvDGONznA-HuFK2xu5e6tzQivyKzd6TmtolAO48nHyMHP2DsR2w97mGELBgmKH-PZIQv64UsG5ie9iSoRKeCmzdWtl99ZmH8S3BvJ8aj7mWoJaHKI4qDsh2f6h2aeJ2Ptca1nDqjl2hKxmb6s7zKANsBIlQ8IipTvAgWIYZx_qf_7wLEBrA6AUeIGQchJLfUlb0BDtgOZB8fYGX4TpO0sH1hpFhScPh5DIK_WX6yID1j9lHr2KzHzsOCCWQxpBvPQN7GmmaeMcdUZZ-TCdTnVSviAil1g5_tJj_alVd9AU0Z9Pv1-ZM9_BKD7Q1RrLpeT0Kl1P0N5EcotOmkJIVncDj1tRVViAhHSg772uIyhYpKt7q-76gG4AFJ3VEewwsVrvY0Y3NiNxlRQNc5PplMa9bsUOXJxUtRd9PzDO4kd_DfpHLcpwAyDMyE7aIXnG9Zsr5_i0miU5fvQKjr5MikW7aNIJdiSQkjEGvbwt2Bxp_q4fL3V6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCasGXS08sY6CFAobHhAbagKb4Acme0rFchf6X93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTg4NzM2ODIxMTAxOTQ2N6AB1bbS6gPIAQmpAq8TiY4phLA-qAMBqgTbAU_Q2hLQzp4LQOBe6E3nDKdg0vEAxmaHvvr04Rpotxhew3It6lrINtDdTYtxPZ9b9XY7wdSHF1j0Yxfo75tLwAO78TV1tz16BJ91Zbxd2BOwmwjwMVfH0tWjrFPeFb8WD2jdw_kMNEXH9wUjemzxVhP0GdGohaEbhArobkYE6AALstUlknAO_RoKFmp1eIyaiUxVWVU3-G1URar9Eftn-yT3gc7W5SSYIP42fEjDVmNxe6RPKpfL3AcNguvnxqioXgBBYqasf3U1PKtk6VKgt8jVhZX0ntsJYaY9IIAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1f_5kIfxQ8wjOwfEe_HT2N3DKDgA%26client%3Dca-pub-9887368211019467%26adurl%3D
Frame ID: 129C684EF4C44292F3455728EDCE3180
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL_vZhCxheSYAxi3jsfSATAB&v=APEucNUeSrED4KLME4Ls2lEO6DorTmP0TvoeHxdJ3mwyo1u1LLGSvKCPbnsgc-QRDIIKDWJ3WsBG20lgrTRzt9VVHWs1EnGBgDILoLLxAc1xnE8SSTE4_MWLJni4MN4FjF3anDa2685skcmVUTouAqYYGOW5mRZTbw_5SMA5yO6uV82R0Ggtay8
Frame ID: 7CB6F1F5FB5794EA9EA058CF1B606BD2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js
Frame ID: EE3CC5EB36CEE6D79CEBCC6C7979FE17
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2FF1AF7D3C6C49D47B7624CF8A08F694
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 893E4F50CD05D6F5F9E10BC21D9F979E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2B1751D072B56E3DE4A4E76236E3F368
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 19A28A2F8D82F405851ABC82B9282101
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6BC1D75C6DF4F9AA18A103AC076EF497
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0427238448C11A19974C2A273B30C4EF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7841B954DA94DE8A08D7D18DFD97AAD4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Frame ID: 11C0F7EAA474161877C230EF496395A4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Frame ID: 4D264B9FC51A696D1C035691F4E219A7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 056B4E6F9E0986CA0E4608E964DDA137
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 25C9FA362F0AC952E47CF5B8A9A23905
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HargaDepo - Daftar Harga Di Depo Bangunan

Page URL History Show full URLs

  1. http://levitrares.com/ HTTP 308
    https://levitrares.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js

Page Statistics

194
Requests

91 %
HTTPS

52 %
IPv6

32
Domains

44
Subdomains

40
IPs

7
Countries

1847 kB
Transfer

4024 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://levitrares.com/ HTTP 308
    https://levitrares.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA7_RWovtOrd7tLXzu9cdXs&google_cver=1
Request Chain 91
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyxPS.wEMUC0oRL6JyErrgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOdkDxvSYn-iXAiYQuDm-zg&google_cver=1&google_hm=2
Request Chain 92
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKwUJiKuUaDCYfIfdR0bU-s&google_cver=1
Request Chain 93
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxNDc2MzI4ODI2MTg4NTM1Ng%3D%3D
Request Chain 147
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO8KVBocGvEagPGb0mapl40&google_cver=1&google_push=AZmPxg-WBqKO6jBJHBffusoP0nwYk45LeiE4o-hKJnKTx09qaJV-AKguR_aEXdI1PlYiVNqj-88mcaIce3V_3SRAAMEOomNNMeU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMEFTN1MtUS1JUlNT&google_push=AZmPxg-WBqKO6jBJHBffusoP0nwYk45LeiE4o-hKJnKTx09qaJV-AKguR_aEXdI1PlYiVNqj-88mcaIce3V_3SRAAMEOomNNMeU
Request Chain 148
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENDtW7XscaOK49AoGOM16AY&google_cver=1&google_push=AZmPxg99v2q3RquklyyGZSOq5ucSUGgDhQ3ix-clArxE9_MpX5gZzTeytewziZCNLVQZwvJrsqm3jqRSx7AYfDMRF7QICi4evvw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENDtW7XscaOK49AoGOM16AY&google_hm=YyxPS-wEMUC0oRL6JyErrgAABIoAAAIB&google_nid=index&google_push=AZmPxg99v2q3RquklyyGZSOq5ucSUGgDhQ3ix-clArxE9_MpX5gZzTeytewziZCNLVQZwvJrsqm3jqRSx7AYfDMRF7QICi4evvw
Request Chain 151
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 155
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEhHFLKl0g4N7Va7dWty7Uk&google_cver=1&google_push=AZmPxg91wXUJ76Iq8ok6ZbPV1slMF-RcJeTmwjZ8fc3F6W5IngwqxerM_ZVaY6r7iVmKRA-zK-_0p6CE-mMGCS3q2Yf5NIKw_S8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg91wXUJ76Iq8ok6ZbPV1slMF-RcJeTmwjZ8fc3F6W5IngwqxerM_ZVaY6r7iVmKRA-zK-_0p6CE-mMGCS3q2Yf5NIKw_S8&google_hm=uBlJSz96bMPmtOaIRruH2A
Request Chain 156
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8tWwaI9ln7F31ld-b0Td4qFWN_Yup2zyKLbC4pgBHZwLuDzv68s1Jb7SqWkjMD1TWMv50-AG9xKRnIOLzxdibSzRg52A&google_gid=CAESELcreBcU6o4ZIQbJZS9j1ag&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8tWwaI9ln7F31ld-b0Td4qFWN_Yup2zyKLbC4pgBHZwLuDzv68s1Jb7SqWkjMD1TWMv50-AG9xKRnIOLzxdibSzRg52A&google_gid=CAESELcreBcU6o4ZIQbJZS9j1ag&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxMjA0MjgwMDAxNjQ5MjQ0MTI1NA%3D%3D&google_push=AZmPxg8tWwaI9ln7F31ld-b0Td4qFWN_Yup2zyKLbC4pgBHZwLuDzv68s1Jb7SqWkjMD1TWMv50-AG9xKRnIOLzxdibSzRg52A
Request Chain 159
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJGC1DW01vqS-4IWQJDEQ_c&google_cver=1&google_push=AZmPxg9c-gIKn_ArIPrvuyQuhzSEDEtLEPk5rUdHC2q5Mg_-SpHkQ5QDwfCGR5BrsLLRrb6ZP7G0tYlt919QKgZY9wV_hmko5b4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMEFTOTMtMjgtSUlG&google_push=AZmPxg9c-gIKn_ArIPrvuyQuhzSEDEtLEPk5rUdHC2q5Mg_-SpHkQ5QDwfCGR5BrsLLRrb6ZP7G0tYlt919QKgZY9wV_hmko5b4
Request Chain 160
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBlX9Efi9mngHNZFoFH7KRQ&google_cver=1&google_push=AZmPxg_r9DIMoy2dw_9I-ujmNK_l-WEbAyExmgV6STb_IQHNwtUqPkkdO6pj_5XDfSn6oShh3OpndtP8FjmA3VGXmFbQBMzRw2Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBlX9Efi9mngHNZFoFH7KRQ&google_hm=YyxPS-wEMUC0oRL6JyErrgAABIoAAAIB&google_nid=index&google_push=AZmPxg_r9DIMoy2dw_9I-ujmNK_l-WEbAyExmgV6STb_IQHNwtUqPkkdO6pj_5XDfSn6oShh3OpndtP8FjmA3VGXmFbQBMzRw2Y
Request Chain 163
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 184
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMaeCUBIBSpDTnb3v53zthA&google_cver=1&google_push=AZmPxg9b0cMaAUyw_Wo06WJ9L0X9rzF5TEo7c4r0BD86GuEm0VL0T6Fs5XpZJwov1VV-Ga93YdxYDgtydyxGAAWNgBKK9HD2DuQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMEFTRjctVy1HT0cx&google_push=AZmPxg9b0cMaAUyw_Wo06WJ9L0X9rzF5TEo7c4r0BD86GuEm0VL0T6Fs5XpZJwov1VV-Ga93YdxYDgtydyxGAAWNgBKK9HD2DuQ
Request Chain 185
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGH7fSUBpoPmQaeskPRvO54&google_cver=1&google_push=AZmPxg9sXQPugFbXa5BHuZ3EYU4pvECXtVQKwMwHHgpW4RcBW5h9tqJVDv-xEsVUtuwBOW6nNk9dTIGByQ0f_FW3ySpr7GHinXs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGH7fSUBpoPmQaeskPRvO54&google_hm=YyxPS-wEMUC0oRL6JyErrgAABIoAAAIB&google_nid=index&google_push=AZmPxg9sXQPugFbXa5BHuZ3EYU4pvECXtVQKwMwHHgpW4RcBW5h9tqJVDv-xEsVUtuwBOW6nNk9dTIGByQ0f_FW3ySpr7GHinXs
Request Chain 187
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

194 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
levitrares.com/
Redirect Chain
  • http://levitrares.com/
  • https://levitrares.com/
45 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
cb2b64ab533de175b03687232a0636f1ad3008b0564a4601ffe89c2a8d9c5f82

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 22 Sep 2022 12:04:26 GMT
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster
hacker

Redirect headers

Content-Length
59
Content-Type
text/html; charset=utf-8
Date
Thu, 22 Sep 2022 12:04:20 GMT
Location
https://levitrares.com/
Replit-Cluster
hacker
Via
1.1 google
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e86b29758a25729f3a27ad3d964c94390129f58f455d80b3191b507bbb1ad76d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58173
x-xss-protection
0
server
cafe
etag
4644917845996371391
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 12:04:26 GMT
style.min.css
hargadepo.com/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hargadepo.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:6ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55984
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 13 Jul 2022 00:27:33 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"62ce1175-15b64"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHjbAHZig%2B%2FHzBbxsF%2B5Z6Taay6XeohC57j3ZtSRHkOiUpkqWzpD3s7L4onkf3Ae%2FwURZUKyAatu3v2kKybz1LdoB0M75aCtTZyjoYpQc8VcxTwQbvYENge38g8phgoYxlPGkoWc3l0w9%2F3u"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=31536000
cf-ray
74eae7309b208ffa-FRA
expires
Thu, 21 Sep 2023 20:31:22 GMT
mediaelementplayer-legacy.min.css
hargadepo.com/wp-includes/js/mediaelement/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hargadepo.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:6ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55984
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Thu, 10 Dec 2020 16:36:44 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5fd24e9c-2bf8"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IotVm7PRBJL%2BoXrPntvSsn5ffSMCOTrKZjCXgmqSKolJN5Rtu2IAwjQkczgFvLFOjCYt6qRwzAYBXFPa6HsDbRMVJNncKma5DJhWozzsFEOQJuBXvJ07eaVnHwKBEZ%2B56nWzaOdK3aIqGKBK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=31536000
cf-ray
74eae7309b218ffa-FRA
expires
Thu, 21 Sep 2023 20:31:22 GMT
wp-mediaelement.min.css
hargadepo.com/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hargadepo.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:6ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
438599
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Sat, 07 Dec 2019 04:31:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5deb2b14-105a"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFp5p7X9NfHADRtvV6Cl8sbHjEW3X3GHAyyuibm4fX%2FN4a6HErPkRr5fJVKcF5PEbesOzUmMrSud5PRIEtvSmhEqQUp1mIpecQLLwvasDR8IXUskJJmjxTExOf%2B1cwFys8xIh3%2BMStGSBKuc"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=31536000
cf-ray
74eae7309b268ffa-FRA
expires
Sun, 17 Sep 2023 10:14:27 GMT
styles.css
hargadepo.com/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hargadepo.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:6ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
183070
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 20 Sep 2022 07:32:09 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"63296c79-aab"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igvmNWo23wlgCm0Q7MsFAdsadAbEBU07qdm%2FRqG7I1j%2FMC3XnDBNWVMy%2FMowgDDVAuIYN1bCtQF3sgd0vZSSARc3%2B9ZGoxJw08oHsTspfLIp3JXVUZzRhJhmsnZO8jUNYD2svo%2FVs9jboUgr"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=31536000
cf-ray
74eae730ab408ffa-FRA
expires
Wed, 20 Sep 2023 09:13:16 GMT
todo-widget.css
hargadepo.com/wp-content/plugins/dashboard-to-do-list/public/assets/ 		1 KB
897 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hargadepo.com/wp-content/plugins/dashboard-to-do-list/public/assets/todo-widget.css?ver=1.2.0
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:6ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8118a6ea4212c3668430a1af26add843ecd7f0a238ce2014d90909cc66b21093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55984
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 28 Oct 2020 08:23:39 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f992a8b-46e"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMwd1qiA79ahH40fGLgd91FG13tpd9GgmmuEbhJdIzMHpZQq%2B6Qx9si8UMfLFdE%2BJoyCvnBFYM1tAXiQ19VGdG5FvFcwzraFwSDoE6RRExSA%2FAQOLNNdYxp0094ppK6D5aQHVLSaUDTf2gck"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=31536000
cf-ray
74eae730ab3e8ffa-FRA
expires
Thu, 21 Sep 2023 20:31:22 GMT
widget-options.css
hargadepo.com/wp-content/plugins/widget-options/assets/css/ 		1 KB
605 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hargadepo.com/wp-content/plugins/widget-options/assets/css/widget-options.css
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:6ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4f24797ac4621646a35e5e688a697b8595cdcb186317372d3bc70c490bd6c73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
55984
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Thu, 03 Mar 2022 17:41:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6220fdca-416"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9gLNSVLB9jeCljkZEjxjLuCce8%2FOualeCTxilvbZCESuL3XYpXAAUVnJm3Y6ArmS88V4nKlsuO%2FBSXzPWUvabbLHiWwSKA42VPwtgfyFEpm95IJNU%2FeexAlLsmIr3lzJbnqkJrXWSJTM%2Bv58"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=31536000
cf-ray
74eae7309b258ffa-FRA
expires
Thu, 21 Sep 2023 20:31:22 GMT
css
levitrares.com/host-https-fonts.googleapis.com/ 		990 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://levitrares.com/host-https-fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
065ea5dc22496e49af5e1eaec97826adeab5bd2efbd69be3c0fff5f6826c675e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
cache-control
private, max-age=86400
replit-cluster
hacker
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
text/css; charset=utf-8
style.css
hargadepo.com/wp-content/themes/mudra/ 		46 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hargadepo.com/wp-content/themes/mudra/style.css?ver=1.3
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:6ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f7cefc114dc01ba0aa512a33782150637475395b8afaced5145ecedac353af8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
292465
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 28 Oct 2020 08:27:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f992b62-b8f1"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXJJU2cU6Tb1ugGTLjAdRUbiePgNN0EFjNqwXHo7RMmiqJ9M88skmbLXA5DDAh%2BxPzivRbXo394BnxsCABdnM2Iq44QBtnllIIBGkEcllcicaxkdnXmANwx%2BwrVi5O8UEyCO0x%2BRHjreSSOh"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=31536000
cf-ray
74eae7309b248ffa-FRA
expires
Tue, 19 Sep 2023 02:50:02 GMT
font-awesome.min.css
hargadepo.com/wp-content/themes/mudra/assets/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hargadepo.com/wp-content/themes/mudra/assets/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:6ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
183070
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 28 Oct 2020 08:27:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5f992b62-7918"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d08BpjuETjj6rDHBKnqgnc7CCO0X6SeMz7%2B1JtstKky0rhQTO7uEIN5lhlLyWByzZKub9DurWNcbK1BKf5iwqEaCQcM4KgYKe6Rz24Xw2lDtJmiTDJSTdxRUeCJcvrHwlal0MSwSwoWYwOcV"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=31536000
cf-ray
74eae7309b2e8ffa-FRA
expires
Wed, 20 Sep 2023 09:13:16 GMT
public.css
hargadepo.com/wp-content/plugins/recent-posts-widget-with-thumbnails/ 		1 KB
813 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hargadepo.com/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:6ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f81af49b9e273ea507982f870dabfa439eb2f9845a7f2cacdb473631aa10de18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
183070
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Fri, 30 Jul 2021 01:26:57 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"61035561-43a"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9zL5Kd1BLaVNki%2BhBI74tQjWnmLw%2BjXjNaqZ55LUji%2FbEN%2Fr01URXBdUvhH2oEX%2BOuPXo8tZoqC59QUjgDAROcvjb9jpGtMzAIivpfOtFQM5XoUYKO%2F4FNSwUCVY95WqK3dWKDCZMO6i8pE"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=31536000
cf-ray
74eae7309b2b8ffa-FRA
expires
Wed, 20 Sep 2023 09:13:16 GMT
jetpack.css
hargadepo.com/wp-content/plugins/jetpack/css/ 		84 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hargadepo.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.3.1
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:6ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48fdcad6248cad75d16876289b4543334d70d7aab6c06f79160034568468f813
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
183070
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Tue, 20 Sep 2022 07:32:14 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"63296c7e-14eba"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQWLrzKdufMyyR0cD6l7x6%2B8mVASBxZBH1Pax9dx3YgSu8d84IKkg4GowE3E1%2BshYNFwBxfwSJknO%2BSPKlqXQE5%2BJh2H4IKLnys3H3%2FjIMJbRBOc%2Bk5PrYWmFz3EfHokw12YcN4lddJUDSbV"}],"group":"cf-nel","max_age":604800}
content-type
text/css
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=31536000
cf-ray
74eae7309b288ffa-FRA
expires
Wed, 20 Sep 2023 09:13:16 GMT
app.js
nodejs-2e7.pages.dev/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nodejs-2e7.pages.dev/app.js
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1814bc24a551e2d2172a4895c73be9f6a59e599ced4874148b21e9deb173a54
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:26 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"fed5290dfcf4e7a7861f3d50032f090b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyB%2Bdvxo%2B9bZd7WHTScFv%2BRc%2FFsd%2FURTCYgG5geAKYHlEmR6cV22c0jjVL%2FVk%2BLRiuW70A81Y%2B9d5kjiKO5c5OinBWmvpgjdZOX5bbTlWyeg7QZOTCQQMrgatdcbYPX11u%2FkJde64UlhfZDavi%2Bemn0FPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
74eae730dc5191d8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-content-type-options
nosniff
inject.js
levitrares.com/assets/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://levitrares.com/assets/inject.js
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
/
Resource Hash
041394e9d3033e190cc30d305c2fbf1be4a945b7957002fe5d3b6f44236e9f59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:26 GMT
replit-cluster
hacker
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
application/javascript
fontawesome-webfont.woff2
hargadepo.com/wp-content/themes/mudra/assets/fonts/ 		0
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9887368211019467&plah=levitrares.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c5275a4b077a916a46da998504304d3c899876abf57e0bf72f677491064c833
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124742
x-xss-protection
0
server
cafe
etag
1320133705301199993
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 12:04:26 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220919/r20190131/ Frame 36B0 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220919/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://levitrares.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11162
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 08:58:24 GMT
etag
9671129459699598864
expires
Thu, 06 Oct 2022 08:58:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
fontawesome-webfont.woff
hargadepo.com/wp-content/themes/mudra/assets/fonts/ 		0
0
fontawesome-webfont.ttf
hargadepo.com/wp-content/themes/mudra/assets/fonts/ 		0
0
cookie.js
partner.googleadservices.com/gampad/ 		218 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=levitrares.com&callback=_gfp_s_&client=ca-pub-9887368211019467
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9887368211019467&plah=levitrares.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
64302b39d1adfd7426ab208c10bdef4197e7e9d12c8cee784f1c163a9e13d0ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=levitrares.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9887368211019467&plah=levitrares.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 12:04:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=levitrares.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9887368211019467&plah=levitrares.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 12:04:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Flevitrares.com%2F&tn=A&cls=back-to-top&ign=true&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame ECBC 		123 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&adk=1812271804&adf=3025194257&lmt=1663848266&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Flevitrares.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848266586&bpp=6&bdt=289&idt=249&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2920670956423&frm=20&pv=2&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=271
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9887368211019467&plah=levitrares.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
62b6a0cfe20489119dce21cdc1773bae523fdda33ab33c8252b1218e868555e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://levitrares.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
41076
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 12:04:27 GMT
expires
Thu, 22 Sep 2022 12:04:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C67C 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=280&adk=4188038881&adf=3136344130&pi=t.aa~a.2970055601~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663848266&rafmt=1&to=qs&pwprc=7179978295&psa=0&format=1200x280&url=https%3A%2F%2Flevitrares.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848266592&bpp=2&bdt=295&idt=270&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uqAmZ6bnUi&p=https%3A//levitrares.com&dtd=272
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9887368211019467&plah=levitrares.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3aecf5dfca5710254345acbe403a28cb606f1d0dd24b8a08a3a6f9fc315505a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://levitrares.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9821
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 12:04:27 GMT
expires
Thu, 22 Sep 2022 12:04:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
nodejs-2e7.pages.devback-button.js/ 		0
0
country.js
nodejs-2e7.pages.dev/ 		22 B
538 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nodejs-2e7.pages.dev/country.js?hash=YoJwUCuLY5yz
Requested by
Host: nodejs-2e7.pages.dev
URL: https://nodejs-2e7.pages.dev/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e87eb8f1ab22351834096dcb08c6ea4e3312e63f225451f22612c52338733de5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
referrer-policy
strict-origin-when-cross-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"fb9c03b5dbc120283c167909dbb17c2c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbN5z2XGJRzBGr0S3F6%2BZu7PIvXTIqaq3I%2BqUNKnv0DafB1Cs9XJ%2FVS19WJ9WdXhqclpz%2BskFHY0pSIo2BYD1mF%2F90D5mwYTymAo2cIXYWWJKjMFicPvocZDaZde81KogXyRkHK319lgwk0XR%2BC%2FfQnPBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
74eae7355b8990bb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22
x-content-type-options
nosniff
ping.js
nodejs-2e7.pages.dev/ 		2 KB
889 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nodejs-2e7.pages.dev/ping.js
Requested by
Host: nodejs-2e7.pages.dev
URL: https://nodejs-2e7.pages.dev/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
243f06cb1c117c4fb918d7b9358f77a0c13ecf94fafbf946b4bdb2cb79426ed7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"fdcdd3cf67f7c20e91cbe1acfe32c43a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouU%2BwFJIT5a0B%2Bqon6VxPeXt1yM%2BYe1CiDSbfyNUUWALKSmqA0KR5vscDI9gT23BdPDZYlcBlhEOz%2BOKKfJsjwVVux9aqUXSYBhS2SXZqtrNyZ0LiQEcCXi1EzIiyv7K4iJeVNOZjEiNXNOYR8VpghzimQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
74eae7355b8c90bb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-content-type-options
nosniff
analytic.js
nodejs-2e7.pages.dev/ 		434 B
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nodejs-2e7.pages.dev/analytic.js
Requested by
Host: nodejs-2e7.pages.dev
URL: https://nodejs-2e7.pages.dev/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62ae54460c3cfbf1d1db453a7d81c9dff847e8022b25a2de7cc2841c1be6598c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4b45253570a3d937544ae8a0aeddffa8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqlpI7bKnXg%2FQXAUQQUFMvONX9v%2FfM72gSzdI9qwaFBu6AevjSQmoFTSPW9S9wL6iozZD3OEgfKcF4q03Ewt0IQKxlodwkVgRv9NB9jr3M%2BIwLydmJLKW4Ys27h8JQBgF8NgfGlL4ycxPwmtOpdg%2BlI0tA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
74eae7355b9590bb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-content-type-options
nosniff
costom-botton-shoope.js
nodejs-2e7.pages.dev/ 		326 B
725 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nodejs-2e7.pages.dev/costom-botton-shoope.js
Requested by
Host: nodejs-2e7.pages.dev
URL: https://nodejs-2e7.pages.dev/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b568549921b3add333905d117b2b843d51ffb5a94ce7b3a8b5c18bd419a1d08c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7d9f5478632007b416b605c70ced8555"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Y4LavAOgi7Wnw66rZIvV8jxwZFYRcJA2SCvdoMFoi2KH2ZU5htKIIIgnEJaLY6j4n5yvBKcHDK97a5U%2F2FDi%2F1vrXg4IGaNNDb%2F%2F9QM5VTnN%2FZXpqmtuJmW6L4CzcatRfSBmV4cOhOHffocKKzO%2B6LgQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
74eae7355b9290bb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-content-type-options
nosniff
anti-adblock.js
nodejs-2e7.pages.dev/ 		303 B
703 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nodejs-2e7.pages.dev/anti-adblock.js
Requested by
Host: nodejs-2e7.pages.dev
URL: https://nodejs-2e7.pages.dev/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
645b7c70edb7cf696c165eda3fda4ab274fcd108ee98e33453992b51003aa972
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"f38c37432b090b636b93bd4958ff7958"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vdj7vbMiTPzKYTr0XCYzFuL3QIvWSRGZl03LBy0mAOQ6%2BWAehKnlr7jmvlYLL1GlBYwLX0GD55jIqslQdiBn15Q4%2F5sz%2BW90FvDE8Mo7xHyXxZdaKnLlnu3YrB1W7ldkJELfs2R5EqY4M4poyoHd6gogFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
74eae7355b9090bb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-content-type-options
nosniff
disable-costom-button-back.js
nodejs-2e7.pages.dev/ 		376 B
709 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nodejs-2e7.pages.dev/disable-costom-button-back.js
Requested by
Host: nodejs-2e7.pages.dev
URL: https://nodejs-2e7.pages.dev/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c68076ca6b0fd444012ce3a63197141733a2351e2310353b5029a4ddc0f1ef9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"d427b34941bfcf21c219ecba88bc49bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dAaVbs0aSIEyG3oM6Y7PUht4Lnqxdh2360%2FRMYdTZSOXxaQ2%2BXUS2vHaZuNe7sumBNn7AF02nIu3dTGd%2Fk4TSCQXpS0Hzk82TZvNGWjR93i%2BrGIrRrQU5IuYEHvxehtkE5oEGJHcqn%2F0%2FfH0bL0%2BtRlAFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
74eae7355b8f90bb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-content-type-options
nosniff
banner.js
nodejs-2e7.pages.dev/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nodejs-2e7.pages.dev/banner.js
Requested by
Host: nodejs-2e7.pages.dev
URL: https://nodejs-2e7.pages.dev/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f89606255135086ba0057a614f1f05ccd84688bf21397f68f4e73894ff0ab694
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"18bedafc2f18f9fe03d4d279e7c8de7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9wH8KCxSnuQ4sysF2DOp%2FQROW%2BBqFqH1DO1g4s1hEpXhRopoLtuBTSpXFs64PA9Ep6M9uTE2rrB%2BwXpkYLPcnnOpiFsZcpuhg9FMf%2FhCC1QHlX4YMUR8%2FTzUuexMXrkPNn4zaFpWhfcwZQBd8BWxVXlog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
74eae7355b8d90bb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-content-type-options
nosniff
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVc.ttf
fonts.gstatic.com/s/opensans/v34/ 		43 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVc.ttf
Requested by
Host: levitrares.com
URL: https://levitrares.com/host-https-fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f21f888c15e38433d68956a83c5f0f83aad6ed3768cf03c10402eb06ef206ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://levitrares.com/
Origin
https://levitrares.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 01:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28240
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 01:03:24 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVc.ttf
fonts.gstatic.com/s/opensans/v34/ 		43 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4uaVc.ttf
Requested by
Host: levitrares.com
URL: https://levitrares.com/host-https-fonts.googleapis.com/css?family=Open+Sans%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9d39c03d322319f16ebe0a5c6edc98d74a1461b2c1f0e9efee61fc73777d9ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://levitrares.com/
Origin
https://levitrares.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 01:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212463
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27380
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:12:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Sep 2023 01:03:24 GMT
Harga-Railing-Tangga-Terbaru.jpg
hargadepo.com/wp-content/uploads/2017/05/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hargadepo.com/wp-content/uploads/2017/05/Harga-Railing-Tangga-Terbaru.jpg
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:6ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abd30be61901b78ac94c621f73a65c503fb311622252b1daa9fedcd6144c3fd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Fri, 19 May 2017 08:25:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"591eabe6-8a24"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YtbFMtH1L8RMMl81qd%2Bz0KKP%2F6nCcADCJwAfiYjThLrlERL2QUI7A8HlE5ZcTOOhjO7IiBGQ5wNZNWrxCU7uS7bLLUvMzcb1gelHv27qi0l8i9kgKrZz98cWRYnroj%2FHs1sro1SvB5kWklv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=31536000
cf-ray
74eae7355d068fc5-FRA
expires
Fri, 22 Sep 2023 12:04:27 GMT
Harga-Kanopi-Terbaru.jpg
hargadepo.com/wp-content/uploads/2017/05/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hargadepo.com/wp-content/uploads/2017/05/Harga-Kanopi-Terbaru.jpg
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:6ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbe6c5a00d4e481648acb875643f6d0d3545a2f50bb3b7bf02e5cf3a05a851c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Fri, 19 May 2017 07:54:35 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"591ea4bb-a544"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6vVG7JYepM95EQZ9QUrTF%2F5yxlmXSEKFVxF1nDjNW%2FnKCbAItIIDOqh%2BHcqZNWCN3%2Fgljho5f5cPFPnk%2BgfTgQ88Hbh9GxYTWotstxKPFNRyOaoUfQo2g4fiVnpaJVJolQclU3RGs8EMU9e"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=31536000
cf-ray
74eae7355d0a8fc5-FRA
expires
Fri, 22 Sep 2023 12:04:26 GMT
pagar-minimalis-640x320.jpg
levitrares.com/host-https-hargadepo.com/wp-content/uploads/2022/03/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://levitrares.com/host-https-hargadepo.com/wp-content/uploads/2022/03/pagar-minimalis-640x320.jpg
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
cloudflare /
Resource Hash
f6f5b9dfe350007ed92b729114b0b7cd837aea56f349cf38248a858eac60cb1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79706
strict-transport-security
max-age=31536000; includeSubDomains; preload
replit-cluster
hacker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 23 Mar 2022 06:55:21 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"623ac459-a133"
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shKbzQr5gb%2B%2F3EIEt73nQoFCrlH9nwCIub2X3HGbf9lMOeS5rpYC2bA2dVf1KQMk8HaxauoVaq0mAwjePpXBae654X7ZvesvdZwVp4pY1WAAMzhrGgG1Pb6DWHDCPySF"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
cf-ray
74eae7398fd8e269-ORD
expires
Thu, 21 Sep 2023 13:56:02 GMT
Contoh-Pagar-Besi-Minimalis-2.jpg
hargadepo.com/wp-content/uploads/2017/05/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hargadepo.com/wp-content/uploads/2017/05/Contoh-Pagar-Besi-Minimalis-2.jpg
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:6ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beb5f7f4b69b969ee4cbb343872d183bc163b8d5873b124bfb54c21309bc5a7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
105646
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Fri, 19 May 2017 08:48:32 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"591eb160-9794"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMv1B9rTyEQxNuO3JdX9enbylKcSGohI%2F73Sfnkvajh3RAILX78xuWdD0bwswPEAMg1eotmX%2FNPuv%2FN17HXAJkhvieQ9DficlbkEFJn1D0ItogiEBWqAeR5xBriWkrTomX%2FPfNC6Me%2F%2FgFXN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=31536000
cf-ray
74eae7355d0c8fc5-FRA
expires
Thu, 21 Sep 2023 06:43:41 GMT
Cara-Menghitung-Rangka-Atap-Baja-Ringan-1.jpg
hargadepo.com/wp-content/uploads/2017/05/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hargadepo.com/wp-content/uploads/2017/05/Cara-Menghitung-Rangka-Atap-Baja-Ringan-1.jpg
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:6ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0356f6ba2e4c71b35fd39f4da510558708554289aec6c1fdfa84b6b62d893442
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 31 May 2017 05:10:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"592e5040-c75d"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHcbGsewJGlI%2Fumx6nDoix4CJK6d6t%2BAhHY%2FMfzNPi9A5Krwkm%2Fr%2BLHMlqCw7%2F4uL2aj9Oj%2Fs5wJVfLZCidiccYn4I%2BXIhG%2F7%2FnxZQS7bbBJTZcLi2TAIi3%2By5EbgYusAQvxqB826JDpl5i1"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=31536000
cf-ray
74eae7355d0d8fc5-FRA
expires
Fri, 22 Sep 2023 12:04:27 GMT
Harga-Railing-Tangga-Terbaru-150x150.jpg
levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/05/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/05/Harga-Railing-Tangga-Terbaru-150x150.jpg
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
cloudflare /
Resource Hash
c50d7d710891ee1e3de4f31cf04a5643fd5ef7c3aa3752022e968223566e29cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:29 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
replit-cluster
hacker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 19 May 2017 08:25:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"591eabe6-1c2d"
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fG68SuNSb%2FhAKzitbxIou%2FpAVv0KaTREgwDbOR8mQxMw8MbnylXTuQSuc5GlE9mbM8HcrzdVTTPYkMCHaMKr1Ral5t%2FR2UR5sU66baGjMOWjfWZ3A1Tt8QuDp9EhxBEI"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
cf-ray
74eae73f09e1636f-ORD
expires
Fri, 22 Sep 2023 12:04:29 GMT
Harga-Kanopi-Terbaru-150x150.jpg
levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/05/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/05/Harga-Kanopi-Terbaru-150x150.jpg
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
cloudflare /
Resource Hash
368296fd2cb2f8152ac2b5202158884308fdbdcace7e86711933a34fbb708a07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86054
strict-transport-security
max-age=31536000; includeSubDomains; preload
replit-cluster
hacker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 19 May 2017 07:54:35 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"591ea4bb-1792"
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RAQu567cb3trN4qLtj%2BF6JRrc8g5ng2DM2EduZJcP%2F4jJzPGJegkt%2BDcDzmZAH3vIcEzarS2ZvuwxjwMd%2BJt3fdUdqw4bXdfffLxefa3GyUjSUvIjhWnS0CeLP%2F6cGEE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
cf-ray
74eae739a8576314-ORD
expires
Thu, 21 Sep 2023 12:10:13 GMT
pagar-minimalis-150x150.jpg
levitrares.com/host-https-hargadepo.com/wp-content/uploads/2022/03/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://levitrares.com/host-https-hargadepo.com/wp-content/uploads/2022/03/pagar-minimalis-150x150.jpg
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
cloudflare /
Resource Hash
d0eae25fa3f49835f7d880f2e2b226df58c2cc0a3f175a99da8bcb26641cbbb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
173202
strict-transport-security
max-age=31536000; includeSubDomains; preload
replit-cluster
hacker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 23 Mar 2022 06:55:21 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"623ac459-189c"
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLyY7bK26gRQDpqtyIBD3QjOCHewr664mjqjBg2BqtB7Hek9NROooU%2BJDUXv%2BII0lLV5dRh2o1Wo%2Ft6PFT%2BUtInVI6sjQ4djGW4w49sI%2FkiT1TOYaY3O1ZEwiiqzY4th"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
cf-ray
74eae739a840e25f-ORD
expires
Wed, 20 Sep 2023 11:57:45 GMT
Contoh-Pagar-Besi-Minimalis-2-150x150.jpg
levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/05/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/05/Contoh-Pagar-Besi-Minimalis-2-150x150.jpg
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
cloudflare /
Resource Hash
986748e84e5ce360c67ea1f6e3a2c2496b1ae3b21dac37f3e35f9cb9260b9988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
174622
strict-transport-security
max-age=31536000; includeSubDomains; preload
replit-cluster
hacker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 19 May 2017 08:48:33 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"591eb161-17f1"
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpN39k8nxc86GsGpIu3VypeOxrkfWGNzw9uCFq689biKvCb5LQDoxe43rmA5OVjgSVkNFH5m%2BekRwTumlyTzxFUK1gruOWBxFRpoCH3ES8kxaIJeyV4JFxPqro%2BB7cxk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
cf-ray
74eae739affd2d19-ORD
expires
Wed, 20 Sep 2023 11:34:05 GMT
Cara-Menghitung-Rangka-Atap-Baja-Ringan-1-150x150.jpg
levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/05/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/05/Cara-Menghitung-Rangka-Atap-Baja-Ringan-1-150x150.jpg
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
cloudflare /
Resource Hash
064560e9f5ff492eaf78070a450d2ce0b3cfd1dfd7fc15a46821f11eff53244c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
197333
strict-transport-security
max-age=31536000; includeSubDomains; preload
replit-cluster
hacker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 31 May 2017 05:10:25 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"592e5041-22da"
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkJ%2FJ46uVcNSwB6aG%2FNTUIMY5VSkFiDDuaWwK0GnqVAXz8wiJTuBEvmX7Uhzwfta4BRbuEsg9VHVbe5bF0RLwdVi574qzvo6nsUF%2FQA0h5lfDZRfWLxzEwfz25eakBjJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
cf-ray
74eae739a9492d88-ORD
expires
Wed, 20 Sep 2023 05:15:35 GMT
Alat-Pemasangan-Tangki-Air-150x150.jpg
levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/05/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/05/Alat-Pemasangan-Tangki-Air-150x150.jpg
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
cloudflare /
Resource Hash
143e671587e9a08f835f56d1d453b8cc73a9ab1fed982418249bb116696f351e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
173201
strict-transport-security
max-age=31536000; includeSubDomains; preload
replit-cluster
hacker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 31 May 2017 06:22:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"592e6112-1c8b"
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geHV7LipjhgKgvWxpa3ltkmKp3p7Xt4k0geGuuGHBbWFU9E9TLRbhArmXYuECMqyodCAZtrHMo2acYefYJf21ppiSJfHjt0VMgWPJPzgzPa5kzX18xmkRYT%2BMI5DAM87"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
cf-ray
74eae739ae45e264-ORD
expires
Wed, 20 Sep 2023 11:57:46 GMT
Contoh-pintu-expanda-150x150.jpg
levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/05/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/05/Contoh-pintu-expanda-150x150.jpg
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
cloudflare /
Resource Hash
cb7a6f05cbf4037b79c6977a4ab305c7d6f19fe8791d7b69eb898f9669bd70da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
173199
strict-transport-security
max-age=31536000; includeSubDomains; preload
replit-cluster
hacker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 31 May 2017 05:50:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"592e59b2-1976"
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rc4UaghHCVtsW1BoobyQGO5zSdEE3KMRGUlleMrWY4oNlsFBZMrBqk3q1WQzDc6Cg8IjzQX49q456r%2FPEGxwkV1fWyO5RkT6K%2BTMlvgGXsSeBv3aRLXYU%2Bxqhjn1gIJO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
cf-ray
74eae739be64e1ca-ORD
expires
Wed, 20 Sep 2023 11:57:48 GMT
Cara-Menghitung-Kubikasi-Cor-Beton-150x150.jpg
levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/06/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://levitrares.com/host-https-hargadepo.com/wp-content/uploads/2017/06/Cara-Menghitung-Kubikasi-Cor-Beton-150x150.jpg
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.132.134.162 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
162.134.132.34.bc.googleusercontent.com
Software
cloudflare /
Resource Hash
918a2cdce9d36ac89c1fab85603f71cb3380d987840b243a9588c1bd1342e23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
197331
strict-transport-security
max-age=31536000; includeSubDomains; preload
replit-cluster
hacker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 14 Jun 2017 05:26:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"5940c8ed-1f0f"
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOIZVYkTr9EhMZ9UOZXgMA6fpxSBwwqyavyhggA9z6oisJ8B8dCJ7RQqH4Z2hfy%2Fwnee98LjRxcndyfZmKawHIGzrNhDZwXqsf0gK3w2yas17O1dckWwlzNCYiSjzTau"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
cf-ray
74eae739a8468107-ORD
expires
Wed, 20 Sep 2023 05:15:36 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:03:31 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
content-type
application/javascript; charset=UTF-8
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
225575408
725b09a97d8c22957d89c9d08a8e182b.js
calumnylightlyspider.com/72/5b/09/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://calumnylightlyspider.com/72/5b/09/725b09a97d8c22957d89c9d08a8e182b.js
Requested by
Host: levitrares.com
URL: https://levitrares.com/assets/inject.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 12:04:27 GMT
Server
nginx/1.22.0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
application/javascript
Content-Length
0
6353cd5fdad8d14e5a34c65cc3d8a4ca.js
calumnylightlyspider.com/63/53/cd/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://calumnylightlyspider.com/63/53/cd/6353cd5fdad8d14e5a34c65cc3d8a4ca.js
Requested by
Host: levitrares.com
URL: https://levitrares.com/assets/inject.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 12:04:27 GMT
Server
nginx/1.22.0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
application/javascript
Content-Length
0
js
www.googletagmanager.com/gtag/ 		207 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y8NS3XF3SB
Requested by
Host: levitrares.com
URL: https://levitrares.com/assets/inject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
06977060c2808a6313afca6971e3bc303630f14be1fd7d643a4690cf6394223e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74681
x-xss-protection
0
expires
Thu, 22 Sep 2022 12:04:27 GMT
0.php
s4.histats.com/stats/ 		52 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4459743&@f16&@g1&@h1&@i1&@j1663848267123&@k0&@l1&@mHargaDepo%20-%20Daftar%20Harga%20Di%20Depo%20Bangunan&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1600&@b1:33042921&@b3:1663848267&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Flevitrares.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.27.80.143 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns558056.ip-198-27-80.net
Software
/
Resource Hash
021bee2783a45dccd22a9759e028922f7ae855151fb5c3d1273bbb3688b45cde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 12:04:27 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
cc_511.js
s10.histats.com/counters/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/counters/cc_511.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
056c49d5e33c04e80cc64e849f28b2d64398c56a86650788fe73207fa4c6823c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:54:30 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"1364484781"
x-cacheable
Matched cache
content-type
application/javascript; charset=UTF-8
x-cdn-pop
sbg
accept-ranges
bytes
content-length
5984
x-request-id
265551974
ping
www.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ping?sitemap=https://levitrares.com/host-https-brainly.co.id/sitemap.xml
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
ping
www.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ping?sitemap=https://www.levitrares.app/host-https-brainly.co.id/sitemap.xml
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
ping
www.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ping?sitemap=https://tebakjawaban.my.id/host-https-brainly.co.id/sitemap.xml
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
ads.js
ads.maskoding.com/ 		67 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.maskoding.com/ads.js
Requested by
Host: nodejs-2e7.pages.dev
URL: https://nodejs-2e7.pages.dev/anti-adblock.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.138.177 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
177.138.110.34.bc.googleusercontent.com
Software
/
Resource Hash
51928336069eb971297269f1409e689b13134f2bb945a96993007832572e9868

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 22 Sep 2022 12:04:27 GMT
replit-cluster
hacker
content-length
67
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-type
text/javascript; charset=utf-8
0.php
s4.histats.com/stats/ 		52 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4459743&@f16&@g0&@h2&@i1&@j1663848267154&@k31&@l2&@mHargaDepo%20-%20Daftar%20Harga%20Di%20Depo%20Bangunan&@n0&@o1000&@q0&@r0&@s511&@ten-US&@u1600&@b1:-142114089&@b3:1663848267&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Flevitrares.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.27.80.143 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns558056.ip-198-27-80.net
Software
/
Resource Hash
021bee2783a45dccd22a9759e028922f7ae855151fb5c3d1273bbb3688b45cde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 12:04:27 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
0.php
s4.histats.com/stats/ 		52 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4459743&@f16&@g0&@h2&@i1&@j1663848267154&@k31&@l2&@mHargaDepo%20-%20Daftar%20Harga%20Di%20Depo%20Bangunan&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:71775935&@b3:1663848267&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Flevitrares.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.27.80.143 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns558056.ip-198-27-80.net
Software
/
Resource Hash
021bee2783a45dccd22a9759e028922f7ae855151fb5c3d1273bbb3688b45cde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Thu, 22 Sep 2022 12:04:27 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9752eb218010842a84b880aee5997839757104f3a48f1105873f576276df1f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
sweetalert2.min.js
odong.eduzone.my.id/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odong.eduzone.my.id/sweetalert2.min.js
Requested by
Host: nodejs-2e7.pages.dev
URL: https://nodejs-2e7.pages.dev/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
a562e74fa9fc556c7d765a6a82f80af5053ea80d0691c27771f773404bfe6f60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-fastly-request-id
8727efd424cb1bc6de7f08f0e21b5c20e414eaca
date
Thu, 22 Sep 2022 12:04:27 GMT
content-encoding
gzip
age
331
x-cache
HIT
content-length
14333
x-served-by
cache-hhn4046-HHN
access-control-allow-origin
*
last-modified
Sat, 25 Jun 2022 10:44:35 GMT
server
GitHub.com
x-github-request-id
0805:3495:8E81BC:93B837:631FFAE4
x-timer
S1663848267.319462,VS0,VE10
etag
W/"62b6e713-aa5f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Tue, 13 Sep 2022 03:47:08 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
1
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9887368211019467&plah=levitrares.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6acea6df0a1d74bd2a31cb35a9dcc3ab90bd819a0f17f0712748ffc16beca71d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54572
x-xss-protection
0
server
cafe
etag
13705203367104508177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Sep 2022 12:04:27 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=levitrares.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9887368211019467&plah=levitrares.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 12:04:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=levitrares.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9887368211019467&plah=levitrares.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 12:04:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CB6B 		67 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9887368211019467&plah=levitrares.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fa15067b3beb8316c3265954aa08a6104b03551ca27d3b431904d85099ebfe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://levitrares.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
21745
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 12:04:27 GMT
expires
Thu, 22 Sep 2022 12:04:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F7CA 		114 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9887368211019467&plah=levitrares.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38d2c0b0a6526e92c3f0882aa52a64d24ac0ed157a8137c3e9a639275016bf5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://levitrares.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
43949
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 12:04:27 GMT
expires
Thu, 22 Sep 2022 12:04:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 818E 		114 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9887368211019467&plah=levitrares.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63bdfbb624c1b385374dfacc9d1d5fb0288b5973165b921c5f8ec84cd8c45f0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://levitrares.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
43554
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 12:04:28 GMT
expires
Thu, 22 Sep 2022 12:04:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Y8NS3XF3SB&gtm=2oe9j0&_p=1842177772&cid=1001270254.1663848267&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1663848267&sct=1&seg=0&dl=https%3A%2F%2Flevitrares.com%2F&dt=HargaDepo%20-%20Daftar%20Harga%20Di%20Depo%20Bangunan&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y8NS3XF3SB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://levitrares.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sweetalert2.min.css
odong.eduzone.my.id/ 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://odong.eduzone.my.id/sweetalert2.min.css
Requested by
Host: nodejs-2e7.pages.dev
URL: https://nodejs-2e7.pages.dev/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
be2d081c45968c7f97fb9226c95ea48ff7c1305cd24f3e2e3e5523461453b834

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-fastly-request-id
f92daed63297b19241965b1fea91f00eef39aa4b
date
Thu, 22 Sep 2022 12:04:27 GMT
content-encoding
gzip
age
559
x-cache
HIT
content-length
4359
x-served-by
cache-hhn4046-HHN
access-control-allow-origin
*
last-modified
Sat, 25 Jun 2022 10:44:35 GMT
server
GitHub.com
x-github-request-id
0804:5484:F44C68:FC7BE4:632BF7A1
x-timer
S1663848267.346762,VS0,VE1
etag
W/"62b6e713-5fe8"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Thu, 22 Sep 2022 06:00:25 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
1
FestiFal1010.jpg
new.eduzone.my.id/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://new.eduzone.my.id/FestiFal1010.jpg
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:2a37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d266334740bce57b62fb91a6ffc48f4332dbfac916b9240ea7f33c5850e817f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-fastly-request-id
099bb034da86223dc7ec1db43b9ddad484dd6381
date
Thu, 22 Sep 2022 12:04:27 GMT
via
1.1 varnish
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
557
x-cache
HIT
x-cache-hits
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34877
x-served-by
cache-hhn4053-HHN
last-modified
Mon, 12 Sep 2022 21:16:15 GMT
server
cloudflare
x-github-request-id
5648:11825:809C70:84BEF9:631FA49B
x-timer
S1663024118.514312,VS0,VE104
etag
"631fa19f-883d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EoV6acDfIn90G%2FdRx0BDqz6z8woSRZRM%2BxhLdVTWmrchVZbKP%2B4FfiMx1v0F4U1yjJwuugc955lO7id85Zys7TY%2BVo1h0mVOmUlIYureIKEUfOy%2Fv0ExztSMGbTZS7vawsvpg%2B9exwe8RQ0BWXe8pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
74eae7375dd9917a-FRA
x-proxy-cache
MISS
expires
Wed, 21 Sep 2022 04:37:02 GMT
Alat-Pemasangan-Tangki-Air.jpg
hargadepo.com/wp-content/uploads/2017/05/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hargadepo.com/wp-content/uploads/2017/05/Alat-Pemasangan-Tangki-Air.jpg
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:6ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e90ab1d202b08b29f525a912e41f18ea571a14c05bbb7424c682354b1e8c94c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 31 May 2017 06:22:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"592e6112-bc02"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FprAHcMEKV%2BIKMxZW%2FEzS32nqJ3g6LS5GXYiBTn5RMlKmwWR1dUtqjYSvWPtJrR1EUMLga%2FmK4DDoR3aj7FPq15%2B%2Bv2npa0s7Q8xaIWCIKkuSzKOedvLL4SZzOVjPf9A%2FWRWyxf9sE6ZrLn"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=31536000
cf-ray
74eae7371fbb8fc5-FRA
expires
Fri, 22 Sep 2023 12:04:27 GMT
Contoh-pintu-expanda.jpg
hargadepo.com/wp-content/uploads/2017/05/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hargadepo.com/wp-content/uploads/2017/05/Contoh-pintu-expanda.jpg
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:6ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b151e803f727086c0b210990c1558860344ab86f0a1e90486b4146dde63b828
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Wed, 31 May 2017 05:50:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"592e59b2-98f6"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MRGcF44MZvfZOmmkB%2FONv9h4EuBKyI5I8gr8i6lucT2618dBh9yOTtzvWt4Ov5488Eg9XkwjaV7YLD593cp4Qq1Qdd33S5T1dbkqWKAaOFYHdXM0sGjhMULiAL7VdpM%2BnbFgz%2FAcPqeIeC9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=31536000
cf-ray
74eae7371fbd8fc5-FRA
expires
Fri, 22 Sep 2023 12:04:27 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/ Frame B3A8 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9887368211019467&plah=levitrares.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://levitrares.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
52551
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Sep 2022 21:28:36 GMT
etag
9671129459699598864
expires
Wed, 05 Oct 2022 21:28:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame C67C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=280&adk=4188038881&adf=3136344130&pi=t.aa~a.2970055601~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663848266&rafmt=1&to=qs&pwprc=7179978295&psa=0&format=1200x280&url=https%3A%2F%2Flevitrares.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848266592&bpp=2&bdt=295&idt=270&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uqAmZ6bnUi&p=https%3A//levitrares.com&dtd=272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 11:56:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame C67C 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=280&adk=4188038881&adf=3136344130&pi=t.aa~a.2970055601~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663848266&rafmt=1&to=qs&pwprc=7179978295&psa=0&format=1200x280&url=https%3A%2F%2Flevitrares.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848266592&bpp=2&bdt=295&idt=270&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uqAmZ6bnUi&p=https%3A//levitrares.com&dtd=272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7568
x-xss-protection
0
server
cafe
etag
16266204680973569043
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 12:04:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C67C 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=280&adk=4188038881&adf=3136344130&pi=t.aa~a.2970055601~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663848266&rafmt=1&to=qs&pwprc=7179978295&psa=0&format=1200x280&url=https%3A%2F%2Flevitrares.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848266592&bpp=2&bdt=295&idt=270&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uqAmZ6bnUi&p=https%3A//levitrares.com&dtd=272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 12:04:27 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame C67C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CFCMNS08sY6CFAobHhAbagKb4Acme0rFchf6X93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTg4NzM2ODIxMTAxOTQ2N6AB1bbS6gPIAQmpAq8TiY4phLA-qAMBqgTYAU_Q2hLQzp4LQOBe6E3nDKdg0vEAxmaHvvr04Rpotxhew3It6lrINtDdTYtxPZ9b9XY7wdSHF1j0Yxfo75tLwAO78TV1tz16BJ91Zbxd2BOwmwjwMVfH0tWjrFPeFb8WD2jdw_kMNEXH9wUjemzxVhP0GdGohaEbhArobkYE6AALstUlknAO_RoKFmp1eIyaiUxVWVU3-G1URar9Eftn-yT3gc7W5SSYIP42fEjDVmNxe6QNKLZZW4iRkVR70gt4Y6a5a7KmyX8bJCnQIW8GRXfLqY1xNF8a3oAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTg4NzM2ODIxMTAxOTQ2NxgA&sigh=kuHIZdQW0os&uach_m=[UACH]&cid=CAQSGwCsnQUxbULfoIETw6LMaMus-PbTvRY37nbfAhgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=280&adk=4188038881&adf=3136344130&pi=t.aa~a.2970055601~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663848266&rafmt=1&to=qs&pwprc=7179978295&psa=0&format=1200x280&url=https%3A%2F%2Flevitrares.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848266592&bpp=2&bdt=295&idt=270&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uqAmZ6bnUi&p=https%3A//levitrares.com&dtd=272
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=280&adk=4188038881&adf=3136344130&pi=t.aa~a.2970055601~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663848266&rafmt=1&to=qs&pwprc=7179978295&psa=0&format=1200x280&url=https%3A%2F%2Flevitrares.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848266592&bpp=2&bdt=295&idt=270&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uqAmZ6bnUi&p=https%3A//levitrares.com&dtd=272
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 22 Sep 2022 12:04:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 22 Sep 2022 12:04:27 GMT
notify
rtb.fr.eu.criteo.com/google/auction/ Frame C67C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kJCTFMz6RLAJmAKdg2ICAgAAAKSJtwQAtEdEEEpPLGP928PiZJqF39frogASAAA&wp=YyxPSwAAgqAKwSOGAAmAWrdYRw_484eD0nynDw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=280&adk=4188038881&adf=3136344130&pi=t.aa~a.2970055601~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663848266&rafmt=1&to=qs&pwprc=7179978295&psa=0&format=1200x280&url=https%3A%2F%2Flevitrares.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848266592&bpp=2&bdt=295&idt=270&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uqAmZ6bnUi&p=https%3A//levitrares.com&dtd=272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:26 GMT
server
Kestrel
server-processing-duration-in-ticks
25110837
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 129C 		173 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YyxPSwAAgqAKwSOGAAmAWrdYRw_484eD0nynDw&u=%7Cb%2FrdAxAKvbd%2FESX0tnmNiGMkTdxTs7sugQQs%2Bi0fI7U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6_1IiGqHu-aiqZ-Vaovf0lfT7o0m8rEHgDiO7Vqy4XEsZThqtTvzxwWGs9K4Qjv7K0KPZvDGONznA-HuFK2xu5e6tzQivyKzd6TmtolAO48nHyMHP2DsR2w97mGELBgmKH-PZIQv64UsG5ie9iSoRKeCmzdWtl99ZmH8S3BvJ8aj7mWoJaHKI4qDsh2f6h2aeJ2Ptca1nDqjl2hKxmb6s7zKANsBIlQ8IipTvAgWIYZx_qf_7wLEBrA6AUeIGQchJLfUlb0BDtgOZB8fYGX4TpO0sH1hpFhScPh5DIK_WX6yID1j9lHr2KzHzsOCCWQxpBvPQN7GmmaeMcdUZZ-TCdTnVSviAil1g5_tJj_alVd9AU0Z9Pv1-ZM9_BKD7Q1RrLpeT0Kl1P0N5EcotOmkJIVncDj1tRVViAhHSg772uIyhYpKt7q-76gG4AFJ3VEewwsVrvY0Y3NiNxlRQNc5PplMa9bsUOXJxUtRd9PzDO4kd_DfpHLcpwAyDMyE7aIXnG9Zsr5_i0miU5fvQKjr5MikW7aNIJdiSQkjEGvbwt2Bxp_q4fL3V6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCasGXS08sY6CFAobHhAbagKb4Acme0rFchf6X93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTg4NzM2ODIxMTAxOTQ2N6AB1bbS6gPIAQmpAq8TiY4phLA-qAMBqgTbAU_Q2hLQzp4LQOBe6E3nDKdg0vEAxmaHvvr04Rpotxhew3It6lrINtDdTYtxPZ9b9XY7wdSHF1j0Yxfo75tLwAO78TV1tz16BJ91Zbxd2BOwmwjwMVfH0tWjrFPeFb8WD2jdw_kMNEXH9wUjemzxVhP0GdGohaEbhArobkYE6AALstUlknAO_RoKFmp1eIyaiUxVWVU3-G1URar9Eftn-yT3gc7W5SSYIP42fEjDVmNxe6RPKpfL3AcNguvnxqioXgBBYqasf3U1PKtk6VKgt8jVhZX0ntsJYaY9IIAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1f_5kIfxQ8wjOwfEe_HT2N3DKDgA%26client%3Dca-pub-9887368211019467%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=280&adk=4188038881&adf=3136344130&pi=t.aa~a.2970055601~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663848266&rafmt=1&to=qs&pwprc=7179978295&psa=0&format=1200x280&url=https%3A%2F%2Flevitrares.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848266592&bpp=2&bdt=295&idt=270&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uqAmZ6bnUi&p=https%3A//levitrares.com&dtd=272
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9f7244322cde62e0c8ea58ae2fe60f5bf7509ab5758ef7413206b14478409ac6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 12:04:27 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=UQhDHelIVqdy5RdgPRgShEuUhNd45Vt74IiaeEomF-g_rdWSjHyiVdHeW5we5qYpGF2TOVpwLWc-daZl4jfYw3RopE3vz3aFmgBemKN1toiaZGEPgD_BYZDcXIa_z-JQB4_Q1LbzQgVVPviip8wBewDbMP22QFQwjq5_7MyrsrPhNpeRLGxGqgPUm4HY7GnzJQtBzvNFRBCjfUX2lyFYsDcZk_MtHtmdduSrq0gu1It0y6pdpRlLSCwGqppo_Xm3-Il_jA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
114951057
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7CB6 		624 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL_vZhCxheSYAxi3jsfSATAB&v=APEucNUeSrED4KLME4Ls2lEO6DorTmP0TvoeHxdJ3mwyo1u1LLGSvKCPbnsgc-QRDIIKDWJ3WsBG20lgrTRzt9VVHWs1EnGBgDILoLLxAc1xnE8SSTE4_MWLJni4MN4FjF3anDa2685skcmVUTouAqYYGOW5mRZTbw_5SMA5yO6uV82R0Ggtay8
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 12:04:27 GMT
expires
Thu, 22 Sep 2022 12:04:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame EE3C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:44:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1213
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9574
x-xss-protection
0
server
cafe
etag
3447265524526809024
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 11:44:14 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220919/r20110914/elements/html/ Frame EE3C 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220919/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 10:08:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6978
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2640
x-xss-protection
0
server
cafe
etag
2603454828624189567
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 10:08:09 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EE3C 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstULfSwic-OMrYqGVAi49ex9b35GoPrQk58bpZLtgu6oXfAm9FwsKa8FHxzZtG_5aUeZz2-JHlKu21rljdP1F_H9Tdo5SglAENTb91ukpRwZ04Vy0oyTZfZnQ1XbLPPkHfojcgxSFvUNRJq7dhq3MLMezONIu-mKXY1rguugyO_dG1jBQIJ0JtIT7afxJS8L65FogV_crk4VWCKy1p7k4qKnUCEH7_NNkSlZVfWPqP_3QGbWuc1-_pv09NfFY46SgCWr_on27zPfahlZc4xZIKYUw3_51nvqsffOGE_3-Kj0bCnYUGja2AfYVz1x_pCBTBaFf3EHBWzSi-bi5SexShSbzFPhKh59cCsnR9p7vsCCavZ3PiINfHy3OVUWK4ppHVJPUwQ8Kzbu3h9oKM9RQ79EnJhWKT_WARRQ_tjd3fm8shY_150dyLs0p1R3yatzRhYZkOuXFrzz5LL6wtjCohC2u8cn_iJ8-mCGIzfomUtdXdVqACKE6d5ibIplnkXID392CWbkOzfpnPedwfNxUpyqRir2Mbx87RTRhS1GBfHfI8ayxA05B8NZ-mp1JJvzGCYikAWJXfrPBVs7C5fupZzb06yyEH35reFn_H70GnSoZUZlp2Kli9Yk9EuBMxsWZx7CYLxhVdcg2G_7VPbvmq7BHtsToAWa_FBt0CYctCG0p1kg10bFnti-Lm1eCp9203XuBGxeyRNQ8aFb3NbRv-bpBAMo0rYiaVQlAmao0Anf-QFFmfzcws9FxOFk5T_elp7fWe5izswgfUrG1QvmCi8Qt9Wl0S2Jfsf7vtx_f4UjhKgdoFJctCXUWinnPqdtnmOaMBLuMj_AtfmEJDkuLBe6pj7HGvgDFMbRUozCuRVrdT1TH9HlugEBBsWqwKB_4RqgF5qil4LDzUibJatiIuonxzNwToD-pwBFmLNeyniamU-sGM6X64ME9-0_nVT2jXy2IYkTpKqJRvqr1KRieesASXrarPqAz0HCOLNoPOJ-Li9CZinPs5zku6Df0CaHE-NF2ejPdQFAmVjENDuXNHgit2JuP9-p0pj_X1Y4XLocPGdqDW51fLr7mlGJu1PqCfTMbOoWmpsfdPirhiDskqrId-AzSEhlZm3bWuXu8XAGlRGES4uTz8kj6XqZZMtkwiAY9uQ4H1VZhVCe_ONshvOqh4z-dibXl9iahj1GNN_1Jg&sai=AMfl-YTss-IW0NVplMw78XQ6jlLMs3MheFVSrLlxPkRDFrkbCLphCsJUyGf4d07-3iudLcZ8SsiDojYs9hwN4uGeNGfFk79okFFjFWCbjm9VUUQtuGw4WlOaRKJgX6d2YH1SedSuOfea4Xea4eym_Nsmnimk9Siu5TtInSiNs-4tTCSPeH-AkxFkJWY&sig=Cg0ArKJSzKuic4qnobB4EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220919.94977&adurl=
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 22 Sep 2022 12:04:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EE3C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 08:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11402
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 08:54:25 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame EE3C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 11:56:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame EE3C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7568
x-xss-protection
0
server
cafe
etag
16266204680973569043
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 12:04:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EE3C 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 12:04:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EE3C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AVve-q-AaBVStQVqEsSqqgyk4qWlmwIEXEZI_VLh_-rQur707jZr8gyAJ-uBSvcBItKlFJScHdg6FF0BReFgnnxj7U61iIw96jmbaW3BGkdqFTERk
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
13557070326004702387
s0.2mdn.net/simgad/ Frame EE3C 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13557070326004702387
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220919/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fbdc7a4ba19f94d7bebb87590985711136b8569429c6fd7e3b0a1ea4ee04a154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 16:42:21 GMT
x-content-type-options
nosniff
age
588126
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50344
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 10:49:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 15 Sep 2023 16:42:21 GMT
rum
dsum-sec.casalemedia.com/ Frame 7CB6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA7_RWovtOrd7tLXzu9cdXs&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA7_RWovtOrd7tLXzu9cdXs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL_vZhCxheSYAxi3jsfSATAB&v=APEucNUeSrED4KLME4Ls2lEO6DorTmP0TvoeHxdJ3mwyo1u1LLGSvKCPbnsgc-QRDIIKDWJ3WsBG20lgrTRzt9VVHWs1EnGBgDILoLLxAc1xnE8SSTE4_MWLJni4MN4FjF3anDa2685skcmVUTouAqYYGOW5mRZTbw_5SMA5yO6uV82R0Ggtay8
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74eae7394b0f8fe9-FRA
pragma
no-cache
date
Thu, 22 Sep 2022 12:04:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbgIRxZNnXMiu7rrrBEhEWNs36xS%2FGcw4VnDKCggrBEkv3tqBvPcGsDsuswfMPFQXqlQ4xNkX3pozN%2FHLreE64%2BNmY1wV4lPhrqeTBxsib1j%2BTFyEnBQJ9%2Fy4ZY7s0timQRLlR2bRl0LqA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA7_RWovtOrd7tLXzu9cdXs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7CB6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyxPS.wEMUC0oRL6JyErrgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOdkDxvSYn-iXAiYQuDm-zg&google_cver=1&google_hm=2
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOdkDxvSYn-iXAiYQuDm-zg&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL_vZhCxheSYAxi3jsfSATAB&v=APEucNUeSrED4KLME4Ls2lEO6DorTmP0TvoeHxdJ3mwyo1u1LLGSvKCPbnsgc-QRDIIKDWJ3WsBG20lgrTRzt9VVHWs1EnGBgDILoLLxAc1xnE8SSTE4_MWLJni4MN4FjF3anDa2685skcmVUTouAqYYGOW5mRZTbw_5SMA5yO6uV82R0Ggtay8
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74eae73a4cb58fe9-FRA
pragma
no-cache
date
Thu, 22 Sep 2022 12:04:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQoSyh%2BMCkYaLUT4GYfePYLrt5weIZLxhAVUW%2FKY2UK8qp9Z0kTCTshbdqSeI8FM3nOPEAAgEgIEZIgw5W%2BoxFybuRBkjSyYEdu7SfKnzg02XZFORRPybIuyjW31eC1W2piTwdFUN4AAEw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOdkDxvSYn-iXAiYQuDm-zg&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 7CB6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKwUJiKuUaDCYfIfdR0bU-s&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKwUJiKuUaDCYfIfdR0bU-s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL_vZhCxheSYAxi3jsfSATAB&v=APEucNUeSrED4KLME4Ls2lEO6DorTmP0TvoeHxdJ3mwyo1u1LLGSvKCPbnsgc-QRDIIKDWJ3WsBG20lgrTRzt9VVHWs1EnGBgDILoLLxAc1xnE8SSTE4_MWLJni4MN4FjF3anDa2685skcmVUTouAqYYGOW5mRZTbw_5SMA5yO6uV82R0Ggtay8
Protocol
HTTP/1.1
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 12:04:27 GMT
X-Proxy-Origin
185.213.155.177; 185.213.155.177; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
651c3424-2706-44d5-9387-b7cf6ab87765
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKwUJiKuUaDCYfIfdR0bU-s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7CB6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxNDc2MzI4ODI2MTg4NTM1Ng%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxNDc2MzI4ODI2MTg4NTM1Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL_vZhCxheSYAxi3jsfSATAB&v=APEucNUeSrED4KLME4Ls2lEO6DorTmP0TvoeHxdJ3mwyo1u1LLGSvKCPbnsgc-QRDIIKDWJ3WsBG20lgrTRzt9VVHWs1EnGBgDILoLLxAc1xnE8SSTE4_MWLJni4MN4FjF3anDa2685skcmVUTouAqYYGOW5mRZTbw_5SMA5yO6uV82R0Ggtay8
Protocol
H2
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 22 Sep 2022 12:04:27 GMT
X-Proxy-Origin
185.213.155.177; 185.213.155.177; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
956593ee-3342-415e-9326-775582552d2e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjkxNDc2MzI4ODI2MTg4NTM1Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame C67C 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
915d8d5fa49f0c72d81b2b9cf140ffb481c6fe715d71ba1bb6a0256abffbad27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EE3C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fcdeb2f84ea5edd6924dc0592ffc31212b62808cb43c880b952df2752b71c8bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2FF1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
11379
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 08:54:48 GMT
expires
Fri, 22 Sep 2023 08:54:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 129C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyxPSwAAgqAKwSOGAAmAWrdYRw_484eD0nynDw&u=%7Cb%2FrdAxAKvbd%2FESX0tnmNiGMkTdxTs7sugQQs%2Bi0fI7U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6_1IiGqHu-aiqZ-Vaovf0lfT7o0m8rEHgDiO7Vqy4XEsZThqtTvzxwWGs9K4Qjv7K0KPZvDGONznA-HuFK2xu5e6tzQivyKzd6TmtolAO48nHyMHP2DsR2w97mGELBgmKH-PZIQv64UsG5ie9iSoRKeCmzdWtl99ZmH8S3BvJ8aj7mWoJaHKI4qDsh2f6h2aeJ2Ptca1nDqjl2hKxmb6s7zKANsBIlQ8IipTvAgWIYZx_qf_7wLEBrA6AUeIGQchJLfUlb0BDtgOZB8fYGX4TpO0sH1hpFhScPh5DIK_WX6yID1j9lHr2KzHzsOCCWQxpBvPQN7GmmaeMcdUZZ-TCdTnVSviAil1g5_tJj_alVd9AU0Z9Pv1-ZM9_BKD7Q1RrLpeT0Kl1P0N5EcotOmkJIVncDj1tRVViAhHSg772uIyhYpKt7q-76gG4AFJ3VEewwsVrvY0Y3NiNxlRQNc5PplMa9bsUOXJxUtRd9PzDO4kd_DfpHLcpwAyDMyE7aIXnG9Zsr5_i0miU5fvQKjr5MikW7aNIJdiSQkjEGvbwt2Bxp_q4fL3V6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCasGXS08sY6CFAobHhAbagKb4Acme0rFchf6X93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTg4NzM2ODIxMTAxOTQ2N6AB1bbS6gPIAQmpAq8TiY4phLA-qAMBqgTbAU_Q2hLQzp4LQOBe6E3nDKdg0vEAxmaHvvr04Rpotxhew3It6lrINtDdTYtxPZ9b9XY7wdSHF1j0Yxfo75tLwAO78TV1tz16BJ91Zbxd2BOwmwjwMVfH0tWjrFPeFb8WD2jdw_kMNEXH9wUjemzxVhP0GdGohaEbhArobkYE6AALstUlknAO_RoKFmp1eIyaiUxVWVU3-G1URar9Eftn-yT3gc7W5SSYIP42fEjDVmNxe6RPKpfL3AcNguvnxqioXgBBYqasf3U1PKtk6VKgt8jVhZX0ntsJYaY9IIAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1f_5kIfxQ8wjOwfEe_HT2N3DKDgA%26client%3Dca-pub-9887368211019467%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 12:04:27 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 129C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyxPSwAAgqAKwSOGAAmAWrdYRw_484eD0nynDw&u=%7Cb%2FrdAxAKvbd%2FESX0tnmNiGMkTdxTs7sugQQs%2Bi0fI7U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6_1IiGqHu-aiqZ-Vaovf0lfT7o0m8rEHgDiO7Vqy4XEsZThqtTvzxwWGs9K4Qjv7K0KPZvDGONznA-HuFK2xu5e6tzQivyKzd6TmtolAO48nHyMHP2DsR2w97mGELBgmKH-PZIQv64UsG5ie9iSoRKeCmzdWtl99ZmH8S3BvJ8aj7mWoJaHKI4qDsh2f6h2aeJ2Ptca1nDqjl2hKxmb6s7zKANsBIlQ8IipTvAgWIYZx_qf_7wLEBrA6AUeIGQchJLfUlb0BDtgOZB8fYGX4TpO0sH1hpFhScPh5DIK_WX6yID1j9lHr2KzHzsOCCWQxpBvPQN7GmmaeMcdUZZ-TCdTnVSviAil1g5_tJj_alVd9AU0Z9Pv1-ZM9_BKD7Q1RrLpeT0Kl1P0N5EcotOmkJIVncDj1tRVViAhHSg772uIyhYpKt7q-76gG4AFJ3VEewwsVrvY0Y3NiNxlRQNc5PplMa9bsUOXJxUtRd9PzDO4kd_DfpHLcpwAyDMyE7aIXnG9Zsr5_i0miU5fvQKjr5MikW7aNIJdiSQkjEGvbwt2Bxp_q4fL3V6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCasGXS08sY6CFAobHhAbagKb4Acme0rFchf6X93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTg4NzM2ODIxMTAxOTQ2N6AB1bbS6gPIAQmpAq8TiY4phLA-qAMBqgTbAU_Q2hLQzp4LQOBe6E3nDKdg0vEAxmaHvvr04Rpotxhew3It6lrINtDdTYtxPZ9b9XY7wdSHF1j0Yxfo75tLwAO78TV1tz16BJ91Zbxd2BOwmwjwMVfH0tWjrFPeFb8WD2jdw_kMNEXH9wUjemzxVhP0GdGohaEbhArobkYE6AALstUlknAO_RoKFmp1eIyaiUxVWVU3-G1URar9Eftn-yT3gc7W5SSYIP42fEjDVmNxe6RPKpfL3AcNguvnxqioXgBBYqasf3U1PKtk6VKgt8jVhZX0ntsJYaY9IIAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1f_5kIfxQ8wjOwfEe_HT2N3DKDgA%26client%3Dca-pub-9887368211019467%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 12:04:27 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 129C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyxPSwAAgqAKwSOGAAmAWrdYRw_484eD0nynDw&u=%7Cb%2FrdAxAKvbd%2FESX0tnmNiGMkTdxTs7sugQQs%2Bi0fI7U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6_1IiGqHu-aiqZ-Vaovf0lfT7o0m8rEHgDiO7Vqy4XEsZThqtTvzxwWGs9K4Qjv7K0KPZvDGONznA-HuFK2xu5e6tzQivyKzd6TmtolAO48nHyMHP2DsR2w97mGELBgmKH-PZIQv64UsG5ie9iSoRKeCmzdWtl99ZmH8S3BvJ8aj7mWoJaHKI4qDsh2f6h2aeJ2Ptca1nDqjl2hKxmb6s7zKANsBIlQ8IipTvAgWIYZx_qf_7wLEBrA6AUeIGQchJLfUlb0BDtgOZB8fYGX4TpO0sH1hpFhScPh5DIK_WX6yID1j9lHr2KzHzsOCCWQxpBvPQN7GmmaeMcdUZZ-TCdTnVSviAil1g5_tJj_alVd9AU0Z9Pv1-ZM9_BKD7Q1RrLpeT0Kl1P0N5EcotOmkJIVncDj1tRVViAhHSg772uIyhYpKt7q-76gG4AFJ3VEewwsVrvY0Y3NiNxlRQNc5PplMa9bsUOXJxUtRd9PzDO4kd_DfpHLcpwAyDMyE7aIXnG9Zsr5_i0miU5fvQKjr5MikW7aNIJdiSQkjEGvbwt2Bxp_q4fL3V6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCasGXS08sY6CFAobHhAbagKb4Acme0rFchf6X93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTg4NzM2ODIxMTAxOTQ2N6AB1bbS6gPIAQmpAq8TiY4phLA-qAMBqgTbAU_Q2hLQzp4LQOBe6E3nDKdg0vEAxmaHvvr04Rpotxhew3It6lrINtDdTYtxPZ9b9XY7wdSHF1j0Yxfo75tLwAO78TV1tz16BJ91Zbxd2BOwmwjwMVfH0tWjrFPeFb8WD2jdw_kMNEXH9wUjemzxVhP0GdGohaEbhArobkYE6AALstUlknAO_RoKFmp1eIyaiUxVWVU3-G1URar9Eftn-yT3gc7W5SSYIP42fEjDVmNxe6RPKpfL3AcNguvnxqioXgBBYqasf3U1PKtk6VKgt8jVhZX0ntsJYaY9IIAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1f_5kIfxQ8wjOwfEe_HT2N3DKDgA%26client%3Dca-pub-9887368211019467%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sun, 17 Sep 2023 12:04:27 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 129C 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyxPSwAAgqAKwSOGAAmAWrdYRw_484eD0nynDw&u=%7Cb%2FrdAxAKvbd%2FESX0tnmNiGMkTdxTs7sugQQs%2Bi0fI7U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6_1IiGqHu-aiqZ-Vaovf0lfT7o0m8rEHgDiO7Vqy4XEsZThqtTvzxwWGs9K4Qjv7K0KPZvDGONznA-HuFK2xu5e6tzQivyKzd6TmtolAO48nHyMHP2DsR2w97mGELBgmKH-PZIQv64UsG5ie9iSoRKeCmzdWtl99ZmH8S3BvJ8aj7mWoJaHKI4qDsh2f6h2aeJ2Ptca1nDqjl2hKxmb6s7zKANsBIlQ8IipTvAgWIYZx_qf_7wLEBrA6AUeIGQchJLfUlb0BDtgOZB8fYGX4TpO0sH1hpFhScPh5DIK_WX6yID1j9lHr2KzHzsOCCWQxpBvPQN7GmmaeMcdUZZ-TCdTnVSviAil1g5_tJj_alVd9AU0Z9Pv1-ZM9_BKD7Q1RrLpeT0Kl1P0N5EcotOmkJIVncDj1tRVViAhHSg772uIyhYpKt7q-76gG4AFJ3VEewwsVrvY0Y3NiNxlRQNc5PplMa9bsUOXJxUtRd9PzDO4kd_DfpHLcpwAyDMyE7aIXnG9Zsr5_i0miU5fvQKjr5MikW7aNIJdiSQkjEGvbwt2Bxp_q4fL3V6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCasGXS08sY6CFAobHhAbagKb4Acme0rFchf6X93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTg4NzM2ODIxMTAxOTQ2N6AB1bbS6gPIAQmpAq8TiY4phLA-qAMBqgTbAU_Q2hLQzp4LQOBe6E3nDKdg0vEAxmaHvvr04Rpotxhew3It6lrINtDdTYtxPZ9b9XY7wdSHF1j0Yxfo75tLwAO78TV1tz16BJ91Zbxd2BOwmwjwMVfH0tWjrFPeFb8WD2jdw_kMNEXH9wUjemzxVhP0GdGohaEbhArobkYE6AALstUlknAO_RoKFmp1eIyaiUxVWVU3-G1URar9Eftn-yT3gc7W5SSYIP42fEjDVmNxe6RPKpfL3AcNguvnxqioXgBBYqasf3U1PKtk6VKgt8jVhZX0ntsJYaY9IIAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1f_5kIfxQ8wjOwfEe_HT2N3DKDgA%26client%3Dca-pub-9887368211019467%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sun, 17 Sep 2023 12:04:27 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 129C 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=NzJeRCB1GfGKclueEhCYwN_E1njASsytAEvHzblmPE61aTs4r-QfeR_19sKAcQNyKzv70FAVfk4Kv7fQAultMbza6pnGUJwV4ba1hNjDC7kFDx0WvsRQgUXFhumFOD3Z1uf7B-Vzd11oe3r_tMZxKBSXigDQ_O7BjY9LaiOcMI0fwehPwbFWhHUpmmcCMPVeynC9F2TXGIj8UjVUF0HcFwR31IlTRLHfdfZujQS__pTcnDdCGJHg4V4sZ4AEQ4FyFhpU6BYD1bFXKO4s8suhXJLE5qn-4yxWgAju_EKQ3lWIIsDM_s_7vZvZFenPXL9DKiKeqdxeuN2NqTY__nuoAePrDnEwK_eJ09dlE3DQiSZ92nU4oOiwblYW_TgcSpqVR1WiortdCI-fsNkg-42hBnvbFpMYMr1oeOKqs-tiFP-p1v9nXhzzHF6lQbyUB06sThrxUw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyxPSwAAgqAKwSOGAAmAWrdYRw_484eD0nynDw&u=%7Cb%2FrdAxAKvbd%2FESX0tnmNiGMkTdxTs7sugQQs%2Bi0fI7U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6_1IiGqHu-aiqZ-Vaovf0lfT7o0m8rEHgDiO7Vqy4XEsZThqtTvzxwWGs9K4Qjv7K0KPZvDGONznA-HuFK2xu5e6tzQivyKzd6TmtolAO48nHyMHP2DsR2w97mGELBgmKH-PZIQv64UsG5ie9iSoRKeCmzdWtl99ZmH8S3BvJ8aj7mWoJaHKI4qDsh2f6h2aeJ2Ptca1nDqjl2hKxmb6s7zKANsBIlQ8IipTvAgWIYZx_qf_7wLEBrA6AUeIGQchJLfUlb0BDtgOZB8fYGX4TpO0sH1hpFhScPh5DIK_WX6yID1j9lHr2KzHzsOCCWQxpBvPQN7GmmaeMcdUZZ-TCdTnVSviAil1g5_tJj_alVd9AU0Z9Pv1-ZM9_BKD7Q1RrLpeT0Kl1P0N5EcotOmkJIVncDj1tRVViAhHSg772uIyhYpKt7q-76gG4AFJ3VEewwsVrvY0Y3NiNxlRQNc5PplMa9bsUOXJxUtRd9PzDO4kd_DfpHLcpwAyDMyE7aIXnG9Zsr5_i0miU5fvQKjr5MikW7aNIJdiSQkjEGvbwt2Bxp_q4fL3V6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCasGXS08sY6CFAobHhAbagKb4Acme0rFchf6X93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTg4NzM2ODIxMTAxOTQ2N6AB1bbS6gPIAQmpAq8TiY4phLA-qAMBqgTbAU_Q2hLQzp4LQOBe6E3nDKdg0vEAxmaHvvr04Rpotxhew3It6lrINtDdTYtxPZ9b9XY7wdSHF1j0Yxfo75tLwAO78TV1tz16BJ91Zbxd2BOwmwjwMVfH0tWjrFPeFb8WD2jdw_kMNEXH9wUjemzxVhP0GdGohaEbhArobkYE6AALstUlknAO_RoKFmp1eIyaiUxVWVU3-G1URar9Eftn-yT3gc7W5SSYIP42fEjDVmNxe6RPKpfL3AcNguvnxqioXgBBYqasf3U1PKtk6VKgt8jVhZX0ntsJYaY9IIAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1f_5kIfxQ8wjOwfEe_HT2N3DKDgA%26client%3Dca-pub-9887368211019467%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:27 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2869854
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 129C 		44 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1663848267
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyxPSwAAgqAKwSOGAAmAWrdYRw_484eD0nynDw&u=%7Cb%2FrdAxAKvbd%2FESX0tnmNiGMkTdxTs7sugQQs%2Bi0fI7U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6_1IiGqHu-aiqZ-Vaovf0lfT7o0m8rEHgDiO7Vqy4XEsZThqtTvzxwWGs9K4Qjv7K0KPZvDGONznA-HuFK2xu5e6tzQivyKzd6TmtolAO48nHyMHP2DsR2w97mGELBgmKH-PZIQv64UsG5ie9iSoRKeCmzdWtl99ZmH8S3BvJ8aj7mWoJaHKI4qDsh2f6h2aeJ2Ptca1nDqjl2hKxmb6s7zKANsBIlQ8IipTvAgWIYZx_qf_7wLEBrA6AUeIGQchJLfUlb0BDtgOZB8fYGX4TpO0sH1hpFhScPh5DIK_WX6yID1j9lHr2KzHzsOCCWQxpBvPQN7GmmaeMcdUZZ-TCdTnVSviAil1g5_tJj_alVd9AU0Z9Pv1-ZM9_BKD7Q1RrLpeT0Kl1P0N5EcotOmkJIVncDj1tRVViAhHSg772uIyhYpKt7q-76gG4AFJ3VEewwsVrvY0Y3NiNxlRQNc5PplMa9bsUOXJxUtRd9PzDO4kd_DfpHLcpwAyDMyE7aIXnG9Zsr5_i0miU5fvQKjr5MikW7aNIJdiSQkjEGvbwt2Bxp_q4fL3V6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCasGXS08sY6CFAobHhAbagKb4Acme0rFchf6X93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTg4NzM2ODIxMTAxOTQ2N6AB1bbS6gPIAQmpAq8TiY4phLA-qAMBqgTbAU_Q2hLQzp4LQOBe6E3nDKdg0vEAxmaHvvr04Rpotxhew3It6lrINtDdTYtxPZ9b9XY7wdSHF1j0Yxfo75tLwAO78TV1tz16BJ91Zbxd2BOwmwjwMVfH0tWjrFPeFb8WD2jdw_kMNEXH9wUjemzxVhP0GdGohaEbhArobkYE6AALstUlknAO_RoKFmp1eIyaiUxVWVU3-G1URar9Eftn-yT3gc7W5SSYIP42fEjDVmNxe6RPKpfL3AcNguvnxqioXgBBYqasf3U1PKtk6VKgt8jVhZX0ntsJYaY9IIAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1f_5kIfxQ8wjOwfEe_HT2N3DKDgA%26client%3Dca-pub-9887368211019467%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9c00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id
JH18eJHdYUGEtFB3APig1JkuTlDrwvq-02YAd7gHtXGmoFTf7qS9vg==
expires
Thu, 01 Dec 1994 16:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 129C 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyxPSwAAgqAKwSOGAAmAWrdYRw_484eD0nynDw&u=%7Cb%2FrdAxAKvbd%2FESX0tnmNiGMkTdxTs7sugQQs%2Bi0fI7U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6_1IiGqHu-aiqZ-Vaovf0lfT7o0m8rEHgDiO7Vqy4XEsZThqtTvzxwWGs9K4Qjv7K0KPZvDGONznA-HuFK2xu5e6tzQivyKzd6TmtolAO48nHyMHP2DsR2w97mGELBgmKH-PZIQv64UsG5ie9iSoRKeCmzdWtl99ZmH8S3BvJ8aj7mWoJaHKI4qDsh2f6h2aeJ2Ptca1nDqjl2hKxmb6s7zKANsBIlQ8IipTvAgWIYZx_qf_7wLEBrA6AUeIGQchJLfUlb0BDtgOZB8fYGX4TpO0sH1hpFhScPh5DIK_WX6yID1j9lHr2KzHzsOCCWQxpBvPQN7GmmaeMcdUZZ-TCdTnVSviAil1g5_tJj_alVd9AU0Z9Pv1-ZM9_BKD7Q1RrLpeT0Kl1P0N5EcotOmkJIVncDj1tRVViAhHSg772uIyhYpKt7q-76gG4AFJ3VEewwsVrvY0Y3NiNxlRQNc5PplMa9bsUOXJxUtRd9PzDO4kd_DfpHLcpwAyDMyE7aIXnG9Zsr5_i0miU5fvQKjr5MikW7aNIJdiSQkjEGvbwt2Bxp_q4fL3V6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCasGXS08sY6CFAobHhAbagKb4Acme0rFchf6X93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTg4NzM2ODIxMTAxOTQ2N6AB1bbS6gPIAQmpAq8TiY4phLA-qAMBqgTbAU_Q2hLQzp4LQOBe6E3nDKdg0vEAxmaHvvr04Rpotxhew3It6lrINtDdTYtxPZ9b9XY7wdSHF1j0Yxfo75tLwAO78TV1tz16BJ91Zbxd2BOwmwjwMVfH0tWjrFPeFb8WD2jdw_kMNEXH9wUjemzxVhP0GdGohaEbhArobkYE6AALstUlknAO_RoKFmp1eIyaiUxVWVU3-G1URar9Eftn-yT3gc7W5SSYIP42fEjDVmNxe6RPKpfL3AcNguvnxqioXgBBYqasf3U1PKtk6VKgt8jVhZX0ntsJYaY9IIAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1f_5kIfxQ8wjOwfEe_HT2N3DKDgA%26client%3Dca-pub-9887368211019467%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 12:04:27 GMT
img
pix.eu.criteo.net/img/ Frame 129C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=196&s=WVunQn1urfIF5n-zpdjitqDp
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyxPSwAAgqAKwSOGAAmAWrdYRw_484eD0nynDw&u=%7Cb%2FrdAxAKvbd%2FESX0tnmNiGMkTdxTs7sugQQs%2Bi0fI7U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6_1IiGqHu-aiqZ-Vaovf0lfT7o0m8rEHgDiO7Vqy4XEsZThqtTvzxwWGs9K4Qjv7K0KPZvDGONznA-HuFK2xu5e6tzQivyKzd6TmtolAO48nHyMHP2DsR2w97mGELBgmKH-PZIQv64UsG5ie9iSoRKeCmzdWtl99ZmH8S3BvJ8aj7mWoJaHKI4qDsh2f6h2aeJ2Ptca1nDqjl2hKxmb6s7zKANsBIlQ8IipTvAgWIYZx_qf_7wLEBrA6AUeIGQchJLfUlb0BDtgOZB8fYGX4TpO0sH1hpFhScPh5DIK_WX6yID1j9lHr2KzHzsOCCWQxpBvPQN7GmmaeMcdUZZ-TCdTnVSviAil1g5_tJj_alVd9AU0Z9Pv1-ZM9_BKD7Q1RrLpeT0Kl1P0N5EcotOmkJIVncDj1tRVViAhHSg772uIyhYpKt7q-76gG4AFJ3VEewwsVrvY0Y3NiNxlRQNc5PplMa9bsUOXJxUtRd9PzDO4kd_DfpHLcpwAyDMyE7aIXnG9Zsr5_i0miU5fvQKjr5MikW7aNIJdiSQkjEGvbwt2Bxp_q4fL3V6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCasGXS08sY6CFAobHhAbagKb4Acme0rFchf6X93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTg4NzM2ODIxMTAxOTQ2N6AB1bbS6gPIAQmpAq8TiY4phLA-qAMBqgTbAU_Q2hLQzp4LQOBe6E3nDKdg0vEAxmaHvvr04Rpotxhew3It6lrINtDdTYtxPZ9b9XY7wdSHF1j0Yxfo75tLwAO78TV1tz16BJ91Zbxd2BOwmwjwMVfH0tWjrFPeFb8WD2jdw_kMNEXH9wUjemzxVhP0GdGohaEbhArobkYE6AALstUlknAO_RoKFmp1eIyaiUxVWVU3-G1URar9Eftn-yT3gc7W5SSYIP42fEjDVmNxe6RPKpfL3AcNguvnxqioXgBBYqasf3U1PKtk6VKgt8jVhZX0ntsJYaY9IIAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1f_5kIfxQ8wjOwfEe_HT2N3DKDgA%26client%3Dca-pub-9887368211019467%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28833351
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5106
expires
Tue, 22 Aug 2023 05:20:19 GMT
img
pix.eu.criteo.net/img/ Frame 129C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoRasenBallsport-Leipzig-GmbH-112203DE-2011231618.gif%3Feb%3D1&v=3&w=800&s=uL1eBielVmNzs4UCUlbGoce6&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyxPSwAAgqAKwSOGAAmAWrdYRw_484eD0nynDw&u=%7Cb%2FrdAxAKvbd%2FESX0tnmNiGMkTdxTs7sugQQs%2Bi0fI7U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6_1IiGqHu-aiqZ-Vaovf0lfT7o0m8rEHgDiO7Vqy4XEsZThqtTvzxwWGs9K4Qjv7K0KPZvDGONznA-HuFK2xu5e6tzQivyKzd6TmtolAO48nHyMHP2DsR2w97mGELBgmKH-PZIQv64UsG5ie9iSoRKeCmzdWtl99ZmH8S3BvJ8aj7mWoJaHKI4qDsh2f6h2aeJ2Ptca1nDqjl2hKxmb6s7zKANsBIlQ8IipTvAgWIYZx_qf_7wLEBrA6AUeIGQchJLfUlb0BDtgOZB8fYGX4TpO0sH1hpFhScPh5DIK_WX6yID1j9lHr2KzHzsOCCWQxpBvPQN7GmmaeMcdUZZ-TCdTnVSviAil1g5_tJj_alVd9AU0Z9Pv1-ZM9_BKD7Q1RrLpeT0Kl1P0N5EcotOmkJIVncDj1tRVViAhHSg772uIyhYpKt7q-76gG4AFJ3VEewwsVrvY0Y3NiNxlRQNc5PplMa9bsUOXJxUtRd9PzDO4kd_DfpHLcpwAyDMyE7aIXnG9Zsr5_i0miU5fvQKjr5MikW7aNIJdiSQkjEGvbwt2Bxp_q4fL3V6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCasGXS08sY6CFAobHhAbagKb4Acme0rFchf6X93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTg4NzM2ODIxMTAxOTQ2N6AB1bbS6gPIAQmpAq8TiY4phLA-qAMBqgTbAU_Q2hLQzp4LQOBe6E3nDKdg0vEAxmaHvvr04Rpotxhew3It6lrINtDdTYtxPZ9b9XY7wdSHF1j0Yxfo75tLwAO78TV1tz16BJ91Zbxd2BOwmwjwMVfH0tWjrFPeFb8WD2jdw_kMNEXH9wUjemzxVhP0GdGohaEbhArobkYE6AALstUlknAO_RoKFmp1eIyaiUxVWVU3-G1URar9Eftn-yT3gc7W5SSYIP42fEjDVmNxe6RPKpfL3AcNguvnxqioXgBBYqasf3U1PKtk6VKgt8jVhZX0ntsJYaY9IIAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1f_5kIfxQ8wjOwfEe_HT2N3DKDgA%26client%3Dca-pub-9887368211019467%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
049197d27fc218a1fc7185322d281d1f12d8cb637cce49e815600869e12e463a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5240
expires
Sun, 17 Sep 2023 12:04:27 GMT
img
pix.eu.criteo.net/img/ Frame 129C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoFERCHAU-GmbH-6095DE.gif%3Feb%3D1&v=3&w=800&s=BsJ1FXdhZZckRUmKllqaV50m&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyxPSwAAgqAKwSOGAAmAWrdYRw_484eD0nynDw&u=%7Cb%2FrdAxAKvbd%2FESX0tnmNiGMkTdxTs7sugQQs%2Bi0fI7U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6_1IiGqHu-aiqZ-Vaovf0lfT7o0m8rEHgDiO7Vqy4XEsZThqtTvzxwWGs9K4Qjv7K0KPZvDGONznA-HuFK2xu5e6tzQivyKzd6TmtolAO48nHyMHP2DsR2w97mGELBgmKH-PZIQv64UsG5ie9iSoRKeCmzdWtl99ZmH8S3BvJ8aj7mWoJaHKI4qDsh2f6h2aeJ2Ptca1nDqjl2hKxmb6s7zKANsBIlQ8IipTvAgWIYZx_qf_7wLEBrA6AUeIGQchJLfUlb0BDtgOZB8fYGX4TpO0sH1hpFhScPh5DIK_WX6yID1j9lHr2KzHzsOCCWQxpBvPQN7GmmaeMcdUZZ-TCdTnVSviAil1g5_tJj_alVd9AU0Z9Pv1-ZM9_BKD7Q1RrLpeT0Kl1P0N5EcotOmkJIVncDj1tRVViAhHSg772uIyhYpKt7q-76gG4AFJ3VEewwsVrvY0Y3NiNxlRQNc5PplMa9bsUOXJxUtRd9PzDO4kd_DfpHLcpwAyDMyE7aIXnG9Zsr5_i0miU5fvQKjr5MikW7aNIJdiSQkjEGvbwt2Bxp_q4fL3V6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCasGXS08sY6CFAobHhAbagKb4Acme0rFchf6X93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTg4NzM2ODIxMTAxOTQ2N6AB1bbS6gPIAQmpAq8TiY4phLA-qAMBqgTbAU_Q2hLQzp4LQOBe6E3nDKdg0vEAxmaHvvr04Rpotxhew3It6lrINtDdTYtxPZ9b9XY7wdSHF1j0Yxfo75tLwAO78TV1tz16BJ91Zbxd2BOwmwjwMVfH0tWjrFPeFb8WD2jdw_kMNEXH9wUjemzxVhP0GdGohaEbhArobkYE6AALstUlknAO_RoKFmp1eIyaiUxVWVU3-G1URar9Eftn-yT3gc7W5SSYIP42fEjDVmNxe6RPKpfL3AcNguvnxqioXgBBYqasf3U1PKtk6VKgt8jVhZX0ntsJYaY9IIAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1f_5kIfxQ8wjOwfEe_HT2N3DKDgA%26client%3Dca-pub-9887368211019467%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e07ccca148e2c8b285445f95a58538adb00ccb91c9b1ffb373707a84352da6d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1993974
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1772
expires
Sat, 15 Oct 2022 13:57:22 GMT
img
pix.eu.criteo.net/img/ Frame 129C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=800&s=HYbmSDVtbe5wAnm1TH3AhaIB&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyxPSwAAgqAKwSOGAAmAWrdYRw_484eD0nynDw&u=%7Cb%2FrdAxAKvbd%2FESX0tnmNiGMkTdxTs7sugQQs%2Bi0fI7U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6_1IiGqHu-aiqZ-Vaovf0lfT7o0m8rEHgDiO7Vqy4XEsZThqtTvzxwWGs9K4Qjv7K0KPZvDGONznA-HuFK2xu5e6tzQivyKzd6TmtolAO48nHyMHP2DsR2w97mGELBgmKH-PZIQv64UsG5ie9iSoRKeCmzdWtl99ZmH8S3BvJ8aj7mWoJaHKI4qDsh2f6h2aeJ2Ptca1nDqjl2hKxmb6s7zKANsBIlQ8IipTvAgWIYZx_qf_7wLEBrA6AUeIGQchJLfUlb0BDtgOZB8fYGX4TpO0sH1hpFhScPh5DIK_WX6yID1j9lHr2KzHzsOCCWQxpBvPQN7GmmaeMcdUZZ-TCdTnVSviAil1g5_tJj_alVd9AU0Z9Pv1-ZM9_BKD7Q1RrLpeT0Kl1P0N5EcotOmkJIVncDj1tRVViAhHSg772uIyhYpKt7q-76gG4AFJ3VEewwsVrvY0Y3NiNxlRQNc5PplMa9bsUOXJxUtRd9PzDO4kd_DfpHLcpwAyDMyE7aIXnG9Zsr5_i0miU5fvQKjr5MikW7aNIJdiSQkjEGvbwt2Bxp_q4fL3V6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCasGXS08sY6CFAobHhAbagKb4Acme0rFchf6X93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTg4NzM2ODIxMTAxOTQ2N6AB1bbS6gPIAQmpAq8TiY4phLA-qAMBqgTbAU_Q2hLQzp4LQOBe6E3nDKdg0vEAxmaHvvr04Rpotxhew3It6lrINtDdTYtxPZ9b9XY7wdSHF1j0Yxfo75tLwAO78TV1tz16BJ91Zbxd2BOwmwjwMVfH0tWjrFPeFb8WD2jdw_kMNEXH9wUjemzxVhP0GdGohaEbhArobkYE6AALstUlknAO_RoKFmp1eIyaiUxVWVU3-G1URar9Eftn-yT3gc7W5SSYIP42fEjDVmNxe6RPKpfL3AcNguvnxqioXgBBYqasf3U1PKtk6VKgt8jVhZX0ntsJYaY9IIAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1f_5kIfxQ8wjOwfEe_HT2N3DKDgA%26client%3Dca-pub-9887368211019467%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2372503
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1584
expires
Wed, 19 Oct 2022 23:06:11 GMT
img
pix.eu.criteo.net/img/ Frame 129C 		848 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoNETCONOMY-GmbH-84819DE-2202071641.gif%3Feb%3D1&v=3&w=800&s=KOr4OZoQRbic3-G_kzjIuLkg&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyxPSwAAgqAKwSOGAAmAWrdYRw_484eD0nynDw&u=%7Cb%2FrdAxAKvbd%2FESX0tnmNiGMkTdxTs7sugQQs%2Bi0fI7U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6_1IiGqHu-aiqZ-Vaovf0lfT7o0m8rEHgDiO7Vqy4XEsZThqtTvzxwWGs9K4Qjv7K0KPZvDGONznA-HuFK2xu5e6tzQivyKzd6TmtolAO48nHyMHP2DsR2w97mGELBgmKH-PZIQv64UsG5ie9iSoRKeCmzdWtl99ZmH8S3BvJ8aj7mWoJaHKI4qDsh2f6h2aeJ2Ptca1nDqjl2hKxmb6s7zKANsBIlQ8IipTvAgWIYZx_qf_7wLEBrA6AUeIGQchJLfUlb0BDtgOZB8fYGX4TpO0sH1hpFhScPh5DIK_WX6yID1j9lHr2KzHzsOCCWQxpBvPQN7GmmaeMcdUZZ-TCdTnVSviAil1g5_tJj_alVd9AU0Z9Pv1-ZM9_BKD7Q1RrLpeT0Kl1P0N5EcotOmkJIVncDj1tRVViAhHSg772uIyhYpKt7q-76gG4AFJ3VEewwsVrvY0Y3NiNxlRQNc5PplMa9bsUOXJxUtRd9PzDO4kd_DfpHLcpwAyDMyE7aIXnG9Zsr5_i0miU5fvQKjr5MikW7aNIJdiSQkjEGvbwt2Bxp_q4fL3V6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCasGXS08sY6CFAobHhAbagKb4Acme0rFchf6X93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTg4NzM2ODIxMTAxOTQ2N6AB1bbS6gPIAQmpAq8TiY4phLA-qAMBqgTbAU_Q2hLQzp4LQOBe6E3nDKdg0vEAxmaHvvr04Rpotxhew3It6lrINtDdTYtxPZ9b9XY7wdSHF1j0Yxfo75tLwAO78TV1tz16BJ91Zbxd2BOwmwjwMVfH0tWjrFPeFb8WD2jdw_kMNEXH9wUjemzxVhP0GdGohaEbhArobkYE6AALstUlknAO_RoKFmp1eIyaiUxVWVU3-G1URar9Eftn-yT3gc7W5SSYIP42fEjDVmNxe6RPKpfL3AcNguvnxqioXgBBYqasf3U1PKtk6VKgt8jVhZX0ntsJYaY9IIAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1f_5kIfxQ8wjOwfEe_HT2N3DKDgA%26client%3Dca-pub-9887368211019467%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
64d68302274df4ea5a606ea23e107ca5332db9d32f4fe162a31f778d1d7ae5e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
848
expires
Sun, 17 Sep 2023 12:04:27 GMT
all
csm.eu.criteo.net/ Frame 129C 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=UQhDHelIVqdy5RdgPRgShEuUhNd45Vt74IiaeEomF-g_rdWSjHyiVdHeW5we5qYpGF2TOVpwLWc-daZl4jfYw3RopE3vz3aFmgBemKN1toiaZGEPgD_BYZDcXIa_z-JQB4_Q1LbzQgVVPviip8wBewDbMP22QFQwjq5_7MyrsrPhNpeRLGxGqgPUm4HY7GnzJQtBzvNFRBCjfUX2lyFYsDcZk_MtHtmdduSrq0gu1It0y6pdpRlLSCwGqppo_Xm3-Il_jA&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyxPSwAAgqAKwSOGAAmAWrdYRw_484eD0nynDw&u=%7Cb%2FrdAxAKvbd%2FESX0tnmNiGMkTdxTs7sugQQs%2Bi0fI7U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6_1IiGqHu-aiqZ-Vaovf0lfT7o0m8rEHgDiO7Vqy4XEsZThqtTvzxwWGs9K4Qjv7K0KPZvDGONznA-HuFK2xu5e6tzQivyKzd6TmtolAO48nHyMHP2DsR2w97mGELBgmKH-PZIQv64UsG5ie9iSoRKeCmzdWtl99ZmH8S3BvJ8aj7mWoJaHKI4qDsh2f6h2aeJ2Ptca1nDqjl2hKxmb6s7zKANsBIlQ8IipTvAgWIYZx_qf_7wLEBrA6AUeIGQchJLfUlb0BDtgOZB8fYGX4TpO0sH1hpFhScPh5DIK_WX6yID1j9lHr2KzHzsOCCWQxpBvPQN7GmmaeMcdUZZ-TCdTnVSviAil1g5_tJj_alVd9AU0Z9Pv1-ZM9_BKD7Q1RrLpeT0Kl1P0N5EcotOmkJIVncDj1tRVViAhHSg772uIyhYpKt7q-76gG4AFJ3VEewwsVrvY0Y3NiNxlRQNc5PplMa9bsUOXJxUtRd9PzDO4kd_DfpHLcpwAyDMyE7aIXnG9Zsr5_i0miU5fvQKjr5MikW7aNIJdiSQkjEGvbwt2Bxp_q4fL3V6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCasGXS08sY6CFAobHhAbagKb4Acme0rFchf6X93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTg4NzM2ODIxMTAxOTQ2N6AB1bbS6gPIAQmpAq8TiY4phLA-qAMBqgTbAU_Q2hLQzp4LQOBe6E3nDKdg0vEAxmaHvvr04Rpotxhew3It6lrINtDdTYtxPZ9b9XY7wdSHF1j0Yxfo75tLwAO78TV1tz16BJ91Zbxd2BOwmwjwMVfH0tWjrFPeFb8WD2jdw_kMNEXH9wUjemzxVhP0GdGohaEbhArobkYE6AALstUlknAO_RoKFmp1eIyaiUxVWVU3-G1URar9Eftn-yT3gc7W5SSYIP42fEjDVmNxe6RPKpfL3AcNguvnxqioXgBBYqasf3U1PKtk6VKgt8jVhZX0ntsJYaY9IIAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1f_5kIfxQ8wjOwfEe_HT2N3DKDgA%26client%3Dca-pub-9887368211019467%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 22 Sep 2022 12:04:27 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 129C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyxPSwAAgqAKwSOGAAmAWrdYRw_484eD0nynDw&u=%7Cb%2FrdAxAKvbd%2FESX0tnmNiGMkTdxTs7sugQQs%2Bi0fI7U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6_1IiGqHu-aiqZ-Vaovf0lfT7o0m8rEHgDiO7Vqy4XEsZThqtTvzxwWGs9K4Qjv7K0KPZvDGONznA-HuFK2xu5e6tzQivyKzd6TmtolAO48nHyMHP2DsR2w97mGELBgmKH-PZIQv64UsG5ie9iSoRKeCmzdWtl99ZmH8S3BvJ8aj7mWoJaHKI4qDsh2f6h2aeJ2Ptca1nDqjl2hKxmb6s7zKANsBIlQ8IipTvAgWIYZx_qf_7wLEBrA6AUeIGQchJLfUlb0BDtgOZB8fYGX4TpO0sH1hpFhScPh5DIK_WX6yID1j9lHr2KzHzsOCCWQxpBvPQN7GmmaeMcdUZZ-TCdTnVSviAil1g5_tJj_alVd9AU0Z9Pv1-ZM9_BKD7Q1RrLpeT0Kl1P0N5EcotOmkJIVncDj1tRVViAhHSg772uIyhYpKt7q-76gG4AFJ3VEewwsVrvY0Y3NiNxlRQNc5PplMa9bsUOXJxUtRd9PzDO4kd_DfpHLcpwAyDMyE7aIXnG9Zsr5_i0miU5fvQKjr5MikW7aNIJdiSQkjEGvbwt2Bxp_q4fL3V6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCasGXS08sY6CFAobHhAbagKb4Acme0rFchf6X93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTg4NzM2ODIxMTAxOTQ2N6AB1bbS6gPIAQmpAq8TiY4phLA-qAMBqgTbAU_Q2hLQzp4LQOBe6E3nDKdg0vEAxmaHvvr04Rpotxhew3It6lrINtDdTYtxPZ9b9XY7wdSHF1j0Yxfo75tLwAO78TV1tz16BJ91Zbxd2BOwmwjwMVfH0tWjrFPeFb8WD2jdw_kMNEXH9wUjemzxVhP0GdGohaEbhArobkYE6AALstUlknAO_RoKFmp1eIyaiUxVWVU3-G1URar9Eftn-yT3gc7W5SSYIP42fEjDVmNxe6RPKpfL3AcNguvnxqioXgBBYqasf3U1PKtk6VKgt8jVhZX0ntsJYaY9IIAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1f_5kIfxQ8wjOwfEe_HT2N3DKDgA%26client%3Dca-pub-9887368211019467%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 12:04:27 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 129C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YyxPSwAAgqAKwSOGAAmAWrdYRw_484eD0nynDw&u=%7Cb%2FrdAxAKvbd%2FESX0tnmNiGMkTdxTs7sugQQs%2Bi0fI7U%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6_1IiGqHu-aiqZ-Vaovf0lfT7o0m8rEHgDiO7Vqy4XEsZThqtTvzxwWGs9K4Qjv7K0KPZvDGONznA-HuFK2xu5e6tzQivyKzd6TmtolAO48nHyMHP2DsR2w97mGELBgmKH-PZIQv64UsG5ie9iSoRKeCmzdWtl99ZmH8S3BvJ8aj7mWoJaHKI4qDsh2f6h2aeJ2Ptca1nDqjl2hKxmb6s7zKANsBIlQ8IipTvAgWIYZx_qf_7wLEBrA6AUeIGQchJLfUlb0BDtgOZB8fYGX4TpO0sH1hpFhScPh5DIK_WX6yID1j9lHr2KzHzsOCCWQxpBvPQN7GmmaeMcdUZZ-TCdTnVSviAil1g5_tJj_alVd9AU0Z9Pv1-ZM9_BKD7Q1RrLpeT0Kl1P0N5EcotOmkJIVncDj1tRVViAhHSg772uIyhYpKt7q-76gG4AFJ3VEewwsVrvY0Y3NiNxlRQNc5PplMa9bsUOXJxUtRd9PzDO4kd_DfpHLcpwAyDMyE7aIXnG9Zsr5_i0miU5fvQKjr5MikW7aNIJdiSQkjEGvbwt2Bxp_q4fL3V6w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCasGXS08sY6CFAobHhAbagKb4Acme0rFchf6X93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTg4NzM2ODIxMTAxOTQ2N6AB1bbS6gPIAQmpAq8TiY4phLA-qAMBqgTbAU_Q2hLQzp4LQOBe6E3nDKdg0vEAxmaHvvr04Rpotxhew3It6lrINtDdTYtxPZ9b9XY7wdSHF1j0Yxfo75tLwAO78TV1tz16BJ91Zbxd2BOwmwjwMVfH0tWjrFPeFb8WD2jdw_kMNEXH9wUjemzxVhP0GdGohaEbhArobkYE6AALstUlknAO_RoKFmp1eIyaiUxVWVU3-G1URar9Eftn-yT3gc7W5SSYIP42fEjDVmNxe6RPKpfL3AcNguvnxqioXgBBYqasf3U1PKtk6VKgt8jVhZX0ntsJYaY9IIAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1f_5kIfxQ8wjOwfEe_HT2N3DKDgA%26client%3Dca-pub-9887368211019467%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 12:04:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EE3C 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstULfSwic-OMrYqGVAi49ex9b35GoPrQk58bpZLtgu6oXfAm9FwsKa8FHxzZtG_5aUeZz2-JHlKu21rljdP1F_H9Tdo5SglAENTb91ukpRwZ04Vy0oyTZfZnQ1XbLPPkHfojcgxSFvUNRJq7dhq3MLMezONIu-mKXY1rguugyO_dG1jBQIJ0JtIT7afxJS8L65FogV_crk4VWCKy1p7k4qKnUCEH7_NNkSlZVfWPqP_3QGbWuc1-_pv09NfFY46SgCWr_on27zPfahlZc4xZIKYUw3_51nvqsffOGE_3-Kj0bCnYUGja2AfYVz1x_pCBTBaFf3EHBWzSi-bi5SexShSbzFPhKh59cCsnR9p7vsCCavZ3PiINfHy3OVUWK4ppHVJPUwQ8Kzbu3h9oKM9RQ79EnJhWKT_WARRQ_tjd3fm8shY_150dyLs0p1R3yatzRhYZkOuXFrzz5LL6wtjCohC2u8cn_iJ8-mCGIzfomUtdXdVqACKE6d5ibIplnkXID392CWbkOzfpnPedwfNxUpyqRir2Mbx87RTRhS1GBfHfI8ayxA05B8NZ-mp1JJvzGCYikAWJXfrPBVs7C5fupZzb06yyEH35reFn_H70GnSoZUZlp2Kli9Yk9EuBMxsWZx7CYLxhVdcg2G_7VPbvmq7BHtsToAWa_FBt0CYctCG0p1kg10bFnti-Lm1eCp9203XuBGxeyRNQ8aFb3NbRv-bpBAMo0rYiaVQlAmao0Anf-QFFmfzcws9FxOFk5T_elp7fWe5izswgfUrG1QvmCi8Qt9Wl0S2Jfsf7vtx_f4UjhKgdoFJctCXUWinnPqdtnmOaMBLuMj_AtfmEJDkuLBe6pj7HGvgDFMbRUozCuRVrdT1TH9HlugEBBsWqwKB_4RqgF5qil4LDzUibJatiIuonxzNwToD-pwBFmLNeyniamU-sGM6X64ME9-0_nVT2jXy2IYkTpKqJRvqr1KRieesASXrarPqAz0HCOLNoPOJ-Li9CZinPs5zku6Df0CaHE-NF2ejPdQFAmVjENDuXNHgit2JuP9-p0pj_X1Y4XLocPGdqDW51fLr7mlGJu1PqCfTMbOoWmpsfdPirhiDskqrId-AzSEhlZm3bWuXu8XAGlRGES4uTz8kj6XqZZMtkwiAY9uQ4H1VZhVCe_ONshvOqh4z-dibXl9iahj1GNN_1Jg&sai=AMfl-YTss-IW0NVplMw78XQ6jlLMs3MheFVSrLlxPkRDFrkbCLphCsJUyGf4d07-3iudLcZ8SsiDojYs9hwN4uGeNGfFk79okFFjFWCbjm9VUUQtuGw4WlOaRKJgX6d2YH1SedSuOfea4Xea4eym_Nsmnimk9Siu5TtInSiNs-4tTCSPeH-AkxFkJWY&sig=Cg0ArKJSzKuic4qnobB4EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=192&vt=11&dtpt=191&dett=2&cstd=0&cisv=r20220919.94977&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 12:04:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
css
fonts.googleapis.com/ Frame CB6B 		702 B
874 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Slabo+27px:400&lang=id
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
547acc9e82421e913029cc4fb4e65cf7273c615813c18e504b4ac7847b00658a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 12:04:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 12:04:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 12:04:27 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame CB6B 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95ba1b5ada90dda26ddbc4e20cc80aede29d50531d008982a7a3c6eb0bcf46cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1941
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14205
x-xss-protection
0
server
cafe
etag
16523626413598506566
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 11:32:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CB6B 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 12:04:27 GMT
img
pix.eu.criteo.net/img/ Frame CB6B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=942&q=80&r=0&u=https%3A%2F%2Fwww.c-and-a.com%2Fproductimages%2Fc_scale%2Cc_scale%2Cif_ih_gt_iw%2Cw_400%2Cq_95%2Ce_sharpen%3A70%2Fif_iw_gt_ih%2Ch_400%2Cq_95%2Ce_sharpen%3A70%2Fv1650655033%2F2174363-2-01.jpg&ups=1&v=3&w=400&s=279SofWC1hZJ7nuchz7qkgna
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c4ccf1b1589ce78f23995a31801ee5ef302dc747faeaced89106cb946af206e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29117345
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4770
expires
Fri, 25 Aug 2023 12:13:32 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame CB6B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9574
x-xss-protection
0
server
cafe
etag
3447265524526809024
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 12:02:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame CB6B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 11:56:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame CB6B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7568
x-xss-protection
0
server
cafe
etag
16266204680973569043
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 12:04:11 GMT
l
www.google.com/ads/measurement/ Frame CB6B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQToH919KBNzOp9BSwcpuHmUyCTPFV0aP_N6g9fBYLCZPZguvDNfXn_B48dYVHjZ5XdIH7B7hm2ML_yYo5kg86tnvnWEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame 2FF1 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 11:33:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 11:33:45 GMT
css
fonts.googleapis.com/ Frame F7CA 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300,400,500,700&lang=de
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e8d04c3c5a92b571e8b961cbf3a276cf154540095cd023387cd08389c744e4a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 12:01:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 12:04:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 12:04:27 GMT
css
fonts.googleapis.com/ Frame F7CA 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300,400,500,700&text=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e8d04c3c5a92b571e8b961cbf3a276cf154540095cd023387cd08389c744e4a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 11:21:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 12:04:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 12:04:27 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame F7CA 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95ba1b5ada90dda26ddbc4e20cc80aede29d50531d008982a7a3c6eb0bcf46cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1941
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14205
x-xss-protection
0
server
cafe
etag
16523626413598506566
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 11:32:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F7CA 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 12:04:27 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame F7CA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9574
x-xss-protection
0
server
cafe
etag
3447265524526809024
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 12:02:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame F7CA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 11:56:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame F7CA 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7568
x-xss-protection
0
server
cafe
etag
16266204680973569043
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 12:04:11 GMT
l
www.google.com/ads/measurement/ Frame F7CA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSV6DdCimuJPhR7tkpverB-YDR-khVbiwjqeMGPLiDPGvbN9ZU6n6yb8Hp4aJwvPiXXK1uKpT9_WvFrAE8NkVVhPNAisg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
downsize_200k_v1
tpc.googlesyndication.com/simgad/40925857312060195/ Frame F7CA 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/40925857312060195/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIzgUQ-AIYASABLQAAAD8w0AU4-AJFAACAPw&rs=AOga4qkHrk8Bu4aUPXivZleIxnekXB8Wbw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b67b5db86180d6858963b9441a1dea5a229209f47df32e5b328d885a0e544d1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:28 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36764
x-xss-protection
0
last-modified
Mon, 03 Aug 2020 14:45:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 22 Sep 2023 12:04:28 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F7CA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C7cV1S08sY4X7F4rohAaY3o7oBLTAj8RstvfzqZgM7MqUwasJEAEgnra_N2CV4pCCoAegAbXj67oCyAEGqQLxPJwC5HywPqgDAcgDywSqBOMBT9An8n2nih_9m1B-XbyKqgNUv39LsGH6zXuS_eHPVh8rBwFezvob9MuoamowhrkDlvOjV5jkcdXBwkhmlojSsvouDbxAuy0EXRVmhVfT6kyThiCEIDKXwkzbyv5MrcxEpAlTe0XKHemKp9lhfSW8Yjzyy-2HkXAEiNGaiO8e5ZRDSuOpSQx9arTwAmBMDJaHeCT2uxzzu2Uhwv93awDD-MY8Jo-VdtH1i5tcY5aUwO_D9necWbzf-FBW4gPSoTxq4ThVncYJvR0-HzE_ypSSWQiAouHI1q9qlox93A7o5Z_oxJHABO7hpdj2ApIFBAgEGAGSBQQIBRgEoAY3gAeznJTFAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEP_iCtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMMiBQJ0BUBgBcBshccChoIABIUcHViLTk4ODczNjgyMTEwMTk0NjcYAA&sigh=WVpr6fpeny4&uach_m=[UACH]&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 22 Sep 2022 12:04:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame F7CA 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300,400,500,700&lang=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:50:55 GMT
x-content-type-options
nosniff
age
234813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 18:50:55 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F7CA 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300,400,500,700&lang=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 19:34:12 GMT
x-content-type-options
nosniff
age
59416
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 19:34:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2FF1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoepzSk8sY7CEPP7G1fAPt5SWiAsAAAAAOAHgBAI&bg=!BAelB0PNAAZqQh0mSkI7ACkAdvg8WuSgD-PuyXpPljsUI8Cnh4ijeCoyJAJewXW3ygQFFXs_r2zD5wIAAABwUgAAAAFoAQeZAwGHIupUcvvaxrXBzm0R-IAE3s50k5wyTG-VgX0ME60_TOM_XQOxNkJeC3VuiHZkY8IRTcs-xS9xWVOujhriJOrDPfjLEUDyHQBMtMxghO3Wse9OervCvKk2eP1Qw2lRgS3po0PcTCTTvJaVkd1cjgE0-4xM_12nJTHQdMZ8jw5bRy9YOK4luPGQ5N6fLoOKVNd5DNIotlxquKszQ_SPpZ7n8pkTr7HzUqMo0rpaCI9X5a2rSD6jmTkYcCghRSMGrzPJJRkfd5fN8ni8BvAo_-8yA9HSoSCD-BlBHRL2ISAC745pY2lmEegCpO1Goh7Q8VCOWbDgQV9gk5XEE7FibsWtVT6DzaIP7SfFPF2uEUVsQqUNrwm3ou0jEz8Samst55KZS9Y_byVY_kACbdn_licaPimhwJvbCmV-B15yT1DwTgVU0_wGC7nnpQoBWjmHpvu77jbQIgEJGsy4smoSElMnBsyWb7EQ2y-5hhHNfcSGEjceIireEogaAD7AZVvhcC6tSDyRVJxyr8vVKNyuJ7VgKjx2YWG38CePpSoL5sERZmImqN4T9OMB1xTHc9izWKR8AFu6k_LimyTtqJvHT-bQNp7SD39JUQI6zEW-Vk6l9Qn4fGJcyq0UJppzduUyzqTe_LE8vRy6dJoTbtUN_5mSY9cDy398tuXIyDkP5fAa92dLZ7bUGwFbV2x5oL-7QtPMuSZETTh1yk3evYj35rm-ThGu8cG1dvE8AzCyUYyJ720qoGB5-tDkBISV-uM9rCAD2RxVsbR4bHf5RcIE3x5k2H3zaCOfI_L6sBvZRe_EN5V4qiSjBrGqDZyuJdmSRCmjPjEYigVA8KjB3Ut6DL60-WIw1DH-VfB1fj2yanRtPGbYjPxOMW78uLyMmht-wcu_F_SowKPAjE12WwVPDOJ4caW_9dKoR9gUUr0tFQErA5ag5zIL5eLghDczGGkekUHfQcC6LOXBRtV_pXhLMmyJ5txk_JUk6jmiGdA-o5K-XHO5ufRSJAZJ0E7fdmAjnzE4
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame CB6B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CNJwoS08sY7OsF5-Nrr4P1ZO34APJntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05ODg3MzY4MjExMDE5NDY3oAHVttLqA8gBCakCrxOJjimEsD6oAwHIAwKqBNsBT9CB-UcFk-o7Z5iuklVLbUJ72MP38D64cR5XVvDiftOcVaSe9UnbYiAqUtDqOJZv79aCPumPtns9diV8JJAfn9dDqU1Kr_IanC088Ylk7jxcPIhqPY0rxLRmyOMDn5qi8CR1uf2WY1kuPb2G409x0N3Jj7W3gQLeZ0jnl90ExBvtl345d0-NA_TRysaYCyy3_ECMgW_3OQZVFyaPVbE1_j4cBT3H_fod_P9j2JW569uCWD8B5-_g69dPvBJDPS4Q6xjJ_31sWWnwFGD5ZivWHu9JeQVCEA-4gewLgAb9uOyklcyj1N8BoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05ODg3MzY4MjExMDE5NDY3GAA&sigh=QEfuxc88cws&uach_m=[UACH]&cid=CAQSOwCsnQUxx30aaX5Wj59KGaz3rtbA90DSpOoW8IMpGPv3ap_2vspjCgkA0xJL-Mi3RBmcdzNgO4yx3o5mGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 22 Sep 2022 12:04:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
lgn.php
cat.nl.eu.criteo.com/delivery/ Frame CB6B 		43 B
347 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cat.nl.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=RnAulD5_umRhY8GMAhKK27AIbnzSn8W-KETAJv3P3PkNvg8GowMvy_tEjKZANZ69T7Xi4hHnT0ZBHWkSStRyC0_0EhC6faf2n1as0AidWYOWk859F794i_fpcFjwUdptts6K4t7pHqL0w3elAr_4zgZWUt-6ZeY50PtbyvLXkKbuVHxGAmtvXXuZvnEGTpkUHMdvIN1JeyRjZECQSsx2ARZjA-FsKkZKu5XlCLWuWTH5UKoR_5wVwQtQt_uxWkx3bafdItGQ8AapvAaX8znNRI_g18c0G2Czu7U0kkpengdk5ywFhnrubQzixc9mF69ca0el_zWtx0oeIzV7ufCSNuxWQZ_iSoXRdVLBdumYARckZ5Kq53bJYX3kGMVrf8S6VUyLfRoaFrcWvGPXTRY7Yax7ZkrsWbWalBeUDEmD2FC9zS8l&z=YyxPSwAF1jMBy4afAA3J1drbTKMcyzOeEWNcfQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:27 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2647828
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame CB6B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kODuEorGMAAAnYNiAgIAAACkibcEALRHRBBLTyxjlpYhTLL-j5hfCl0AEgMB&wp=YyxPSwAF1jMBy4afAA3J1drbTKMcyzOeEWNcfQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
server
Kestrel
server-processing-duration-in-ticks
290811
content-length
0
strict-transport-security
max-age=31536000; preload;
adview
googleads.g.doubleclick.net/pagead/ Frame CB6B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CaSyqS08sY7OsF5-Nrr4P1ZO34APJntKxXM3x4t2IAcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05ODg3MzY4MjExMDE5NDY3oAHVttLqA8gBCakCrxOJjimEsD6oAwGqBNsBT9CB-UcFk-o7Z5iuklVLbUJ72MP38D64cR5XVvDiftOcVaSe9UnbYiAqUtDqOJZv79aCPumPtns9diV8JJAfn9dDqU1Kr_IanC088Ylk7jxcPIhqPY0rxLRmyOMDn5qi8CR1uf2WY1kuPb2G409x0N3Jj7W3gQLeZ0jnl90ExBvtl345d0-NA_TRysaYCyy3_ECMgW_3OQZVFyaPVbE1_j4cBT3H_fod_P9j2JW569uCWD8B5-_g69dPvBJDPS4Q6xjJ_31sWWnwFGD5ZivWHu9JeQVCEA-4gewLgAb9uOyklcyj1N8BoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05ODg3MzY4MjExMDE5NDY3GAA&sigh=5PeNbnGIwK4&uach_m=[UACH]&cid=CAQSOwCsnQUxx30aaX5Wj59KGaz3rtbA90DSpOoW8IMpGPv3ap_2vspjCgkA0xJL-Mi3RBmcdzNgO4yx3o5mGAE&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 22 Sep 2022 12:04:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 893E 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1506
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 11:39:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2B17 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
9663
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 09:23:25 GMT
etag
48472445140208031
expires
Fri, 23 Sep 2022 09:23:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame CB6B 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59d21a4d3dfaacbfeb47825dc9bedd3d16bafcd4467953d5603246c43f2a3cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
mFT0WbgBwKPR_Z4hGN2qgx8D1Q.woff2
fonts.gstatic.com/s/slabo27px/v12/ Frame CB6B 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/slabo27px/v12/mFT0WbgBwKPR_Z4hGN2qgx8D1Q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Slabo+27px:400&lang=id
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40a107df0695c5f1741f0d7ec22820ed31c440b29c07c111a6aaad7eec3a2558
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 21:20:10 GMT
x-content-type-options
nosniff
age
571458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15872
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:26:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 21:20:10 GMT
dpixel
cms.quantserve.com/ Frame 2B17 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEASBHV2U-wItJjuu9AzpQLg&google_cver=1&google_push=AZmPxg-AU1hGSb7HmNrEDMJiENoBaMlgBtmyTw85X-6ZsSrI2QtSxlr4w5iziwm4Ti29UNFJtughvN3QF7dJtQ3TNcxynnMuV8iN
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 2B17 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg-Pljd7hd-ohg6WOdND1jlhUhLsCthwma7JnKE6N4PIPyR3LLWhsqihVvKwkIsbVlcoqIUcsfBw0prvjN_iUm0roOqV9Q0&google_gid=CAESEKcbTm-xN4jYsMkqM0Jziiw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:28 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame 2B17 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESECy6aH3mUcoVstXsWppum3o&google_cver=1&google_push=AZmPxg_ytywMOvzrTnh5aipRSkgO0KDlMYRZ6lGh4SGhJjLqr4F1beRabXVGlGxVXcvPbUVrcUwvltqnMBGHHL_h3A9SEnxfiS8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:28 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
lvnsklk2dahl722ik4g9f4dk8ratnb39
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 2B17 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENzHi8ZAPnkVynsiEyatTT8&google_cver=1&google_push=AZmPxg-RAo95-L9V0imBdf4tsbPdoVFN3YTLylIORHJejGJAg-qDmjWyrymvBC3nDwx_zMdccmx_zW9nTUvuFXw96VZIM7s-Dp8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 2B17
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO8KVBocGvEagPGb0mapl40&google_cver=1&google_push=AZmPxg-WBqKO6jBJHBffusoP0nwYk45LeiE4o-hKJnKTx09qaJV-AKguR_aEXdI1PlYiVNqj-88...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMEFTN1MtUS1JUlNT&google_push=AZmPxg-WBqKO6jBJHBffusoP0nwYk45LeiE4o-hKJnKTx09qaJV-AKguR_aEXdI1PlYiVNqj-88mcaIce3V_3SRAAMEOomNNMeU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMEFTN1MtUS1JUlNT&google_push=AZmPxg-WBqKO6jBJHBffusoP0nwYk45LeiE4o-hKJnKTx09qaJV-AKguR_aEXdI1PlYiVNqj-88mcaIce3V_3SRAAMEOomNNMeU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Protocol
H3
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMEFTN1MtUS1JUlNT&google_push=AZmPxg-WBqKO6jBJHBffusoP0nwYk45LeiE4o-hKJnKTx09qaJV-AKguR_aEXdI1PlYiVNqj-88mcaIce3V_3SRAAMEOomNNMeU
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame 2B17
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENDtW7XscaOK49AoGOM16AY&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENDtW7XscaOK49AoGOM16AY&google_hm=YyxPS-wEMUC0oRL6JyErrgAABIoAAAIB&google_nid=index&google_push=AZmPxg99v2q3RquklyyGZSOq5ucSUGgDhQ3ix...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENDtW7XscaOK49AoGOM16AY&google_hm=YyxPS-wEMUC0oRL6JyErrgAABIoAAAIB&google_nid=index&google_push=AZmPxg99v2q3RquklyyGZSOq5ucSUGgDhQ3ix-clArxE9_MpX5gZzTeytewziZCNLVQZwvJrsqm3jqRSx7AYfDMRF7QICi4evvw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Protocol
H3
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xpyep%2BMLj3jNF40539UunKp1RnvoSzk92QpIvo1maRgv4vp1u%2FyxTWz7rT7%2FUEKb3ayDD4nukqDlj58wg7OT1bw7764hent1F%2BmLDLBvrgUSLLcX2iliCPOy3FDqK%2Fqp%2BQrnDFO7%2Bdx08Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENDtW7XscaOK49AoGOM16AY&google_hm=YyxPS-wEMUC0oRL6JyErrgAABIoAAAIB&google_nid=index&google_push=AZmPxg99v2q3RquklyyGZSOq5ucSUGgDhQ3ix-clArxE9_MpX5gZzTeytewziZCNLVQZwvJrsqm3jqRSx7AYfDMRF7QICi4evvw
cache-control
no-cache
cf-ray
74eae73bafd7915c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
googleredir
googlecm.hit.gemius.pl/ Frame 2B17 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 2B17 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LJyrMY85-1wQuQds_QJpJ3aHze2r94Aaamj7DxIWEJB1WGeZHLOLDISEka5pYJIHQDu7m64g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 893E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=90&adk=807077138&adf=2524519737&pi=t.aa~a.2294968374~rp.4&w=300&lmt=1663848267&nsk=5515c64d&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=300x90&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=2&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280&nras=3&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1040&ady=1276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=33SUk9gAf3&p=https%3A//levitrares.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 22 Sep 2022 12:04:28 GMT
expires
Thu, 22 Sep 2022 12:04:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 12:04:28 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 19A2 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1506
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 11:39:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6BC1 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
9663
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 09:23:25 GMT
etag
48472445140208031
expires
Fri, 23 Sep 2022 09:23:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F7CA 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c57ba46b05b773fee460f305427d4c65e72b096d8ac7ce30daf575d8aeeb2afc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 6BC1
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEhHFLKl0g4N7Va7dWty7Uk&google_cver=1&google_push=AZmPxg91wXUJ76Iq8ok6ZbPV1slMF-RcJeTmwjZ8fc3F6W5IngwqxerM_Z...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg91wXUJ76Iq8ok6ZbPV1slMF-RcJeTmwjZ8fc3F6W5IngwqxerM_ZVaY6r7iVmKRA-zK-_0p6CE-mMGCS3q2Yf5NIKw_S8&google_hm=uBlJSz96bMPmt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg91wXUJ76Iq8ok6ZbPV1slMF-RcJeTmwjZ8fc3F6W5IngwqxerM_ZVaY6r7iVmKRA-zK-_0p6CE-mMGCS3q2Yf5NIKw_S8&google_hm=uBlJSz96bMPmtOaIRruH2A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Protocol
H3
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg91wXUJ76Iq8ok6ZbPV1slMF-RcJeTmwjZ8fc3F6W5IngwqxerM_ZVaY6r7iVmKRA-zK-_0p6CE-mMGCS3q2Yf5NIKw_S8&google_hm=uBlJSz96bMPmtOaIRruH2A
pragma
no-cache
date
Thu, 22 Sep 2022 12:04:28 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6BC1
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8tWwaI...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8tWwaI...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxMjA0MjgwMDAxNjQ5MjQ0MTI1NA%3D%3D&google_push=AZmPxg8tWwaI9ln7F31ld-b0Td4qFWN_Yup2zyKLbC4pgBHZwLuDzv68s1Jb7SqWkjMD1T...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxMjA0MjgwMDAxNjQ5MjQ0MTI1NA%3D%3D&google_push=AZmPxg8tWwaI9ln7F31ld-b0Td4qFWN_Yup2zyKLbC4pgBHZwLuDzv68s1Jb7SqWkjMD1TWMv50-AG9xKRnIOLzxdibSzRg52A
Requested by
Host: levitrares.com
URL: https://levitrares.com/
Protocol
H3
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjIxMjA0MjgwMDAxNjQ5MjQ0MTI1NA%3D%3D&google_push=AZmPxg8tWwaI9ln7F31ld-b0Td4qFWN_Yup2zyKLbC4pgBHZwLuDzv68s1Jb7SqWkjMD1TWMv50-AG9xKRnIOLzxdibSzRg52A
pragma
no-cache
date
Thu, 22 Sep 2022 12:04:28 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Thu, 22 Sep 2022 12:04:28 GMT
dds
rtb.openx.net/sync/ Frame 6BC1 		43 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEG5Mw5MyYwqy4H4qbRw4ypY&google_cver=1&google_push=AZmPxg_YubwNUL9dneBjkHNaZeklJwAOBlzQioD9Rd69ApMglNJYBxNylwaQcDoW27ofpVQx9CG9_63IkDDKaqCqn33A6rR0xYQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:27 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
ql2sc1ifrnsgqe0tq1vipb7u947decte
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 6BC1 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJZB1aCx0qpDkMA6FcxKGFw&google_cver=1&google_push=AZmPxg8elGrfic2y_wo4od4YR2whzqZHmV41YXR0Aw-JBE-MGt8cc7WnZRWCHqMynN2_uCQDxPvP91vQenRButbh-V40VGUjJr0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 6BC1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJGC1DW01vqS-4IWQJDEQ_c&google_cver=1&google_push=AZmPxg9c-gIKn_ArIPrvuyQuhzSEDEtLEPk5rUdHC2q5Mg_-SpHkQ5QDwfCGR5BrsLLRrb6ZP7G...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMEFTOTMtMjgtSUlG&google_push=AZmPxg9c-gIKn_ArIPrvuyQuhzSEDEtLEPk5rUdHC2q5Mg_-SpHkQ5QDwfCGR5BrsLLRrb6ZP7G0tYlt919QKgZY9wV_hmko5b4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMEFTOTMtMjgtSUlG&google_push=AZmPxg9c-gIKn_ArIPrvuyQuhzSEDEtLEPk5rUdHC2q5Mg_-SpHkQ5QDwfCGR5BrsLLRrb6ZP7G0tYlt919QKgZY9wV_hmko5b4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Protocol
H3
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMEFTOTMtMjgtSUlG&google_push=AZmPxg9c-gIKn_ArIPrvuyQuhzSEDEtLEPk5rUdHC2q5Mg_-SpHkQ5QDwfCGR5BrsLLRrb6ZP7G0tYlt919QKgZY9wV_hmko5b4
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame 6BC1
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBlX9Efi9mngHNZFoFH7KRQ&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBlX9Efi9mngHNZFoFH7KRQ&google_hm=YyxPS-wEMUC0oRL6JyErrgAABIoAAAIB&google_nid=index&google_push=AZmPxg_r9DIMoy2dw_9I-ujmNK_l-WEbAyExm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBlX9Efi9mngHNZFoFH7KRQ&google_hm=YyxPS-wEMUC0oRL6JyErrgAABIoAAAIB&google_nid=index&google_push=AZmPxg_r9DIMoy2dw_9I-ujmNK_l-WEbAyExmgV6STb_IQHNwtUqPkkdO6pj_5XDfSn6oShh3OpndtP8FjmA3VGXmFbQBMzRw2Y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Protocol
H3
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyP30%2FvGmzMmTVlxtZH4%2B7ydVwxCs0%2Fi4SVMYfe9UqYCcEHfkNBHoIzvlf82dGGUT%2F9vG0EtlNIfY0KYUhPzv%2BoxUaAkK175V6qgeluoIwJ1rmFrtw0asQboA19xXl%2BJsgSbVoYcnVmDBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBlX9Efi9mngHNZFoFH7KRQ&google_hm=YyxPS-wEMUC0oRL6JyErrgAABIoAAAIB&google_nid=index&google_push=AZmPxg_r9DIMoy2dw_9I-ujmNK_l-WEbAyExmgV6STb_IQHNwtUqPkkdO6pj_5XDfSn6oShh3OpndtP8FjmA3VGXmFbQBMzRw2Y
cache-control
no-cache
cf-ray
74eae73c2dc79007-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
googleredir
googlecm.hit.gemius.pl/ Frame 6BC1 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 6BC1 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Khz453a0AaSMs50DsKXRvMvhDcTTQha0bb-LsjtL8h_qGVRkoE5sHCrhS-NUFKQMXkxFa6SQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 19A2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 22 Sep 2022 12:04:28 GMT
expires
Thu, 22 Sep 2022 12:04:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 22 Sep 2022 12:04:28 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 818E 		16 KB
976 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300,400,500,700&lang=en
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e8d04c3c5a92b571e8b961cbf3a276cf154540095cd023387cd08389c744e4a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 12:04:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 12:04:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 12:04:28 GMT
css
fonts.googleapis.com/ Frame 818E 		16 KB
976 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300,400,500,700&text=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e8d04c3c5a92b571e8b961cbf3a276cf154540095cd023387cd08389c744e4a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 10:17:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 22 Sep 2022 12:04:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Sep 2022 12:04:28 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 818E 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95ba1b5ada90dda26ddbc4e20cc80aede29d50531d008982a7a3c6eb0bcf46cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1942
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14205
x-xss-protection
0
server
cafe
etag
16523626413598506566
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 11:32:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 818E 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44544
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663587528796173"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 12:04:28 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame 818E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9574
x-xss-protection
0
server
cafe
etag
3447265524526809024
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 12:02:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 818E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 11:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 11:56:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame 818E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7568
x-xss-protection
0
server
cafe
etag
16266204680973569043
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 06 Oct 2022 12:04:11 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/16398096862031507086/ Frame 818E 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16398096862031507086/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIzgUQ-AIYASABLQAAAD8w0AU4-AJFAACAPw&rs=AOga4qkiw-XshpKpCOkqqyDZYvRjs8QANQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ffda64cfd585c170d72bea783c7da2555b967ef83cf11fd9778845dff6c1f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:28 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33121
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 11:56:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 22 Sep 2023 12:04:28 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 818E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CJu11S08sY7iiF5GWhAWRl6jwDPHl9LZs7fXpoKwQwI23ARABIJ62vzdgleKQgqAHoAGb2t3uKMgBBqkCRoFj54dFeD6oAwHIA8sEqgTxAU_QLTm1LPWYZ9gftmXxl7z55l7pdb0fYHuYNLAhSEyp59czVardqlHm-qb9BhRLNEl58jSunn_e3f0JbQ2fxJIFo8WFQE6VGbEAj3wAJ1LCLJpMDtSEiKFbgGO9bZV2CwmKU2t-Y6AYgNspJst3f1urAu4X-ME9LUeiWHu-HDVtx97Lk3BilVFY7TwckBHAKgdKz7gjgJjxvHn-GcchKDIKfVTHee44hOqUpJPpf4UIMq9VR0Cc21R1gdMNisPlxMSeacan4BRPI-mRbqsgqxEMnyQTyvTqFzawDWTWEHWtnNGKm_2omS4-RR6G-RSFCMnABOnv6OaYBJIFBAgEGAGSBQQIBRgEoAY3gAebkq7OA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENukMNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTk4ODczNjgyMTEwMTk0NjcYAA&sigh=xiMj-Z3ejLc&uach_m=[UACH]&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 22 Sep 2022 12:04:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0427 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1506
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 11:39:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7841 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
9663
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 09:23:25 GMT
etag
48472445140208031
expires
Fri, 23 Sep 2022 09:23:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 818E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
925e827348ae2e4c7508420b2e5415ba20ddaaaeac65b03e4e276d08ad9a339c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 818E 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300,400,500,700&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 18:50:55 GMT
x-content-type-options
nosniff
age
234813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 18:50:55 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 818E 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700|Roboto:300,400,500,700&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 19:34:12 GMT
x-content-type-options
nosniff
age
59416
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Sep 2023 19:34:12 GMT
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame 11C0 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=1072935897&pi=t.aa~a.716979773~rp.4&w=760&lmt=1663848267&nsk=2f5d894f&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=-M&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90&nras=4&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=2879&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=9L2YtRu6iU&p=https%3A//levitrares.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 11:33:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 11:33:45 GMT
dpixel
cms.quantserve.com/ Frame 7841 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDC0o9BBsrgIWagVcy_wy_Y&google_cver=1&google_push=AZmPxg8s4MKVlaJ94uE2YAMW_EkNnI01SAAWpr63VHGLtOsDRCMk_EEH68PXH7E4QEajvr6vMRzsE9mfkdZElVmngg93gZYUwrM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:28 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 7841 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg_xJ7rlEoBvnlgx2Y09SInXpyPECi6_wOaAf7IgTHhEIuDRYKZibg_eHjvfJGlnxEMdAHbnbPMkTQOzHe0CCXYLETWgcQ&google_gid=CAESEHqfl2ZCIOaNNCe1rCaizaQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:28 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
odr.mookie1.com/t/v2/ Frame 7841 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEDqkqXN3Pq_pCVecLe4cg4M&google_push=AZmPxg_ll7xX90RqUnhJ1FA-7cqOloqffAY9pU8Y_1kIQjmvtuuw2Z-RVZRPknZnX1o0eco3Tm6WpdncI7NoW3H5vsoR40Ou20M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:28 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 7841 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEPF4n8PCHhIwE_SqABNt6lY&google_cver=1&google_push=AZmPxg8Sx11l5hsv1vLlEhfFjJzrcgGdUC3Z0QkwJRXcAaBvJtoQ1I3GhqOXPJpVGaTemdtAXmquqS1P6nzxolMcKqZDKMV8XBQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:28 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
hudaqutcgr2gfrahe45vms4p5jjsh3tq
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 7841 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL3RcZ2x5_fE9m-YYy9Zqh0&google_cver=1&google_push=AZmPxg8c5MLpFEQ29E7H5i6kUon0TjNu4Zfm2lox7uJU7Uzkt5Bk60pD5l8__MpVwUTBtFX_d30bEDdVsGwnsxZ3_HoRBYmfA_E
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 7841
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMaeCUBIBSpDTnb3v53zthA&google_cver=1&google_push=AZmPxg9b0cMaAUyw_Wo06WJ9L0X9rzF5TEo7c4r0BD86GuEm0VL0T6Fs5XpZJwov1VV-Ga93Ydx...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMEFTRjctVy1HT0cx&google_push=AZmPxg9b0cMaAUyw_Wo06WJ9L0X9rzF5TEo7c4r0BD86GuEm0VL0T6Fs5XpZJwov1VV-Ga93YdxYDgtydyxGAAWNgBKK9HD2DuQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMEFTRjctVy1HT0cx&google_push=AZmPxg9b0cMaAUyw_Wo06WJ9L0X9rzF5TEo7c4r0BD86GuEm0VL0T6Fs5XpZJwov1VV-Ga93YdxYDgtydyxGAAWNgBKK9HD2DuQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Protocol
H3
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhEMEFTRjctVy1HT0cx&google_push=AZmPxg9b0cMaAUyw_Wo06WJ9L0X9rzF5TEo7c4r0BD86GuEm0VL0T6Fs5XpZJwov1VV-Ga93YdxYDgtydyxGAAWNgBKK9HD2DuQ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame 7841
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGH7fSUBpoPmQaeskPRvO54&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGH7fSUBpoPmQaeskPRvO54&google_hm=YyxPS-wEMUC0oRL6JyErrgAABIoAAAIB&google_nid=index&google_push=AZmPxg9sXQPugFbXa5BHuZ3EYU4pvECXtVQKw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGH7fSUBpoPmQaeskPRvO54&google_hm=YyxPS-wEMUC0oRL6JyErrgAABIoAAAIB&google_nid=index&google_push=AZmPxg9sXQPugFbXa5BHuZ3EYU4pvECXtVQKwMwHHgpW4RcBW5h9tqJVDv-xEsVUtuwBOW6nNk9dTIGByQ0f_FW3ySpr7GHinXs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Protocol
H3
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FNzFAMf7GeBeE9YhXjxrUwXJUvXtO9lf8vv0UT05mBkbYpBWfcwh5RBitED7OY1FARL60AG0pCjtksyaz0P0pLqdjDlzKMm46U1evUMYHh4AhKO7%2FNG0kBhh6BGzqr7pBQ8I0KF0SRktg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGH7fSUBpoPmQaeskPRvO54&google_hm=YyxPS-wEMUC0oRL6JyErrgAABIoAAAIB&google_nid=index&google_push=AZmPxg9sXQPugFbXa5BHuZ3EYU4pvECXtVQKwMwHHgpW4RcBW5h9tqJVDv-xEsVUtuwBOW6nNk9dTIGByQ0f_FW3ySpr7GHinXs
cache-control
no-cache
cf-ray
74eae73d6ff79007-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 7841 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JrSkexRHwDUgw0iA-VWmr4ab0qosPvHS_AqSvF0PbLRnPDNyMEnpQVuQ3jyxIBJXH-YZ_S
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0427
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 12:04:28 GMT
expires
Thu, 22 Sep 2022 12:04:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 12:04:28 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220919&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9887368211019467&plah=levitrares.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f941c87661e09d7ed6434be70bfb431599b6023df7e9791bda987bc237d8346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Sep 2022 12:04:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11172
x-xss-protection
0
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame 4D26 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=575&adk=1771000350&adf=3789639019&pi=t.aa~a.1268685788~rp.4&w=760&lmt=1663848267&nsk=aa5793e2&rafmt=11&pwprc=7179978295&psa=0&ad_type=text_image&format=760x575&url=https%3A%2F%2Flevitrares.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848267279&bpp=1&bdt=982&idt=0&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D191f7ff774d1ca63-22a1b42d29ce00eb%3AT%3D1663848266%3ART%3D1663848266%3AS%3DALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw&prev_fmts=0x0%2C1200x280%2C300x90%2C760x575&nras=5&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=4218&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gUQaeamBhx&p=https%3A//levitrares.com&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 11:33:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 11:33:45 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9887368211019467&plah=levitrares.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 22 Sep 2022 12:04:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 056B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://levitrares.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
958
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 11:48:30 GMT
expires
Fri, 22 Sep 2023 11:48:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 25C9 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ef005d3366cfbe4b79cbca3cabe824358f847d7707465b14ad86bef744bec66d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UXzc4QFApdAGsQ6Lo-lBXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://levitrares.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-UXzc4QFApdAGsQ6Lo-lBXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 12:04:28 GMT
expires
Thu, 22 Sep 2022 12:04:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame 056B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 11:33:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 11:33:45 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 25C9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220919&jk=1257828415750013&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 056B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?wXWZMQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 12:04:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame EE3C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu978_z9f546jFoLsJTfv4gX0JqNNm0QiOaQcAL66Y9ONwdIyx02byvs3IScwMh_gRPEKVnP_RR8ySkfM9vu4Em-C2ftd22WDfmphxoW3jyZ3h9EX3TJKb4briN&sai=AMfl-YTz6DWdZWmFGh3NidECIZf0UWjiqyKrltPoktW9_ZmKJfnSWUcGhOag4XQRh16uJSMpHL71_Ptmkxp5&sig=Cg0ArKJSzG37agC_V1bsEAE&cid=CAASBORodzs&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=531,1000,1000,1000,1000&tos=531,469,0,0,0&v=20220919&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663848267442&rpt=471&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220919&jk=1257828415750013&bg=!r6ylrOjNAAZqQh0mSkI7ACkAdvg8Wt9R0ZCpYnXmSP8v6tEN0-6uwyQ_XfZDrsvLtJmKCx9qFla60AIAAABFUgAAAAFoAQeZApzmGI6dB0fa_a9fEakdYVXsDB1TqPkauSDC6C__YadLO6VcXMPD-4RjTSeHosrTpOFsBVkZDOXIhGSDHKZv1KX_ttFMr1htbRxie-vkXEZ5QKuZLGCv2FOfsnOqwHWvDiRFUBmAa7sIv50pqwMubLx9lNByuxc9qgfUMiBuFuNw4Ie_k0Zsu3pyIOGTpd8u4H2flz2Cujzrnhm7GSFr95ifCNsvKUn00hrpB3B0hIsJLuVGHmosZ9qo6Tt6acrCKtWo2BVLvM2conZGoD5_vxxMchZnPoXoR8MKBWe6VDMImrvRx63gkfIjmyvMCTVTSe0F2QKVxHQnjdtqooEnKvERFtQ8kCFaxB8MhpY6BHe3oOXqlWoh8o8eBQEsuXiJXx27zWCz7g9Tyt-GLvF5c1TXJWgedA4fSQBrQyqCAyp6ZonHflrgimWDzUDOYpI-ze_FIpFwK7uZs4jVZgb_1udJ5INjh54tUnaSDH1LcsWoohq01Kkvon3y2smabDGuRz1vgqRUugj9b1eD16N-yO0g2KiS6h3Ow7AEodbLo5_7KZaDWPVfcVeFprAlSjhLleNROlJ0oLUfH9qFyTHKB3l7QOeC3PFo5OVXpzZO1ms_2yRjLip2rY83GgEyaGIQ1G-hNQR37y_2-4n2MUxSbwFc0c_ToNXdm_stoErxZVmK3_QY1_-Z2Q_tk3rBl9izJUmWSCDlDjEl_5zxx6QGuJQLpyVqUFRDRm0M9uzfyM8jc6ioKqXwSJgf1uCBDDEg_00EncX7cWHhOhHnmaihakyQK7LQk7hXrrrBy8JMpED1pf4m0nKj6Cf472nI2FA7Slc1AENvVQkQkwvWM24AcfYCB3tqw3IlwTCF8P259_jhuWkRi4Ekcve9_tt9Gw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Y8NS3XF3SB&gtm=2oe9j0&_p=1842177772&cid=1001270254.1663848267&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=2&sid=1663848267&sct=1&seg=0&dl=https%3A%2F%2Flevitrares.com%2F&dt=HargaDepo%20-%20Daftar%20Harga%20Di%20Depo%20Bangunan&en=scroll&epn.percent_scrolled=90&_et=153
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y8NS3XF3SB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://levitrares.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Sep 2022 12:04:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://levitrares.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hargadepo.com
URL
https://hargadepo.com/wp-content/themes/mudra/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Domain
hargadepo.com
URL
https://hargadepo.com/wp-content/themes/mudra/assets/fonts/fontawesome-webfont.woff?v=4.7.0
Domain
hargadepo.com
URL
https://hargadepo.com/wp-content/themes/mudra/assets/fonts/fontawesome-webfont.ttf?v=4.7.0
Domain
nodejs-2e7.pages.devback-button.js
URL
https://nodejs-2e7.pages.devback-button.js/
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKyyCxRXOXhy4h-T4QwcWAc&google_cver=1&google_push=AZmPxg_mWgj4Y_1D29mTX_JllEqfaW0WD20xrk-P-LR8aLulHmjLMqRXSxbKWpnKkJXqOBnFR28yRMQSrQgtXrR_R-Igg6OxYGIoHQ
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEICgVIMvCLgjT4RirzrTJko&google_cver=1&google_push=AZmPxg97PNAIH_Kmc6Isw7qjpdCsuEkMy7diz-K4O3ikB685Da_h4GW62RE5tL5s-M2fKssHVjBiNIbTnJMbTT8H7hhFpXfNx8O8

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages string| hostUri object| _Hasync function| gtag object| dataLayer function| chfh function| chfh2 string| _HST_cntval object| Histats boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_511 function| histats_canvascounters_base.js function| loadNextAds function| closeSwallFromAdClick object| google_llp object| google_tag_manager function| onYouTubeIframeAPIReady function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| _HistatsCounterGraphics_0_setValues object| googletag object| GoogleGcLKhOms

29 Cookies

Domain/Path Name / Value
.levitrares.com/ Name: __gads
Value: ID=191f7ff774d1ca63-22a1b42d29ce00eb:T=1663848266:RT=1663848266:S=ALNI_MY-UqTyZenNjBEJqw6YJLt-fCnYRw
levitrares.com/ Name: HstCfa4459743
Value: 1663848267123
levitrares.com/ Name: HstCmu4459743
Value: 1663848267123
levitrares.com/ Name: HstCnv4459743
Value: 1
levitrares.com/ Name: HstCns4459743
Value: 1
levitrares.com/ Name: HstCla4459743
Value: 1663848267154
levitrares.com/ Name: HstPn4459743
Value: 2
levitrares.com/ Name: HstPt4459743
Value: 2
.levitrares.com/ Name: _ga_Y8NS3XF3SB
Value: GS1.1.1663848267.1.0.1663848267.0.0.0
.levitrares.com/ Name: _ga
Value: GA1.1.1001270254.1663848267
.adnxs.com/ Name: uuid2
Value: 6914763288261885356
.casalemedia.com/ Name: CMID
Value: YyxPS.wEMUC0oRL6JyErrgAA
.casalemedia.com/ Name: CMPS
Value: 1162
.casalemedia.com/ Name: CMPRO
Value: 1162
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$Ss#[XB!]tbPl1M>e)ZlrFUfJ+tGXxoeL+SkEKE4egQk[IyF6Mtm8zS^!_/$YP+j_LN3If)y3KL9D3I?+<#?ZVP
.quantserve.com/ Name: d
Value: ECsBCQGUJ4EA
.quantserve.com/ Name: mc
Value: 632c4f4c-151e1-7c189-f6b37
.doubleclick.net/ Name: IDE
Value: AHWqTUnvcMBUY3oGfkkoiqN3nTiWAEJu-iRM1FFwn6dHoTuavmRNPmeCmxjnLoS3XFk
.doubleclick.net/ Name: DSID
Value: NO_DATA
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.casalemedia.com/ Name: CMTS
Value: 5129
.addthis.com/ Name: na_id
Value: 2022092212042800016492441254
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 632c4f4cbf761b69
.addthis.com/ Name: ouid
Value: 632c4f4c00012f86945ec1e5933f0e860139d1031e4bde9ac967
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220922
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0

15 Console Messages

Source Level URL
Text
javascript error URL: https://levitrares.com/
Message:
Access to font at 'https://hargadepo.com/wp-content/themes/mudra/assets/fonts/fontawesome-webfont.woff2?v=4.7.0' from origin 'https://levitrares.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://hargadepo.com/wp-content/themes/mudra/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://levitrares.com/
Message:
Access to font at 'https://hargadepo.com/wp-content/themes/mudra/assets/fonts/fontawesome-webfont.woff?v=4.7.0' from origin 'https://levitrares.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://hargadepo.com/wp-content/themes/mudra/assets/fonts/fontawesome-webfont.woff?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED
javascript warning
Message:
Scripts may close only the windows that were opened by them.
network error URL: https://nodejs-2e7.pages.devback-button.js/
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: https://levitrares.com/
Message:
Access to font at 'https://hargadepo.com/wp-content/themes/mudra/assets/fonts/fontawesome-webfont.ttf?v=4.7.0' from origin 'https://levitrares.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://hargadepo.com/wp-content/themes/mudra/assets/fonts/fontawesome-webfont.ttf?v=4.7.0
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9887368211019467&output=html&h=280&adk=4188038881&adf=3136344130&pi=t.aa~a.2970055601~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1663848266&rafmt=1&to=qs&pwprc=7179978295&psa=0&format=1200x280&url=https%3A%2F%2Flevitrares.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663848266592&bpp=2&bdt=295&idt=270&shv=r20220919&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=2920670956423&frm=20&pv=1&ga_vid=1001270254.1663848267&ga_sid=1663848267&ga_hid=1842177772&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44771547%2C31062930&oid=2&pvsid=1257828415750013&tmod=909295853&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uqAmZ6bnUi&p=https%3A//levitrares.com&dtd=272
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://calumnylightlyspider.com/72/5b/09/725b09a97d8c22957d89c9d08a8e182b.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://calumnylightlyspider.com/63/53/cd/6353cd5fdad8d14e5a34c65cc3d8a4ca.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEKyyCxRXOXhy4h-T4QwcWAc&google_cver=1&google_push=AZmPxg_mWgj4Y_1D29mTX_JllEqfaW0WD20xrk-P-LR8aLulHmjLMqRXSxbKWpnKkJXqOBnFR28yRMQSrQgtXrR_R-Igg6OxYGIoHQ
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEICgVIMvCLgjT4RirzrTJko&google_cver=1&google_push=AZmPxg97PNAIH_Kmc6Isw7qjpdCsuEkMy7diz-K4O3ikB685Da_h4GW62RE5tL5s-M2fKssHVjBiNIbTnJMbTT8H7hhFpXfNx8O8
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg-Pljd7hd-ohg6WOdND1jlhUhLsCthwma7JnKE6N4PIPyR3LLWhsqihVvKwkIsbVlcoqIUcsfBw0prvjN_iUm0roOqV9Q0&google_gid=CAESEKcbTm-xN4jYsMkqM0Jziiw&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg_xJ7rlEoBvnlgx2Y09SInXpyPECi6_wOaAf7IgTHhEIuDRYKZibg_eHjvfJGlnxEMdAHbnbPMkTQOzHe0CCXYLETWgcQ&google_gid=CAESEHqfl2ZCIOaNNCe1rCaizaQ&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
ads.maskoding.com
adservice.google.com
adservice.google.de
calumnylightlyspider.com
cat.nl.eu.criteo.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
dsum-sec.casalemedia.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
hargadepo.com
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
levitrares.com
new.eduzone.my.id
nodejs-2e7.pages.dev
nodejs-2e7.pages.devback-button.js
odong.eduzone.my.id
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
region1.google-analytics.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
s0.2mdn.net
s10.histats.com
s4.histats.com
secure-gl.imrworldwide.com
ssum-sec.casalemedia.com
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
googlecm.hit.gemius.pl
hargadepo.com
nodejs-2e7.pages.devback-button.js
104.18.18.126
104.18.19.126
142.250.180.194
142.250.180.226
142.250.186.130
178.250.0.139
178.250.2.148
178.250.2.150
185.64.190.78
185.89.211.12
192.243.61.225
198.27.80.143
2001:4860:4802:32::36
2600:9000:223c:9c00:1e:a43d:b640:93a1
2606:4700:3036::6815:6ed
2606:4700:3037::6815:2a37
2606:50c0:8001::153
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:806::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2006
2a00:1450:4001:827::2008
2a00:1450:4001:830::2002
2a00:1450:400d:806::2002
2a00:1450:400d:807::2002
2a00:1450:400d:80c::2003
2a00:1450:400d:80d::2004
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::2
2a06:98c1:3120::c
34.110.138.177
34.132.134.162
34.98.67.61
35.227.252.103
35.244.174.68
46.105.201.240
69.173.144.139
69.192.160.219
021bee2783a45dccd22a9759e028922f7ae855151fb5c3d1273bbb3688b45cde
0356f6ba2e4c71b35fd39f4da510558708554289aec6c1fdfa84b6b62d893442
041394e9d3033e190cc30d305c2fbf1be4a945b7957002fe5d3b6f44236e9f59
049197d27fc218a1fc7185322d281d1f12d8cb637cce49e815600869e12e463a
056c49d5e33c04e80cc64e849f28b2d64398c56a86650788fe73207fa4c6823c
064560e9f5ff492eaf78070a450d2ce0b3cfd1dfd7fc15a46821f11eff53244c
065ea5dc22496e49af5e1eaec97826adeab5bd2efbd69be3c0fff5f6826c675e
06977060c2808a6313afca6971e3bc303630f14be1fd7d643a4690cf6394223e
080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
143e671587e9a08f835f56d1d453b8cc73a9ab1fed982418249bb116696f351e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1f7cefc114dc01ba0aa512a33782150637475395b8afaced5145ecedac353af8
243f06cb1c117c4fb918d7b9358f77a0c13ecf94fafbf946b4bdb2cb79426ed7
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
343e8bb1ac79eaf674b71ae9b5da8696724016649576600cdeaf11b69704ea40
368296fd2cb2f8152ac2b5202158884308fdbdcace7e86711933a34fbb708a07
38d2c0b0a6526e92c3f0882aa52a64d24ac0ed157a8137c3e9a639275016bf5c
3b151e803f727086c0b210990c1558860344ab86f0a1e90486b4146dde63b828
3f941c87661e09d7ed6434be70bfb431599b6023df7e9791bda987bc237d8346
40a107df0695c5f1741f0d7ec22820ed31c440b29c07c111a6aaad7eec3a2558
48fdcad6248cad75d16876289b4543334d70d7aab6c06f79160034568468f813
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa15067b3beb8316c3265954aa08a6104b03551ca27d3b431904d85099ebfe6
4ffda64cfd585c170d72bea783c7da2555b967ef83cf11fd9778845dff6c1f39
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51928336069eb971297269f1409e689b13134f2bb945a96993007832572e9868
547acc9e82421e913029cc4fb4e65cf7273c615813c18e504b4ac7847b00658a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59d21a4d3dfaacbfeb47825dc9bedd3d16bafcd4467953d5603246c43f2a3cbc
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ae54460c3cfbf1d1db453a7d81c9dff847e8022b25a2de7cc2841c1be6598c
62b6a0cfe20489119dce21cdc1773bae523fdda33ab33c8252b1218e868555e0
63bdfbb624c1b385374dfacc9d1d5fb0288b5973165b921c5f8ec84cd8c45f0d
64302b39d1adfd7426ab208c10bdef4197e7e9d12c8cee784f1c163a9e13d0ea
645b7c70edb7cf696c165eda3fda4ab274fcd108ee98e33453992b51003aa972
64d68302274df4ea5a606ea23e107ca5332db9d32f4fe162a31f778d1d7ae5e2
6acea6df0a1d74bd2a31cb35a9dcc3ab90bd819a0f17f0712748ffc16beca71d
6c5275a4b077a916a46da998504304d3c899876abf57e0bf72f677491064c833
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8118a6ea4212c3668430a1af26add843ecd7f0a238ce2014d90909cc66b21093
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
915d8d5fa49f0c72d81b2b9cf140ffb481c6fe715d71ba1bb6a0256abffbad27
918a2cdce9d36ac89c1fab85603f71cb3380d987840b243a9588c1bd1342e23d
925e827348ae2e4c7508420b2e5415ba20ddaaaeac65b03e4e276d08ad9a339c
95ba1b5ada90dda26ddbc4e20cc80aede29d50531d008982a7a3c6eb0bcf46cf
986748e84e5ce360c67ea1f6e3a2c2496b1ae3b21dac37f3e35f9cb9260b9988
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f21f888c15e38433d68956a83c5f0f83aad6ed3768cf03c10402eb06ef206ab
9f7244322cde62e0c8ea58ae2fe60f5bf7509ab5758ef7413206b14478409ac6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a562e74fa9fc556c7d765a6a82f80af5053ea80d0691c27771f773404bfe6f60
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
abd30be61901b78ac94c621f73a65c503fb311622252b1daa9fedcd6144c3fd8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b568549921b3add333905d117b2b843d51ffb5a94ce7b3a8b5c18bd419a1d08c
b67b5db86180d6858963b9441a1dea5a229209f47df32e5b328d885a0e544d1c
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
be2d081c45968c7f97fb9226c95ea48ff7c1305cd24f3e2e3e5523461453b834
beb5f7f4b69b969ee4cbb343872d183bc163b8d5873b124bfb54c21309bc5a7a
c3aecf5dfca5710254345acbe403a28cb606f1d0dd24b8a08a3a6f9fc315505a
c4ccf1b1589ce78f23995a31801ee5ef302dc747faeaced89106cb946af206e1
c50d7d710891ee1e3de4f31cf04a5643fd5ef7c3aa3752022e968223566e29cc
c57ba46b05b773fee460f305427d4c65e72b096d8ac7ce30daf575d8aeeb2afc
c68076ca6b0fd444012ce3a63197141733a2351e2310353b5029a4ddc0f1ef9b
c9752eb218010842a84b880aee5997839757104f3a48f1105873f576276df1f2
cb2b64ab533de175b03687232a0636f1ad3008b0564a4601ffe89c2a8d9c5f82
cb7a6f05cbf4037b79c6977a4ab305c7d6f19fe8791d7b69eb898f9669bd70da
d0eae25fa3f49835f7d880f2e2b226df58c2cc0a3f175a99da8bcb26641cbbb0
d266334740bce57b62fb91a6ffc48f4332dbfac916b9240ea7f33c5850e817f2
d4f24797ac4621646a35e5e688a697b8595cdcb186317372d3bc70c490bd6c73
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
e07ccca148e2c8b285445f95a58538adb00ccb91c9b1ffb373707a84352da6d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
e86b29758a25729f3a27ad3d964c94390129f58f455d80b3191b507bbb1ad76d
e87eb8f1ab22351834096dcb08c6ea4e3312e63f225451f22612c52338733de5
e8d04c3c5a92b571e8b961cbf3a276cf154540095cd023387cd08389c744e4a9
e90ab1d202b08b29f525a912e41f18ea571a14c05bbb7424c682354b1e8c94c0
e9d39c03d322319f16ebe0a5c6edc98d74a1461b2c1f0e9efee61fc73777d9ec
ef005d3366cfbe4b79cbca3cabe824358f847d7707465b14ad86bef744bec66d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1814bc24a551e2d2172a4895c73be9f6a59e599ced4874148b21e9deb173a54
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6f5b9dfe350007ed92b729114b0b7cd837aea56f349cf38248a858eac60cb1b
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f81af49b9e273ea507982f870dabfa439eb2f9845a7f2cacdb473631aa10de18
f89606255135086ba0057a614f1f05ccd84688bf21397f68f4e73894ff0ab694
fbdc7a4ba19f94d7bebb87590985711136b8569429c6fd7e3b0a1ea4ee04a154
fbe6c5a00d4e481648acb875643f6d0d3545a2f50bb3b7bf02e5cf3a05a851c0
fcdeb2f84ea5edd6924dc0592ffc31212b62808cb43c880b952df2752b71c8bb